RESUME *

CANDIDATE: AKINADE-OLABODE, EDWARD DAYO. Tel; +1-346-***-****

Email address: adt75i@r.postjobfree.com

IT AUDIT MANAGEMENT CYBERSECURITY PROJECT MANAGEMENT

Detail-oriented, process-driven strategic IT professional with Banking Industry with over 34 years of experience in, Computer operations, Data Center Services, information technology audit, risk management, cybersecurity, data analysis, and project management. Proven expertise in managing multiple audit engagements across IT domains while utilizing industry frameworks and standards such as NIST, COBIT, CSF, PCI, ISO, COSO, Basel, and SOX. Change manager, recognized for being forward-thinking with a strong ability to conceptualize solutions for a variety of issues of high scope and complexity.

•Skilled in executing risk-focused initiatives with the ability to leverage data analytics, metrics, and other risk indicators to analyze business and technology risks.

•Technical Skills: Proficiency with MS Office Suite (Word, PowerPoint, Excel), TeamMate+, IDEA, ACL, ERP.

CERTIFICATIONS

ISACA: Certified Information System Auditor,

ISACA: Certified Information Security Manager

Certified Information System Security Professional ISC2: CISSP

Information Technology Examination and Risk Management, FDIC

Microsoft Cloud Platform and Infrastructure (MCSE)

Certified Computer Forensic Examiner

EC-Council: Certified Ethical Hacker

EC-Council: Certified Network Defense Architect

Associate Institute of Bankers

Fellow Institute of Bankers

Practice License, Institute of Bankers

SPECIALIZED/TECHNICAL SKILLS

Security Information and Event Management (SIEM) · Computer Forensics · Data Security · Digital Forensics · Information Security Management · Finance · IT Audit · Credit/IT Risk Management · NIST Cybersecurity Framework (CSF), Security Best Practices, Systems Hardening, Systems Monitoring, Vulnerability Assessment, Code/User Guide Writing, Virtual Private Networks, Risk Assessment/Reduction, Data Analysis/Security, Incident Management Project Management · Banking · Auditing · IT Security Operations · IT Network Security · ISO-27001, PCIDSS, SOX, COBIT, Team Leadership · Analytical Skills · Writing

PROFESSIONAL EXPERIENCES

Trainer: 2019 up to date

CISA:

IT frameworks, enterprise risk management, IT service providers, resource management, IT governance & strategy, laws & regulations, standard policies & procedures, performance monitoring, organizational structure, enterprise architecture, quality assurance & management,

Business case analysis, configuration and release management, project governance & management, testing methodology, post implementation review, control identification & design, system migration & data conversion, system development methodology,

Configuration & release management, job scheduling & production process automation, database management, disaster recovery plan, data governance, business impact analysis, end user computing, system performance management,

Public key infrastructure, incident response management, security awareness training, web-based communication techniques, data encryption, identity & access management, network & end-point security, information system attack methods, security testing tools, security monitoring tools, mobile,

CISM:

Establish/ maintain information security policies, establish/maintain an information security strategy, gain ongoing commitment from stakeholders, identify internal and external influences, define, communicate & monitor information security, integrate information security governance, develop business cases, establish, monitor, evaluate key metrics, establish, maintain governance framework.

Manage noncompliance, risk assessment, process for information asset, risks response options, risk management & it processes, information security controls, report of noncompliance, monitoring existing risk.

Information security incidents, incident response plan, integration among irp, drp, bcp, information security it teams, incident escalation processes, review to determine root cause, rto to ensure effectiveness.

CISSP:

U.S privacy law, Payment Card and Data Security Standards, data definition. COBIT, ITIL ISO/IEC 27001 & 27002, principle of due care and due diligence.

Security and Risk Management, security governance, principles,and policies, personnel security and risk management, business continuity planning, laws, regulations, and compliance

Asset Security, protecting security of assets, cryptography and symmetric key algorithms, public key infrastructure and cryptographic application, principle of security model, design, and capability, security vulnerabilities, threats, and countermeasures, physical security requirements.

Secure network architecture and security network components, secure communications and network attacks, identity management and authentications, controlling and monitoring access, security assessment and testing,

Security operation, preventing and responding to incidents, disaster recovery planning, incident and ethics, software development security, malicious code and application attacks.

