Oracle Security

Adetunji Adejumo

Oracle GRC Consultant

** ********* ******, ********* ** 07111

Cell: 973-***-****, 240-***-****

***********@*****.***

Profile

Ade has over 7 years of IT experience in Oracle Applications security and controls. His focus is providing strategic

direction to mature and optimize the security posture, policies, procedures and processes of enterprises, which will

minimize the organizations security risks and increase the operational efficiency of the enterprises.

Ade's experience is in business and security objectives of Fortune 500 companies, and enhancing the long term

strategic plans in Financial, Retail, Energy, Health care, Government and Manufacturing Industries. Listening to and

understanding enterprise business objectives. He has been a key lead on successful delivery of various GRC

transformation projects using Oracle's GRC product suites (AACG, TCG, CCG and PCG). He is an accomplished,

motivated and versatile I.T professional.

Skills

• Oracle GRC Implementation (AACG, CCG,

TCG, PCG).

• Frameworks and Best Practices (SOX,

COBIT & COSO)

• Risk Assurance and Assessment

• Oracle E-Business 11i and R12

• Application control and Security

• Segregation of Duties detection, Remediation

and Prevention

• Project Management

• RBAC- R12 Function and Data Security – UMX and Role Based Access Control

Professional Experience

Senior Associate

Assurance

September 2012

PricewaterhouseCoopers – McLean, VA

Performed a review of clients rules configured within GRC module (AACG & CCG) in order to determine

i f previous recommendations have been enhanced.

E valuated implementation and configuration of Application Access Controls Governor (AACG) 8.6.3,

Configuration Controls Governor (CCG) 5.5.1 and Transaction Controls Governor (TCG) 8.6.3

Performed security assessments and design in Oracle EBS R12 (RBAC) and AACG 8.6.3

Implementation of Oracle GRC Products Suite (AACG) 8.6.3

Oracle GRC Consultant

December 2008 – August 2012

FORTREX TECH LLC – Frederick, MD

• I was primarily responsible for Implementation of full life cycle and upgrade of Oracle GRC product

Suites (AACG), (TCG), (CCG) and (PCG).

• Designed and developed segregation of Duties (SOD) for various clients in various industries.

• Advised project team on design of various access points while recommending best practices for

requirement gathering.

• Designed standard rule set to meet clients' needs, identified and cleaned up false-positives, inquiry menus

and AZN menus.

• Identified manual, operational and SOX controls for continuous control monitoring by leveraging TCG, CCG

and PCG.

• Interfaced with audit team in designing mitigating control to cover all identified SOD violation to keep the

system SOD free and SOD conflicts mitigated.

Led the full end-to-end delivery of functional Oracle GRC solutions in highly complex environments.

• Helped clients with the remediation process including but not limited to report generation, analysis and clean-

ups.

• Designed test script for User Acceptance Testing (UAT) and facilitated the UAT activities.

• Performed end user training and documenting procedures for all Oracle GRC task process and controls with

post-implementation support.

• Contributed to internal Oracle GRC knowledgebase including the development of training material,

methodology, deliverables and tools

System Administrator

February 2006 to September 2008

FORTREX TECH LLC – Frederick, MD

As a functional System Administrator, was responsible in the functional security administration capacity.

The following activities were performed:

• Create new user, assign Role/Responsibility, Menu, Sub-Menu and function.

• Application Access Control and Security design in EBS 11i and R12.

• Performed remediation of responsibility Issues

• Worked closely with auditors in Access Related Issues, generate reports for both active user and inactive user

for analysis.

• Created responsibility Design Matrix and reviewed with business users for approval, and update the matrix

when needed.

• Worked with process owner to review responsibility for any SOD violation and suggesting best approach

in remediating the issues

• Maintained security and data according to companies Segregation of duties (SOD) rule.

• Participated in end user responsibility testing to ensure there are no access issues, captured and consolidated

all required and approved design changes and configured them in Oracle EBS.

Education

Ladoke Akintola University of Technology 2005

Business Administration

MBA

Ladoke Akintola University of Technology 2003

Computer Science

Bachelors in Technology

Member

Governance, Risk and Compliance Management (GRC)

SME Risk Management

Information Technology Audit and Governance Group

Assurance and Advisory Professionals

Contact this candidate