Saburi Akande
Glen Burnie,MD
Summary
Certified Information Security and Risk Management professional (CRISC, CISM, CISA) with years of experience carrying out Information Systems Audit, Security Risk Assessment, and Risk Management in order to ensure vulnerabilities and potential risks are identified and appropriately managed, hence reducing the likelihood and impact of threats to within risk appetite. Professional dedicated to protecting organizational assets by ensuring adequacy of internal controls and regulatory compliance.
Overview
21
21
years of professional experience
Work History
Sr. IT Security Risk Analyst
Children’s National Hospital
, MD
12.2018 - Current
- Responsible for developing and managing Information Security Risk Management Program.
- Developed and implemented plan to create risk averse culture where risk management is integrated in business processes, and management is well informed to make risk aware business decisions.
- Plan and execute various security risk assessments, ensuring identified risks are effectively and efficiently managed.
- Risk analysis and Business Impact Analysis.
- Coordinate and facilitate monthly risk management committee meeting.
- Update management on risk management efforts and enterprise IT risk profile on periodic basis.
- Develop, review and revise information security policies.
- Third party vendor risk management, review and analysis of attestation reports such as HITRUST, ISO Certification & SOC 2 reports.
- Monitoring to identify variations in key risk & control indicators.
- Manage risk register.
- Collaborated with stakeholders to define project objectives and criteria.
- Performed gap analysis to identify areas of improvement.
- Interacted with internal customers to understand business needs and translate into requirements and project scope.
- Applied honed problem-solving skills to analyze and resolve issues impacting business operations and goal achievement.
- Conducted interviews with key business users to collect information on business processes and user requirements.
- Executed analysis of risks and identified risk mitigation strategies.
- Monitored industry, technological and economic developments to stay current on potential risks.
Sr. IT Audit & Risk Analyst
Adventist HealthCare, Hospitals
, MD
05.2017 - 11.2018
- Developed and managed IT Audit and risk management program.
- Ensured vulnerabilities and risks were proactively identified and managed on continuous basis.
- Identified variations in risk and control posture by monitoring key risk and key control indicators
- Documented risk treatment decisions and monitored implementation of agreed action plans.
- Developed, reviewed and revised information security policies.
- Managed IT Audit program, HIPAA, ITGC Audit; planning, fieldwork (walk through and detail testing) and reporting.
- Point of contact for external auditors regarding IS Risk and Audit projects.
- Periodically scanned network and systems for vulnerabilities, with aid of auditing tools such as Nessus scanner.
- Implemented Capacity Maturity model and Balanced Score cards to assist in evaluating maturity of processes, and effectiveness of IT projects.
- Supported enterprise-wide security awareness program.
- Reviewed third party attestation documents including SOC 2 reports.
- Facilitated control self-assessments and assisted with Payment Card Industry (PCI) compliance assessment.
- Consulted on IT projects, such as Workday acquisition and implementation.
- Prepared detailed reports of information security risk and audit findings.
IT Security Auditor
CareTech Solutions, Adventist HealthCare
, MD
02.2016 - 04.2017
- Managed Information Technology Audits and Security Risk Assessments.
- Made recommendations to mitigate identified risks and ensured compliance through monitoring.
- Performed walk-through and detail testing of IT general controls, as well as around HIPAA Security and Privacy rules.
- Responsible for developing, writing and reviewing security policies.
- Evaluated maturity of processes and made recommendations for improvement.
- Reviewed network diagram, identified points of entry and potential vulnerabilities such as single point of failures, or absence of IPS/IDS
- Reviewed SOC 2 reports, as well as policies, procedures, and training modules for completeness
- Scanned network with aid of auditing tools for vulnerabilities
- Assisted with PCI Audit and data security evaluation.
- Prepared detailed reports of audit findings.
Business Advisory Associate
Grant Thornton LLP
Fort Lauderdale
11.2015 - 02.2016
- Evaluated IT control design and operating effectiveness based on engagement scope, and client environment risk factors.
- Collaborated with colleagues across Advisory Business Lines (ABLs) and with other Grant Thornton Service Lines (e.g., Audit Services and Tax Services).
- Managed client engagements from start to completion, with focus on IT risk management.
- Participated in business development activities and proposal development, as required.
IT Auditor
Midas Edge LLC
, Maryland
09.2010 - 10.2015
- Performed and documented audit activities in accordance with professional standards based on frameworks such as NIST, COBIT, ITGC, PCI, HIPAA and SOX
- Conducted IT audit fieldwork; walkthrough and detailed testing of controls
- Assisted management in identifying gaps between controls and processes, made recommendations to bridge gaps as well as to treat identified control weaknesses based on risk appetite
- Facilitated control self-assessments
- Accurately documented and prepared detailed reports of audit findings.
Manager
Bank PHB
Lagos, NG
05.2003 - 09.2008
- .esponsible for daily running of branch operations, ensured compliance with policies and procedures, as well as regulatory requirements.
- Trained and evaluated staff performance in accordance with company standards.
- Provided exceptional service delivery, ensured queries and complaints were responded to timely and effectively.
- Accomplished multiple tasks within established timeframes
- Maintained professional, organized, and safe environment for employees and patrons
- Cross-trained existing employees to maximize team agility and performance
- Onboarded new employees with training and new hire documentation
- Developed and implemented business strategies to achieve business goals and stay competitive
- Evaluated employee performance and conveyed constructive feedback to improve skills.
Education
Master of Arts -
London Metropolitan University
London, UK10.2009
Bachelor of Science - Marketing Management
The Polytechnic Ibadan
Nigeria2002
Skills
- Risk management
- Third-Party risk management
- Vulnerability management
- Policy development
- Security infrastructure architecture
- Compliance
- Exception management
- Training and awareness
Timeline
Sr. IT Security Risk Analyst
Children’s National Hospital
12.2018 - Current
Sr. IT Audit & Risk Analyst
Adventist HealthCare, Hospitals
05.2017 - 11.2018
IT Security Auditor
CareTech Solutions, Adventist HealthCare
02.2016 - 04.2017
Business Advisory Associate
Grant Thornton LLP
11.2015 - 02.2016
IT Auditor
Midas Edge LLC
09.2010 - 10.2015
Manager
Bank PHB
05.2003 - 09.2008
Master of Arts -
London Metropolitan University
Bachelor of Science - Marketing Management
The Polytechnic Ibadan
Similar Profiles
Lori BlairLori Blair
Nurse Manager, Central Nursing Resources at Children’s National HospitalNurse Manager, Central Nursing Resources at Children’s National Hospital
Tiara RouthTiara Routh
Communications Specialist – Welcome Desk at Children’s National HospitalCommunications Specialist – Welcome Desk at Children’s National Hospital
Massey QuiggleMassey Quiggle
Registered Nurse at Children’s National HospitalRegistered Nurse at Children’s National Hospital
Kaitlynn Wagner, M.S., CCC-SLPKaitlynn Wagner, M.S., CCC-SLP
Speech Language Pathologist at Children’s National HospitalSpeech Language Pathologist at Children’s National Hospital
Kyleen PlumleyKyleen Plumley
Front Desk Medical Receptionist at Endocentre Of BaltimoreFront Desk Medical Receptionist at Endocentre Of Baltimore