Director, Information Security Monitoring and enforcement:

Central Bank of Nigeria. Banking Supervision Department. 2016 – 2018

Managed supervisory and regulatory oversight of 24 financial institutions with 36 offshore subsidiaries, and supported the maintenance of secure financial processing applications and IT infrastructure. Partnered with a team of examiners performing business and technology audits of financial institutions, and provided effective solutions to financial institutions leading to improved regulatory compliance and technology risk governance

Ensuring the implementation of Auditor reports and recommendations on information systems and related processes control implementation for compliance with applicable security control frameworks and standards such as COBIT, ISO-27001, PCI, compliance, and ensuring compliance with relevant baseline security requirements.

Appraised performed vulnerability assessments and security control testing of applications and IT infrastructures; analyzed the significance of identified exceptions and prepared escalation reports on severity, exposure, likelihood of compromise, and potential impact.

Prepare regular reports on Auditors visits to banks and their findings for effective corrections

Ensuring that all Auditors finding and recommendation are effected within the time frame.

Maintaining the compendium of Laws, Circulars, Standards, Guidelines and Directives

Regular briefing to the Management of Central Bank of Nigeria on Information security and viability of banks within the system.

Assistant Director, Information Technology Audit, Team Leader and Report writer.

Central Bank of Nigeria – Banking Supervision Department. 2010 – 2015

Managed supervisory and regulatory oversight of 7 financial institutions with 18 offshore subsidiaries, and supported the maintenance of secure financial processing applications and IT infrastructure. Partnered with a team of examiners performing business and technology audits of financial institutions, and provided effective solutions to financial institutions leading to improved regulatory compliance and technology risk governance.

Actively developing IT and cybersecurity audit plans. Oversees the development of annual Audit Risk Assessment (ARA) and strategy. Supervising team of auditors responsible for executing IT audit, IT risk management, and internal control assurance engagements across deposit money banks in Nigeria and their overseas subsidiaries.

Lead the IT audit planning, risk assessment, scoping, and execution of audit and assurance engagements; facilitate the development of Risk and Control Matrixes (RCM) and test procedures relevant to risks and audit objectives.

Manage the execution of multiple audit engagements by team coordinators, including integrated audits, Risk-Based Reviews, infrastructure, cybersecurity audits, and technology implementation reviews.

Identify internal control weaknesses, performed root cause analysis, and provide valuable solutions to enhance the control environment.

Lead third-party vendor risk assessment, analyzing Service Organization Control (SOC) reports and mapping vendor-managed controls to company baseline.

Prepare audit reports and executive summary, effectively disseminating communications, alignment of audit activities and results with internal and external stakeholders.

Provide feedback, coaching, training, and technical guidance to team members on a range of IT domains and best practices while participating in initiatives that help streamline the internal audit process including IT audit automation, RCM development, and Integrated Risk Management Framework.

Assistant Manager, Manager, and Senior Manager Grades:

Central Bank of Nigeria: Bank Examination/Supervision Departments. 2000 – 2009

Managed supervisory and regulatory oversight of 6 financial institutions with 13 offshore subsidiaries, and supported the maintenance of secure financial processing applications and IT infrastructure. Planned and conducted control testing of core financial applications for security, reliability, and accuracy, and completeness, successfully influencing leadership to improve the security posture of core financial applications and IT infrastructure.

Validated the design and operating effectiveness of processes that mitigate technology risk, and enacted change through guiding senior leaders in enhancing compliance with applicable regulatory and industry control frameworks.

Lead the execution of routine examination of banks to assess compliance with regulatory policies, circulars, and guidelines resulting in the achievement of an acceptable compliance level.

Built effective relationships with the management team and facilitated communications and alignment with audit findings.

Drafted reports of audit findings and provided valuable solutions to remediate exceptions and enhance the overall control environment.

Followed up on the implementation of corrective actions in response to audit observations and recommendations.

EDUCATION

Post Graduate Program in Cloud Computing: University of Texas, Austin. May 2023

Master in Business Administration: Ladoke Akintola University of technology. 2007

The Polytechnic Ibadan: Diploma in Banking and Finance 1983

Projects handled, supervised and completed at Time frame:

1.Bankos – Banking Application Software

2.ERP – for Human Resource Activities

3.Project iSight – CAAT (computer assisted audit technology)

4.Project – CAAS (internally developed to integrate and collect data from Banks for analysis)

5.Project IDEA – (interrogated data extraction and Audit)

Referees:

1.Pastor Ezekiel Adeniran: Tel +1-832-***-****

2.Segun Oyeniran: Tel +1-240-***-****

Contact this candidate