Summary
Overview
Work History
Education
Skills
Accomplishments
Certification
Languages
Timeline
Yetunde Elu

Yetunde Elu

Capitol Heights,MD

Summary

Experienced Information Security and Compliance Analyst with 5 years of expertise in Exception Request and Risk Assessment, Audits, Vendor Risk Assessment/Third Party Risk Management, GRC, Regulatory Compliance, Incident Response, and Continuous Monitoring. Skilled in utilizing tools for NIST CSF 2.0 compliance. Proficient in vulnerability identification, security measure implementation, and risk mitigation solutions. Demonstrated proficiency in data analysis, strategy development, and cross-functional team collaboration to achieve organizational objectives.

Overview

8
8
years of professional experience
2
2
Certification

Work History

GRC Analyst

Mutual Of Omaha Insurance Company
10.2022 - Current
  • Review regularoty tasks and assist in gathering any breach notification requirements, interact with my team and the legal team to review documents for state annual attestation filing.
  • Documenting the process for the organization policy and standard procedure as a reference and artifact for audit purposes.
  • Manage the Deployment of Standard questionnaires like SIG, CAIQ, etc. to all vendors to determine their controls effectiveness.
  • Assess completed questionnaires and supporting documentation such as SOC1/2 type1/2 Audit reports, ISO 27001 SAP, HIPAA,PCI DSS to validate vendor appropriate implementation of information security controls.
  • Conduct vendors risk assessment on vendors and document findings.
  • Support organization audit process.
  • Conduct meetings with IT team to gather documentation and evidence about their control environment to develop metrics and continuous monitoring of the gap remediation.
  • Collaborated with cross-functional teams to identify opportunities for process improvement and increased efficiency.
  • Enhanced team collaboration by providing clear communication of complex findings through visualizations and reports.

Information Security Analyst

Inspire Security Solution
10.2020 - 10.2022


  • Work with vendors in remediating findings discovered during assessments by collaborating on submitting their ticket for exception request.
  • Identified and documented security risk exceptions, ensuring compliance with organizational policies and regulatory requirements. Collaborated with cross-functional teams to assess risk levels and implement appropriate mitigation strategies.
  • Assisted in the creation and refinement of security policies and procedures to address identified risks and improve overall security posture
  • Ensure third party relationships adhere to the company's policies, procedures and compliant with regulatory guidelines and industry best practices.
  • Escalate issues like unresolved risk findings associated with customer audits and third parties to Senior Management as needed.
  • Perform ongoing monitoring of all vendors post contract negotiation and signing.
  • Collaborate with stakeholders during internal audit, to conduct verification testing of issues in the issue management lifecycle, tracking risk mitigation/remediation efforts.
  • Implement activities in coordination with business stakeholders and in alignment with issue management frameworks and policies
  • Deploy Security Awareness and Training and manage phishing campaign initiatives for employees.
  • Build and maintain solid working relationships with internal stakeholders by understanding business organizational structure and culture.
  • Identify compliance obligations, fulfillment processes and mitigation controls.
  • Reviewed design and operative effectiveness of controls and manage risk register.
  • Create scorecard reports and updates, instrumental in making sound risk-based decisions.
  • Engage with management to resolve identified vulnerabilities, proffering remediation and taking care of false positives.
  • Review and update company policies & standard operational procedures yearly and as needed.
  • Work with technology owners to validate policy compliance profiles Review policy compliance scan results with stake holders.
  • Work with SOC team to schedule various scans and investigate results.


Compliance & Vendor risk Analyst

Walmart
01.2017 - 02.2020
  • Supported in updating and maintenance of policies, procedures, standards, and guidelines in accordance with applicable regulations like ISO 27001, NIST 800-53 Framework Controls and HIPAA, CCPA, GDPR and CIS controls.
  • Conducted internal control assessment to ensure the controls are designed effectively and operating as intended in compliance with applicable laws and regulations such as NIST 800-53, HIPAA etc.
  • Assessed completed questionnaire and supporting documentation to validate vendor appropriate implementation of information security controls.
  • Worked with technology owners Document and review IT security procedures to make sure they follow regulatory standards.
  • Maintained and updated vulnerability and risk management programs.
  • Executed procedures supporting external and internal audits of controls, business processes and documented audit finings for the development of reports and recommendation.
  • Conducted risk assessments regularly to make sure system weaknesses are well documented and mitigating processes are put in place.
  • Created information security documentation and workflows to assist with incident response, audits, and vendor risk management.
  • Supported the management in overseeing security incident handling efforts in response to a detected incident and coordinate with other stakeholders as directed.
  • Facilitated the creation of a comprehensive workflow, security awareness and training for New Hires.
  • Coordinated, supported, and maintained activities for Vendor Risk Assessment (VRA) Repository and related support tools.
  • Assessed Vendor Risk Profile to determine CIA rating
  • Conducted reassessment of Vendors and prepare VRA Report
  • Administered SIG questionnaire to all vendors to determine the effectiveness of their controls
  • Facilitated security and privacy awareness and training.

Education

Bachelor’s Business Administration -

Ekiti State University

Master’s in progress -

Western Govern University
04-2027

Skills

  • Microsoft Office proficiency
  • Problem-solving proficiency
  • Security documentation assessment
  • Effective multi-tasking in collaborative environments
  • Strong interpersonal communication
  • Vendor Risk/ Third Party Security Risk Management
  • Regulatory compliance expertise

Accomplishments

  • Collaborated with team of 3 in the development of SOC 2 review template for audit reference purpose

Certification

  • CompTIA Security+ certified
  • Certified Information Systems Auditor (CISA)
  • CISA
  • Sec+

Languages

English
Full Professional

Timeline

GRC Analyst - Mutual Of Omaha Insurance Company
10.2022 - Current
Information Security Analyst - Inspire Security Solution
10.2020 - 10.2022
Compliance & Vendor risk Analyst - Walmart
01.2017 - 02.2020
Ekiti State University - Bachelor’s Business Administration,
Western Govern University - Master’s in progress,

Similar Profiles

  • Lesley Pierson

    Lesley PiersonLesley Pierson

    Medicare Claims Specialist at Mutual Of Omaha Insurance CompanyMedicare Claims Specialist at Mutual Of Omaha Insurance Company

  • Keaton Dyche

    Keaton DycheKeaton Dyche

    Business Analyst I/II at Mutual Of Omaha Insurance CompanyBusiness Analyst I/II at Mutual Of Omaha Insurance Company

  • Cheryl Rushing

    Cheryl RushingCheryl Rushing

    Customer Care Analyst II at Mutual Of Omaha Insurance CompanyCustomer Care Analyst II at Mutual Of Omaha Insurance Company

  • Datetchana Lucas

    Datetchana LucasDatetchana Lucas

    Student Nurse Extern at Medstar Southern Maryland HospitalStudent Nurse Extern at Medstar Southern Maryland Hospital

  • Brandon McCoy

    Brandon McCoyBrandon McCoy

    Regional Customer Service Account Executive at YelpRegional Customer Service Account Executive at Yelp

CREATE PROFILE
Yetunde Elu