Post Job Free
Sign in

Senior It Compliance Associate

Location:
New York City, NY
Posted:
February 28, 2025

Contact this candidate

Resume:

A

Adetunji

Ajibade

862-***-****

********@*****.***

Irvington, NJ 07111

SUMMARY

An experienced Senior IT Risk & Compliance Associate with 7+ years of expertise in enhancing the company's IT compliance programs. I lead the execution of internal and external assessments for current and emerging regulations and standards such as SOC 1 & 2, ISO27001, PCI-DSS, etc. I collaborate closely with cross-functional teams to assess existing IT policies, procedures, and processes, offering actionable insights on risk areas, mitigation strategies, process enhancements, and control recommendations. SKILLS

Strong knowledge of IT auditing

principles, methodologies, and best

practices

Proficient in assessing IT general

controls, application controls, and data

security

Familiarity with industry standards and

regulations (e.g., ISO 27001, NIST, and

GDPR)

Excellent analytical and problem-

solving skills

Effective communication and

interpersonal abilities facilitate

collaboration with cross-functional

teams

Detail-oriented, with a focus on

delivering accurate and high-quality

audit reports

Up to date with emerging IT trends and

technologies, education

System: Windows Server, PeopleSoft,

NIST SP 800-53 Rev 5, UNIX, Linux,

Network System, Oracle, Audit Board,

Archer, MS Office, SharePoint, JIRA,

Agile, Power BI

Framework: COBIT, SOC 2, SOC 1,

FISMA, FISCAM, COSO, SOX, HIPAA,

HITECH, PCI DSS, GDPR, ITIL, NIST,

FFIEC, IPPE, OCC, PCAOB, Circular 123,

ISO 27001, NIST CSF, NIST RMF,

HITRUST Certifications

SOX testing

COBIT

NIST 800-30, 37, 53

HIPAA

Microsoft Office

EXPERIENCE

Governance, Risk and Compliance (GRC) Associate

Washington, DC, Washington, DC

JayCooper Consulting Inc/ Jan 2020 to Current

2020-01 - Current

Governance, Risk, and Compliance (GRC) Associate

JayCooper Consulting Inc, Washington, D.C.

Demonstrated a strong understanding of various compliance and regulatory areas (e.g., SOX, PCI, FFIEC), as well as the risk register, risk exposure, risk reporting, and handling of risk events.

Assessed risk, identified relevant controls, evaluated/validated controls and compliance with internal policies and procedures, and drafted audit reports. Led comprehensive compliance assessments and audits, ensuring adherence to industry standards and regulations (e.g., SOC 2, ISO 27001, GDPR). Conducted risk assessments, identified vulnerabilities, and recommended mitigation strategies to safeguard the organization against potential threats. Assisted in performing follow-up reviews to verify that necessary corrective actions have been implemented to correct previously identified internal control weaknesses. Prepared audit reports and submitted them to audit management for audit closure. Created and monitored standardized internal processes to ensure processes were consistent with overall operational risk management goals. IT Risk & Compliance Associate

Washington, DC

JayCooper Consulting Inc / Feb 2017 to Jan 2020

2017-02 - 2020-01

IT Risk & Compliance Associate.

Jay Cooper Consulting Inc., Washington, D.C.

Conducted regular internal audits, to assess compliance and identify areas for improvement.

Led the coordination of internal and external audit requests, and assisted with coordinating the team's internal cybersecurity risk assessments with relevant IT teams and business areas.

Liaised with the certified PCI auditor to implement compliance and process improvement requirements on an ongoing basis, ensuring that stakeholder needs were considered in the decision-making process.

Assisted in assembling, developing, and producing regular reports on the past status of the cybersecurity program, with relevant metrics from other IT teams and third-party managed security service providers for applicable committees, councils of the board, the senior leadership team, and other key stakeholders. Coordinated and worked with cybersecurity and assurance service providers in conducting risk, gap, or maturity assessments on behalf of the team. Ensured that management responses were captured, reviewed, approved, and accepted by all key stakeholders.

Followed up on, and regularly reported on, the remediation activities and progress made by applicable IT teams on identified technical vulnerabilities. EDUCATION

Master of Science

University of Ibadan

Nigeria

CERTIFICATIONS

Certified Information Systems Auditor (CISA)



Contact this candidate