Tommy Adeyemi

Washington DC, ***** 240-***-**** adrjiz@r.postjobfree.com

Summary

Highly motivated, reliable, professional, results-driven Third-Party Risk Management Specialist and IT audit with experience in Audit and Control, Risk Assessments. Deep knowledge of Sarbanes-Oxley Act (SOX), Application Control, IT General Controls (ITGC) and SAS70/SSAE18 attestation. Security Control Assessment, knowledge of framework (i.e.) SIG, SSAE 18 (SOC 1, SOC 2), NIST 800-53, NIST 800-37, NIST 800 -137, PCI-DSS and enthusiastic Network Engineer with a thorough knowledge of current network technologies, possessing exceptional network design, optimization, security and troubleshooting skills. Proficient at explaining complicated technical concepts to users of varying degrees of technical understanding. Knowledgeable in an assortment of operating systems and applications.

SUPPORT Technical Skills

Ticketting System (Service Now)

Network administration

Network fundamentals (Routing and switching)

WORK EXPERIENCE

TDBANK JUNE 2019 - Present

SNR. THIRD PARTY RISK ANALYST

Manage due diligence required for onboarding and recertification of risks and on-going monitoring of assigned third- party relationship.

Ensure third party relationship adhere to company's policies and compliant with regulatory guidelines and industry best practices.

Monitor and assisted with exit strategies and contingency plans for third parties.

Facilitate remediation of any third- party related operational issues as needed.

Assesses operational fitness of assigned third parties through due diligence reviews.

Conduct on-site risk assessments based on agreed-upon procedures guidelines.

Act as remediation analyst to work with vendors in remediating findings discovered during the onsite/virtual assessment.

Perform continuous monitoring by assessing tools during onsite visits to validate the security questionnaires filled out by the vendors to ensure the protection of data at the vendor sites.

Carry out various types of vendor assessments such as onsite, virtual, risk assessment. Working with the vendors to ensure risk discovered are remediated within a reasonable time

Administer assessment questionnaires to our vendors.

Perform continuous monitoring by assessing tools during onsite visits to validate the security questionnaires filled out by the vendors to ensure protection of data at the vendor sites.

Provide detailed reports of assessments to business owners and the vendor management Ensure third party relationship adhere to company’s policies, procedures and compliant with regulatory guidelines and industry best practices.

Experience with e-GRC tools such as RSA Archer to ensure secured and prompt communication of findings and deployments of questionnaire to the vendor and to track vendor progress on remediation.

Develops negotiating strategies and positions by studying integration of new venture with company strategies and operations; examining risks and potentials; estimating partners' needs and goals

Citizen Financial Group May 2017 – May,2019

Third Party Risk Assessor

•Review all essential security policies and procedures documentation.

•Provides detailed reports of assessments to business owners and the vendor management office.

•Work as a remediation analyst to ensure all gaps discovered during the assessment are remediated or mitigated timely.

•Plan and conducts security risk assessments for all third-party vendors/suppliers.

•Experience with e-GRC tools such as RSA Archer to ensure secured and prompt communication of findings and deployments of questionnaire to the vendor and to track vendor progress on remediation.

•Conduct in-depth risk-based security assessments of housed, cloud, vendor and third party hosted environment. assessment focus included risk management, physical security, identity & access management, encryption, data loss prevention, secure development, incident management, security infrastructure, and security policy.

•Work with as vendor oversight to ensure adequate tier-in of our vendors based on the level of data they have access to.

•Escalate issues of 3rd party vendor’s non-compliance to the vendor risk management office (VMO)

•Perform continuous monitoring by assessing tools during onsite visits to validate the security questionnaires filled out by the vendors to ensure protection of data at the vendor sites.

•Facilitate remediation for any third parties related operational issues as needed.

•Assesses operational fitness of assigned third parties through due diligence reviews.

•Conduct onsite and virtual risk assessment to continuously determine the control effectiveness.

•Design and constantly upgrading suppliers’ questionnaires to ensure all areas of new threat signatures discovered are covered.

•Ensure third party relationship adhere to company’s policies, procedures and compliant with regulatory guidelines and industry best practices.

•Validate it control implementations, performs risk-based audit, and performs walkthrough on controls.

•Reviewed corrective action plan (cap; validates remediation control and follow-up on the remediation process.

Google Jan 2015 – April 2017

Information Technology Specialist

Performed assessment of IT General Controls (ITGC) such as Access Control, Change Management, IT operations, Disaster recovery and Job Scheduling.

Assisted in IT management in identifying gaps between policy and process, developing recommendations to remediate control weaknesses and responsible for developing and maintaining IT control metrics related to compliance activities. Strong background in all stages of the auditing process, including planning, fieldwork/execution /risk assessment, reporting and follow up

Provide an operational I.T Support structure to ensure that general I.T problems are resolved promptly and efficiently; the operation support includes first level support on users’ workstations, file/print servers, I.T peripherals.

Worked on cellular, Wi-Fi optimization in respect to the LTE strength per DB up the riser.

Assisted in the assembly and installation of 3.8m VSAT system for Velocity.

Installation of structural Telecoms cables.

Install and maintain VSAT, Microwave radio and RF equipment for Notion Space.

Network Troubleshooting with Cloud Cabling Inc.

Performed IT general controls such as access control, change management, IT operations, disaster recovery and platform reviews (Window and UNIX OS)

Plan and carry out preventative maintenance on LAN and WAN site regularly, to reduce equipment failure frequency.

Create and maintain site survey, for network design and documentations, cutting 40% maintenance cost.

Screens potential business deals by analyzing market strategies, deal requirements, potential, and financials; evaluating options; resolving internal priorities; recommending equity investments.

Develops negotiating strategies and positions by studying integration of new venture with company strategies and operations; examining risks and potentials; estimating partners' needs and goals.

Protects organization's value by keeping information confidential.

Assist CEO directly with General IT consultancy.

Maintain company servers, computers, printers, cabling and other equipment.

Participated in all phases of IT Audit – Planning, Fieldwork and Follow up using applicable framework.

Documented control weaknesses related to testing exceptions and assisted in preparing draft audit reports to communicate findings and recommendations to senior management.

Education

Federal University of Technology, Akure, Nigeria, Bachelor of Technology

CERTIFICATION

Scrum Master, 2021

AWS Certified Cloud Practitioner, 2020

CompTIA Network+,2019

CompTIA Security+, 2019

Vonage Certified (VOIP), 2018

Information Technology Library Infrastructure studies (ITIL), 2014

International Project Management Professional (IPMP), 2012

CISA – In - View

Contact this candidate