Third-Party Risk Management
Resume:
MARY AKINTELU
Dallas TX 682-***-**** ********.********@*****.*** www.linkedin.com/in/akintelu
Professional Summary
Highly skilled Third-Party Risk Management Specialist with over 5 years of experience in conducting vendor due diligence, risk assessment, and ensuring regulatory compliance across multiple industries. Proven expertise in evaluating cybersecurity maturity, operational capabilities, and legal adherence for third-party vendors. Skilled in developing risk rating systems, performing continuous monitoring, and implementing contractual safeguards to strengthen organizational security posture. Proficient in collaborating with cross-functional teams and communicating risk management strategies to internal and external stakeholders.
Core Competencies
Third-Party Risk Management & Due Diligence
Risk Rating & Risk Assessment
Cybersecurity & Regulatory Compliance (GDPR, HIPAA, ISO 27001, SOC 1 & 2)
Contractual Safeguards & Vendor Negotiation
Incident Reporting & Management
Cross-Functional Collaboration & Stakeholder Communication
Audit Coordination & KPI/KRI Reporting
Vendor Relationship Management
Risk Assessment Tools (ProcessUnity, OneTrust)
Professional Experience
Technology Risk Specialist Senior
Wells Fargo Bank, Inc., Irving, TX November 2022 - Present
Conduct comprehensive due diligence assessments on potential and existing third-party vendors to evaluate cybersecurity maturity, operational capabilities, and adherence to regulatory requirements such as GDPR, HIPAA, SOC 1 & 2 and ISO 27001.
Develop and maintain a risk rating system to categorize third-party vendors based on identified risk levels, ensuring accurate risk prioritization and resource allocation.
Continuously monitor third-party risk profiles and update risk assessments to reflect changes in vendor performance, ensuring proactive risk mitigation.
Collaborate with legal and procurement teams to incorporate cybersecurity safeguards into vendor contracts, including clauses on encryption standards, access controls, and breach notifications.
Implement and manage processes for identifying, reporting, and managing incidents related to third-party risks, such as data breaches, security incidents, and service disruptions.
Prepare detailed audit reports and risk assessments for senior management and regulatory authorities, showcasing vendor performance and adherence to compliance standards.
Act as the primary liaison between internal and external stakeholders regarding third-party risk management, providing timely updates and addressing risk-related inquiries.
Foster and maintain strong vendor relationships, ensuring mutual understanding of risk management requirements and compliance expectations.
Key Achievements:
Successfully established a third-party risk rating system that improved risk visibility across the organization and reduced incident response times by 20%.
Led a third-party audit initiative that identified and mitigated critical vulnerabilities across high-risk vendors, resulting in a 30% improvement in overall vendor compliance.
Audit and Risk Analyst
Yando Financial Services, Inc., Dallas, TX January 2019 - November 2022
Conducted vendor risk assessments for all third-party vendors, evaluating compliance with cybersecurity standards and recommending remediation steps for identified gaps.
Collaborated with cross-functional teams, including IT, compliance, and procurement, to implement a cohesive approach to third-party risk management and enhance security practices.
Ensured vendor contracts complied with regulatory requirements by working closely with the legal team to include necessary cybersecurity clauses and establish performance expectations.
Assisted in developing and executing incident management protocols for third-party risks, leading to more efficient response and containment of vendor-related security incidents.
Created and maintained a central repository of third-party documentation, including due diligence reports, audit findings, and compliance records, streamlining risk assessment processes.
Key Achievements:
Improved vendor onboarding efficiency by implementing a standardized due diligence framework, reducing assessment time by 25%.
Played a key role in achieving 100% regulatory compliance for third-party engagements in GDPR and ISO 27001 audits.
Vendor/Third-Party Risk Analyst
Riteteem Limited, Lagos, Nigeria October 2016 - December 2017
Managed third-party vendor risk assessments and developed risk mitigation strategies aligned with regulatory frameworks.
Automated risk assessment processes, improving efficiency and accuracy of vendor risk management tasks.
Facilitated vendor security onboarding processes and ensured compliance with internal policies.
Key Achievements:
Improved vendor compliance with security requirements by 30% through rigorous assessment and follow-up processes.
Successfully managed a third-party security incident, reducing the potential impact on business operations by 50%.
Risk and Control Manager
XHS (Xerox) Lagos, Nigeria January 2012 – September 2016
Conducted risk assessments and provided risk management consulting services across various business lines.
Implemented corrective actions to mitigate identified risks, resulting in a 20% decrease in risk exposure.
Led cross-functional projects and programs, ensuring effective risk management practices were in place.
Provided oversight and guidance on annual risk assessments, contributing to a more robust risk management framework.
Coordinated with multiple stakeholders to ensure alignment and effective risk mitigation strategies.
Education
MSc in Accounting Texas A&M University, Corpus Christi
Certifications
Certified Information Systems Auditor (CISA)
Certified Data Privacy Solutions Engineer (CDPSE)
Technical Skills
GRC Tools: ServiceNow, Archer
Risk Assessment Tools & Methodologies
Regulatory Frameworks: NIST, ISO 27001, GDPR, SOX, HIPAA, PCI DSS
Microsoft Office (Excel, PowerPoint, Word)
Data Analytics Tools: Power BI, Tableau
Incident Response Planning & Execution
Audit & Compliance Reporting
Contact this candidate