OLAYINKA OLUDARE, CFE

Email: adzdub@r.postjobfree.com Mobile: 437-***-****

COMPLIANCE SPECIALIST TPRM EXPERT PCI SME

Olay is a PCI DSS Compliance SME and Risk Management expert with over 5 years of experience. She utilizes her practical experience as a PCI expert to assist in designing and executing a compliance program focused on PCI data handling, robust security programs, scope limiting solutions, and develop compensating controls for organizations. Highly skilled in Third Party Vendor Risk Assessment and proficient with GRC Analysis, Vulnerability Management & SOC. Results-driven with notable success in planning, analysis and implementation of security initiatives and has participated as a SME in 3 successful PCI DSS Compliance assessments for version 3.1.2.

AREAS OF EXPERTISE

Technical Skills and Tools

Assessment and Authorization (A&A) NIST 800 Series Plan of Actions and Milestone (POAM) System Security Plan (SSP) System Assessment Report (SAR) Risk Analysis Risk Assessment Risk Control & Mitigation Security Life Cycle Threat Reports Contingency Planning Data Security Developing security plans Implementing security programs Wireshark Nmap Implementing security controls Tenable Nessus Software TPRM SOC PCI DSS Risk Management Framework (RMF) SIEM Monitoring JIRA Vulnerability Assessment Network security Firewall management Encryption Access control and Authentication Log management and Monitoring McAfee AV TrendMicro Deep Security Qualys Guard SonicWall Firewall Browser.

Security Strategy

Risk Assessment

Information Security Policy

Application Security

Vulnerability Management

Policy Review

Compliance Monitoring & Testing

Executive Reporting

GRC Automation Tools: RSA Archer, Zen GRC, MetricStream, ServiceNow GRC, Logic Gate

PROFESSIONAL EXPERIENCE

OLG Snr Compliance Specialist - Information Security & Third-Party Risk Oct 2020 - Present

Performs detailed security inspections of Linux and Windows Server configurations to ensure compliance with PCI DSS requirements.

Lead the development and enhancement of third-party risk management policy standards and supporting procedure to optimize service delivery to the organization while conforming to NIST CSF, SOC 1 / 2 & PCI.

Segment the Cardholder Data Environment (CDE) from the corporate network environment in accordance with PCI DSS guidelines to maintain compliance.

Reduce time to complete audits by performing detailed security inspections on servers and applications to ensure compliance with PCI DSS requirements.

Lead in implementing processes and procedures to satisfy PCI DSS Self-Assessment Questionnaires (SAQs).

Review firewall rules and Catalog task requests to ensure they stay in compliance.

Work with key personnel to significantly lower the audit risk profile and save over $250K on 3rd party auditor fees by developing and implementing a PCI DSS scoping methodology that reduced the PCI Audit scope by 85%.

Ensure consistency and integrity in the environment by managing change management processes for critical business systems.

Int. Games Tech (IGT) Vendor Risk Assessment Specialist March 2018 - Oct 2020

Conducted Risk Assessment on SaaS, IaaS and PaaS vendors, performed control review/validation of their questionnaire responses so as to document and tier their inherent risks accordingly.

Documented key third-party risks identified, escalated control gap findings as necessary, presented reports and made recommendations to key technology and business process stakeholders to promote awareness and determine mitigating control and remediation requirements.

Prepared for third-party assessments, reviewed Prospective Vendor’s security programs and compliance documentation.

Reviewed SOC 2 Type 2 Audit reports to document exceptions and provided expert opinion for Senior Management.

Designed and constantly upgraded vendors questionnaires to ensure all areas of new threat signature discovered are covered.

Reviewed Business Case to understand services that are being provided, determined the scope and depth of the assessment based on the inherent risks of the engagement.

Completed diligent and successful vendor offboarding in conjunction with Legal team, ensuring Business Continuity and no litigation during and after TPRM closure.

Heritage Bank Third Party Risk & Compliance Analyst Aug 2013 - Oct 2017

Monitored and tracked any outstanding risk with third parties and/or internal stakeholders, contributing to Enterprise Risk Register processes.

Identified and recognized appropriate measure to manage and mitigate risks and reduce potential impact on information resource to a level acceptable to the organization.

Identified and report on new and emerging security risk and risk trend including participating in risk remediation solution discussion and recommending updates to policy and standards.

Developed Internal Control and system formulated to ensure that all Compliance requirements are met at a minimum of 89%.

Worked closely with department managers to review all departmental polices for compliance issues, ensuring 89% of compliance at the very least.

Led New Initiative Compliance Engagement (NICE), an arm of the Organization that brings the right stakeholders together to ensure compliance with Enterprise Project Management and Procurement processes and initiatives.

Conducted Risk Assessments within customer systems to quickly assess associated risks, recommend actions and develop plans for remediation.

Enterprise Bank Fraud & Security Analyst Jan 2010 - Aug 2013

• Analyzed data for potential issues and trends and working as SMEs with different stakeholders to continuously create more robust trigger events.

• Monitored compliance program effectiveness and delivered recommendations for improvement.

• Created monitoring and testing programs to ensure the Operators are compliant with the regulatory requirements.

• Prepared reports for all levels of management and external stakeholders as required.

• Performed financial transaction analysis and analytic visuals to identify patterns and transactions that may signify reg flags.

• Prepared and re-assessed required key banking documents and approval processes from time to time.

• Aided in the construction and delivery of compliance plans in collaboration with compliance teams.

EDUCATION

University of Ilorin – B.SC

Purdue University – Post Graduate Degree.

CERTIFICATIONS

Certified Fraud Examiner (CFE)

Contact this candidate