OLUWOLE A. OWOYEMI
Chicago,IL
Summary
Highly motivated and results-oriented Technology Risk Advisor with years of experience specializing in IT audit, risk assessment, and governance, risk, and compliance (GRC) within the professional services industry. Proven track record in applying technical expertise to assess and mitigate IT risks, ensuring regulatory compliance, and enhancing operational efficiency. Expertise in various frameworks including NIST CSF, ISO 27001, and COBIT.
Overview
12
12
years of professional experience
3
3
Certifications
Work History
IT Auditor - Consultant
R & M CONSULTING
7 2022 - 2 2024
- Led and executed IT audits & risk assessment and controls for clients using NIST CSF, ISO 27001, and COBIT frameworks across various industries: manufacturing, financial services, healthcare, and technology, achieving a 100% completion rate
- Performed and recorded all audit aspects, such as planning, testing, documentation, and evaluation, offering suggestions to fix identified issues ensuring 95% accuracy and completeness in work papers
- Conducts IT infrastructure control testing of Servers, Databases, and Network devices, resulting in the identification and resolution of 100% of control weaknesses
- Evaluates SOC I type II and SSAE 18 reports, conducting audits to assess the sufficiency and performance of controls, leading to constructive suggestions for enhancement
- Leads meetings with all levels of management to plan and execute audits projects, enhancing collaboration and ensuring alignment with organizational objectives
- Developed and implemented IT security policies and procedures, including incident response, vulnerability management, and SIEM
- Developed and implemented IT security policies & procedures, including incident response, vulnerability management, and SIEM and risk management frameworks aligned with NIST CSF and ISO 27001
- Project Summaries: Project: Third-Party Risk Management Program Enhancement Problem: Client lacked a structured third-party risk management program, exposing them to significant operational and reputational risks
- Solution: Developed and implemented a comprehensive third-party risk management program, including a risk-based tiering approach, standardized vendor assessment questionnaires, and ongoing monitoring procedures
- Results: Quantitative: Reduced the average time to onboard new vendors by 30%, resulting in faster time-to-market for new products and services
- Qualitative: Enhanced visibility into third-party risks, enabling proactive risk mitigation and improved decision-making.
IT Auditor
EZEK SYSTEMS LLC
12.2019 - 07.2022
- Planned and coordinated Information Technology Audits, ensuring tasks were completed accurately and within established timeframes, achieving a 98% adherence rate to audit schedules and 15% reduction in control weaknesses
- Conducted audits, tests, and implementations of Enterprise Resource Planning Software, resulting in a 20% increase in system efficiency and compliance
- Implemented Section 404 and 302 of SOX Acts, testing controls over Segregation of Duties and Change Management, and providing evidence to support SOX Acts Compliance Program, achieving a 100% compliance rate
- Acted as a core participant in multiple Disaster Recovery and Business Continuity Audits, resulting in a 25% improvement in disaster preparedness and response capabilities
- Tested compliance with company policies and procedures, ensuring conformity to industry standards such as HIPAA and PCI DSS frameworks, resulting in a 95% compliance rate
- Evaluated the effectiveness and adequacy of General Computer controls, identifying areas for improvement and enhancing organizational policies and procedures
- Demonstrated understanding of client environments, assessing the adequacy of application security, configuration, and business process controls, resulting in a 20% increase in overall control effectiveness
- Liaised between in-house managers/IT department and External Financial and Operational Auditors, facilitating effective communication and collaboration
- Project Summaries: Project: ISO 27001 Certification Readiness Assessment Problem: Client wanted to achieve ISO 27001 certification but lacked a clear understanding of the requirements and gaps in their existing controls
- Solution: Conducted a comprehensive ISO 27001 certification readiness assessment, identifying gaps and developing a remediation plan
- Results: Quantitative: Reduced the time and cost required to achieve ISO 27001 certification by 20% Qualitative: Provided the client with a clear roadmap for achieving certification and improved their overall information security management system.
