ADEGBOLA SALAWU, BSC, CISA

TECHNICAL SKILLS Cell:682-***-****) adxzvy@r.postjobfree.com

Software/Hardware: Excel (Pivots, VLOOKUPs Basic) Service Now, Remedy, MS Office, SharePoint, Visio, Access, PowerPoint, Project and Adobe, SAP R/3, MySAP

Operating Systems: Microsoft Windows 95, 98, XP, 2000, 7, UNIX

Database: MS SQL, Oracle

ERP Application: SAP

Methodology: SDLC

Industry Standards/Framework: COBIT, ITIL, COSO, SOX, SSAE18, HIPAA

Audit Tools: ACL, Excel, Access, SQL, Contracts, Pivot Tables, Compliance Management, Juniper, Tableau, Data Management, IDS, SIEM, VMware, Analytics, Data Mining, Relationship Database, Financial Services, Software Troubleshooting, System Analysis, LAN, Project Management Methodology, Cloud Infrastructure, Research, Marketing, Google Suite, Data Analysis, Azure, DevOps, Intune, Program Management.

PROFESSIONAL EXPERIENCE

IPCONNECT CONSULTING INC., Irving, TX Jan 2018 – Present

Sr IT Risk & Compliance Analyst

Perform initial risk assessments and vulnerability assessments to identify, measure and manage third-party risks.

Classify vendor’s inherent risk and recommend remediation for identified risks.

Gather due diligence documentation and complete the risk assessments for assigned third-party relationships in accordance with the third-party risk management policy.

Contribute to GRC programs such as IT General Controls, PCI-DSS, GDPR, and SOX compliance with the NIST Cybersecurity Framework (NIST CSF).

Experience with e-GRC tools to ensure secure and prompt communication of findings and deployments of questionnaires to the vendor and to track vendor progress on remediation.

Review and analyze vendor service profile by utilizing; Service now, Archer GRC, and Standardized Information Gathering (SIG) questionnaires and artifacts during onboarding and periodic assessments.

Assess vendors’ existing controls to determine the level of compliance to the applicable regulations or framework.

Validate all controls at vendor sites to ensure their confidentiality, integrity, availability, privacy, and security of data in their custody.

Interfaces with Business owners, Sourcing, or procurement team, and Legal to determine the applicable obligations, initial and ongoing risks, and recommends mitigation.

Manage timely completion of requests and follow-up with third parties for appropriate documentation e.g., (SOC 2) report and ISO 27001 review and evaluate materials submitted.

Working with the vendors to ensure risk discovered are remediated within reasonable time.

Conduct security risk assessments on third parties and assist in reviewing contract agreements to ensure necessary security controls are in place.

Review the vendor due diligence process by ensuring security and data privacy requirements e.g., HIPAA, GDPR, PCI-DSS are maintained in contractual relationships and continuously monitored.

Compile an initial risk assessment for new and existing third-party suppliers in accordance with third-party risk management procedures regarding assessments and level of risk.

Collaborate with legal and business units to translate risk and legal regulations into system requirements.

Review vendor files for completeness and work with business units to update accordingly.

Assist with planning and execution of IT General controls (ITGC) and Application Control audits to support the Company’s Sarbanes-Oxley (SOX) compliance review.

Review and analyze audit evidence, documented processes, and procedures.

Identify vulnerabilities or weaknesses in systems.

Examine employee compliance with security controls and deficiencies.

Evaluate and review the business continuity planning of the organization to determine adequacy and effectiveness.

Review the adequacies of key systems and application controls – Access control, Data Integrity, and Segregation of duties.

Ensure audit tasks are completed accurately and in a timely manner employing various frameworks such as COBIT, COSO, ITIL.

Monitor key risk indicators (KRI) to report to the businesses on best practices.

Collaborate with QSA to ensure needed compliance evidence was provided to validate compliance.

Ensure third-party relationships adhere to company's policies, procedures and compliance with regulatory guidelines and industry best practices.

UNITED BANK FOR AFRICA (UBA) December 2011 – December 2017

ITIL Service Management Analyst

Participated in SLA reviews and acceptance meetings with the customers and assessed ongoing service demand.

Assisted in the design and process development for tracking customer interaction, including required performance reporting, customer satisfaction, and coordination, points of contact, and identifications of existing SLAs and their status.

Participated in interviews, team meetings, briefings, and enterprise teleconferences required to develop cost models and to receive approval of the models.

Assisted in the design and development of initial billing processes that can be converted into usable data when BMC/Remedy ITSM is fully implemented.

Assisted Service Level Management process owners in accessing data required to complete invoices, complete appropriate invoices, and track required invoices.

Effectively responded to customers’ changing business needs while maximizing value, minimizing incidents, disruption, and re-work.

Responsible for the effective implementation of the process “Service Desk and incident Management” and carries out the respective reporting procedures.

Real-time and continuous follow-up with global support teams for incident resolution.

Managed and coordinated activities during overall ticket life cycle.

Ensured that the Incident record is fully updated prior to Problem Management handover.

Responsible for sending all Incident notifications as per agreed process.

Chair bridge calls for effective coordination, incident resolution, service restoration.

Continuously follow up with support team for relevant notification updates per SLA, and drive resolution.

Followed the global Service Restoration Management Process.

Ensured Incident Timeline Report is created immediately after resolution.

Contribution to ongoing process & operational improvements.

Applied Information Technology Infrastructure Library (ITIL) framework knowledge.

EDUCATION AND CERTIFICATIONS

Bachelor of Science in Banking and Finance, January 2004 – April 2010

Certifications/Training:

Certified Information System Auditor (CISA).

Certified Data Privacy Solutions Engineer (CDPSE).

IT Audit Controls: Access Control, Audit Log & Trail, Change Control, Segregation of Duties, Compensatory Control, Data Integrity Control, Disaster Recovery Control, Data Backup, Data Classification, and Data Retention Policy.

Project Management.

ITIL: IT Service Management, Incident Management, Problem Management, Configuration Management, Change Management, and Release Management

Contact this candidate