HTML/CSS
Oluwakayode Adeusi
Sr. Third Party Risk & Compliance Analyst
Carrollton,TX
Summary
Oluwakayode is an experienced IS/IT Risk and Compliance professional with a solid understanding of risk assessments, risk frameworks, operational risks, and third-party risk lifecycle, including the review of supplier risk assessments and vulnerability. A seasoned collaborator experienced in meeting needs, improving processes, and exceeding requirements in team environments. Diligent worker with strong communication and task prioritization skills. Oluwakayode has been part of the execution of risk management processes and governance in large institutions in the Financial, Retail, Healthcare, and Manufacturing industries and also an experienced IT Auditor, Cloud administrator with an understanding of relevant regulations. Immensely knowledgeable on the new and emerging risk areas, including cloud related risks, encryption and human resource risks.
Overview
7
7
years of professional experience
4
4
years of post-secondary education
3
3
Certifications
5
5
Languages
Work History
Sr. Risk Analyst
Ingram Micro
07.2021 - Current
- Designed, reviewed and updated Information Security policies.
- Implemented systematic risk analysis process within ISO27001 & NIST800-53 frameworks, identifying and assessing potential Information Security risks to organization's assets, data, and systems.
- Balanced requirements for loan-volume growth with quality of underwriting to reduce risk and increase profitability.
- Monitored industry, technological and economic developments to stay current on potential risks.
- Devised risk appropriate due diligence oversight for client's third-party service provider.
- Performed risk assessment for configuration, modification, and integration tasks in support of SAP enhancement and implementation.
- Conducted interviews with key business users to collect information on business processes and user requirements.
- Coordinated with product owners and other risk owners to conduct reviews of new third-parties "Vendors" prior to contract signing "Onboarding" to gain understanding of risks posed by service provider and mitigating controls.
- Improved business direction by prioritizing customers and implementing changes based on collected feedback.
- Analyzed open orders, backlog, and sales data to provide sales team with insights.
- Led team of 10 to review business and technical assessment questionnaires and evidences, document and communicate findings and observations to internal and external stakeholders, track open issues and related remediation execution, identify areas of improvements and communicated recommendations to Senior Management.
- Applied honed problem-solving skills to analyze and resolve issues impacting business operations and goal achievement.
- Utilized GRC tool "RSA Archer" both as central repository for risk and control information on front end and also for CD control testing on back end.
- Drafted reports on company financial metrics to assess successes and account for deficiencies.
- Maintained effective communication channels with internal stakeholders, including procurement, legal, compliance, and executive teams to ensure alignment on risk assessment findings and strategies.
- Produced and filed reports to inform senior management of current activities and progress with investigations.
- Applied honed problem-solving skills to analyze and resolve issues impacting business operations and goal achievement
- Monitored industry, technological and economic developments to stay current on potential risks
Sr. Third Party Risk & Compliance Analyst
Eli Lilly
Indianapolis, IN
11.2019 - 04.2021
- Stayed current with latest changes to applicable regulatory standards and company procedures.
- Led on-site assessment of vendors by providing overall IT risk expertise.
- Managed Third-Party vendor assessment questionnaires (SIG), SOC 2 reports and ISO certifications (SOA).
- Performed review of third-party assessments for conformance to program objectives and risk methodology.
- Trained and mentored analysts on SAS programming, analytics and influential communication
- Created project plans and assisted with monitoring and tracking of cybersecurity solution offerings.
- Reviewed effectiveness of IT controls security controls implemented at vendor's environment to ensure security of client's data such as (Access Controls, Application Security, Cloud Security, Data Security, Network Security).
- Conducted thorough assessment of potential third-party vendors to evaluate their suitability based on factors such as, financial stability, reputation, compliance with industry regulations, and alignment with organization's core values.
- Established and implemented robust risk management framework specifically tailored to safeguarding (PHI) under HIPAA regulations.
- Helped create training programs to handle system-wide issues and maintain compliance.
- Documented noncompliance activities and communicated with senior management on remediation.
- Reviewed audit and monitoring reports related to consumer and client activities.
- Evaluated cybersecurity measures and practices of third-party vendors to assess their ability to protect sensitive data and information from cyber threats.
- Developed improvement and corrective action plans to bring operations in line with requirements.
- Kept informed regarding pending industry changes, trends or best practices.
- Continuously monitored performance of third-party vendors to ensure on-going compliance with agreed upon standards and contractual obligations.
- Enforced compliance with complex state and federal laws, rules and regulations for industry.
- Supported and trained customers on compliance-related issues.
- Worked closely with internal business owners and stakeholders to ensure documentation is up to date throughout third-party lifecycle.
- Developed short-term goals and long-term strategic plans to improve risk control and mitigation
- Worked within Microsoft Excel Spreadsheet software to compile and review information with pivot tables and charts.
- Employed strong program management skills to successfully define and manage ongoing initiatives designed to control operational risks.
