Risk Management Assessment

JUDE EKPOGBE

Richmond, TX ************@*****.***

PROFESSIONAL SUMMARY

Dynamic and results-oriented Governance, Risk, and Compliance (GRC) professional with over 7 years of expertise in aligning regulatory frameworks—including PCI DSS, HIPAA, and NIST—with organizational objectives. Skilled at leading comprehensive audits, designing robust vendor risk management programs, and implementing effective security controls to ensure sustained compliance and resilience against threats. Proven ability to simplify complex regulations into actionable strategies, reduce vulnerabilities, and foster a culture of compliance through targeted training and stakeholder collaboration. Adept at utilizing advance GRC platforms to enhance operational efficiency, ensure audit readiness, and support data-driven decision-making.

Core Competencies

• PCI DSS and HIPAA Compliance • GRC Platforms (Archer, MetricStream, JIRA)

• Regulatory Compliance and Audit

Readiness

• Risk Assessment and Mitigation

Strategies

• Vendor Risk Assessment and

Management

• Policy and Procedure Development

• Cross-functional Team Collaboration • Incident Response and Security Control

• Continuous Monitoring and Risk

Analytics

Professional Experience

GRC Analyst / Vendor Management Specialist

JayTech Digital Solutions

April 2021 - Current

• Led PCI DSS audits, ensuring 100% compliance and minimizing audit findings

• Designed and implemented a Vendor Risk Management Program, improving third-party assessments and reducing onboarding time

• Established continuous monitoring for high-risk vendors, reducing potential vulnerabilities

• Developed regulatory policies that achieved high level internal compliance rate across departments

• Conducted training sessions on compliance standards, reducing organizational incidents

• Collaborated with IT Security teams to enhance encryption protocol and assess controls, and improving security posture.

• Utilized GRC platforms to streamline documentation and reporting Compliance and Risk Specialist

Texas Department of Criminal Justice

January 2017 - April 2021

• Managed IT security controls (firewalls, IDS, vulnerability management tools)

• Resolved compliance issues by updating policies in collaboration with IT and legal terms.

• Conducting periodic audits of third-party vendors, ensuring HIPAA compliance

• Performed risk assessments, identifying and mitigating vulnerabilities through targeted remediation plans

• Delivered training on data protection and breach protocols

• Maintaining documentation of compliance activities, improving audit readiness EDUCATION

Bachelor of Science - International Studies and Diplomacy University of Benin

CERTIFICATIONS

Certified in Risk and Information Systems Control (CRISC) REFERENCES

Available upon request.

Contact this candidate