Compliance Officer
UNIK SECURITY & POS, INC
07.2017 - 11.2019
- Acquired knowledge of audit processes and control procedures by actively participating in internal control and business procedure reviews, resulting in a 20% improvement in understanding of audit methodologies
- Reviewed projects to enhance business systems and processes, identified emerging risks, and made recommendations to improve control design and operating effectiveness, resulting in a 15% increase in operational efficiency
- Maintained comprehensive documentation of compliance activities, including complaints and investigation outcomes, ensuring accuracy and completeness of records
- Played a key role in conducting internal investigations, assessing products, and developing risk management strategies to ensure compliance, leading to a 25% reduction in compliance-related incidents.
Regional Account Manager
VOX CARRIER SRL
01.2016 - 07.2017
- Managed Disaster Recovery and Business Continuity planning for mobile technology in collaboration with the Information Technology Department, developing procedures to ensure successful deployment within both internal corporate and external audit standards requirements, resulting in a 30% improvement in disaster preparedness
- Evaluated and tested user administration software tools to facilitate bulk user account management in the Authentication Manager database, streamlining account management processes and reducing manual effort by 40%
- Maintained and documented procedures to ensure security compliance in capacity planning and trend analysis, ensuring optimal utilization of trunk capacity for data and telephony, resulting in a 25% reduction in security vulnerabilities
- Conducted invoice analysis to identify billing errors, discrepancies, and opportunities for savings in telecom usage charges, leading to a 15% reduction in billing errors and a 20% increase in cost savings.
Business Analyst Manager
BANKAI GROUP (BRIDGE VOICE & BROADBAND TELECOMS)
04.2015 - 12.2016
- Developed a comprehensive business plan and strategy to enhance market presence in wholesale, retail, and technology sectors by establishing interconnections with mobile networks and tier 1 carriers within Africa, resulting in a 20% increase in market share
- Assisted in achieving organizational strategic goals by building key customer relationships, identifying business opportunities, negotiating, and closing deals, and maintaining up-to-date knowledge of market conditions, leading to a 25% growth in revenue
- Provided active support and shared leads for the sale of technology products and services, including Bridge2Call, Bill Call, iMax, and IPX, resulting in a 30% increase in sales volume
- Conducted market intelligence activities to analyze current pricing structures, market practices, and competitors, enabling informed decision-making and strategic positioning in the market.
Education
MBA, Business Administration & Management -
Obafemi Awolowo University
Bachelor of Science, Banking & Finance - undefined
University of Ado-Ekiti
Skills
Sarbanes-Oxley (SOX)
External Auditing
Systems Efficiency Evaluation
Database Security
IT Governance
Developing security plans
Adaptability and Flexibility
Intrusion Detection
Incident Response Management
Network Security
Cybersecurity
Continuous Improvement
Information Security
Access Control
Information Governance
Disaster Recovery
Risk Assessment
Security Policies
Identity Management
Security Awareness Training
Internal Controls
Compliance Monitoring
Certification
Certified Information Systems Auditor (CISA), ISACA
Core Competencies
Leading, Communicating, Cooperating, Adjusting, Solving problems, Creating, Managing time, Understanding emotions, Working in teams, Making decisions, Planning strategically, Resolving issues, Managing projects, IT Risk Management, Compliance Management, Data Analysis, SOX, PCI DSS, Change Management, Disaster Recovery, Information Security, Business Continuity Planning, IT Security and Infrastructure, IT Governance, NIST 800-171, 3rd Party Risk Management, General Data Protection, Change Management, Identity & Access Management (IAM), Internal Controls, ISO 27001, Regulation, Accounting Principles, Microsoft Suite
References
Available on request
Timeline
IT Auditor
EZEK SYSTEMS LLC
12.2019 - 07.2022
Compliance Officer
UNIK SECURITY & POS, INC
07.2017 - 11.2019
Regional Account Manager
VOX CARRIER SRL
01.2016 - 07.2017
Business Analyst Manager
BANKAI GROUP (BRIDGE VOICE & BROADBAND TELECOMS)
04.2015 - 12.2016
IT Auditor - Consultant
R & M CONSULTING
7 2022 - 2 2024
MBA, Business Administration & Management -
Obafemi Awolowo University
Bachelor of Science, Banking & Finance - undefined
University of Ado-Ekiti