Sr. IT Auditor
Truist
Atlanta, GA
10.2018 - 09.2019
- Evaluated client's IT and operational controls for efficiency and effectiveness; provided recommendations on improvement of policies and procedures.
- Executed assigned tasks in conformity with deadlines and budget expectations.
- Operated under Agile and Scrum frameworks to complete releases and well-organized sprints.
- Awarded responsibility of planning, executing and managing all aspects of assigned audit engagements.
- Kept Audit Manager informed of progress, impediments and result of field work. Produces status reports and other Internal Audit correspondence.
- Optimized Sarbanes-Oxley (SOX) compliance procedures, resulting in 20% reduction in audit timelines and resource requirements. Streamlining of processes enhanced efficiency while maintaining high standard of financial reporting.
- Developed and maintained courteous and effective working relationships.
- Assisted in performing ITGC walkthrough as part of IT financial audit support team, including Change Management, Logical Access, Computer Operations, and application controls testing for numerous applications including SAP.
- Demonstrated creativity and resourcefulness through development of innovative solutions.
- Documented testing procedures for developers and future testing use.
- Conducted IT security audits (Network, Operating system, and Databases), including evaluating whether security vulnerabilities are properly identified and mitigated.
- Applied effective time management techniques to meet tight deadlines.
- Worked with business units and external security experts on scope and performance of these reviews.
- Proven ability to learn quickly and adapt to new situations.
- Spearheaded cross-functional teams to assess effectiveness of security controls, ensuring alignment with PCI DSS standards and proactively addressing potential risks to payment card data.
- Passionate about learning and committed to continual improvement.
- Conducted review of key Information Technology controls such as Backups, Data Integrity Testing, Audit Logs, Remote Access Control, Application Level Security and Environmental Controls.
- Identified control gaps in processes, procedures and systems through in-depth research and assessment and suggested methods for improvement.
Azure Administrator
Deltek
12.2016 - 06.2018
- Managed and maintained Azure cloud infrastructure, ensuring high availability and scalability.
- Collected, validated, and distributed information to employees.
- Implemented and optimized Azure virtual networks, subnets, and security groups for efficient resource utilization.
- Entered and maintained departmental records in company database.
- Configured and monitored Azure virtual machines, storage accounts, and backups for data integrity and disaster recovery.
- Networked with industry professionals to exchange best practice knowledge and stay abreast of latest developments.
- Automated Azure deployments using Infrastructure as Code (IaC) tools like Azure Resource Manager (ARM) templates.
- Implemented Azure Active Directory (AAD) for user authentication and access management across Azure services.
- Leveraged bookkeeping software and automated processes to reduce errors.
- Designed and implemented Azure Virtual Networks (VNets) and VPN connections for secure hybrid cloud environments.
- Troubleshot employee concerns and recommended corrective actions to resolve issues.
- Implemented robust cost optimization strategies, resulting in 15% reduction in Azure infrastructure costs. Main reasons was to manage Azure resources efficiently while maintaining performance and scalability.
- Monitored and optimized Azure costs by implementing cost management and resource tagging strategies.
- Implemented Azure security best practices, including network security groups, Azure Security Center, Azure AD privileged identity management.
- Entered and maintained departmental records in company database
Education
Bachelor of Science - Computer Science
Ternopil State National Technical University
Ternopil, Ukraine 01.2011 - 07.2015
Skills
Strategic planning
Excellent Communication Skills
Resilience
Attention To Detail
Project Management
Gap analysis
Email Security
Problem Solving
Security Awareness Training
Note Taking "Tracker"
Team Player
Adaptability
Creativity
Risk identification
Risk mitigation plans
Assessing risks
Additional Information
Regulations & Frameworks:
ISMS (ISO 27001/27002), SSAE16/SSAE18 (SOC), NIST 800-53, PCI-DSS
HIPAA/HITRUST, SOX
Tools:
RSA Archer, ServiceNow, Panorays, BitSight, Process Unity, Jira, KY3P
Operating Systems:
Windows Server, Linux, MacOS
Network Administration:
TCP/IP, DNS, DHCP
Virtualization:
VMware, HYPER-V
Scripting:
POWERSHELL, BASH
Software
MySQL
Microsoft Excel
Microsoft Word
Google Drive
Microsoft Powerpoint
GanttPRO
Certification
CompTIA Security+
Interests
Cooking
Writing
Soccer
Travel
Languages
Video Games
Music
Timeline
Sr. Risk Analyst
Ingram Micro
07.2021 - Current
Sr. Third Party Risk & Compliance Analyst
Eli Lilly
11.2019 - 04.2021
Sr. IT Auditor
Truist
10.2018 - 09.2019
Azure Administrator
Deltek
12.2016 - 06.2018
Bachelor of Science - Computer Science
Ternopil State National Technical University
01.2011 - 07.2015