It Risk Compliance Analyst

**** **** ***, ***********, **, ***** • **********@*****.*** •

202-***-****

ISHMAEL SHU AGHANIFOR

IT Risk & Compliance Analyst

PROFESSIONAL SUMMARY

Seasoned professional with 4 master's degrees, having 12 years of experience in GRC, IS auditing, and compliance. Proven track

record in enhancing compliance monitoring, risk assessment, and internal audit processes, leading to significant reductions in

operational risks and non-compliance. Expertise in third-party risk management, Compliance Testing & control evaluation with

a consistent history of achieving high compliance rates and audit success.

EMPLOYMENT HISTORY

IT RISK & COMPLIANCE ANALYST Jan 2024 - Present

Prince Goerge County Public Schools (PGCPS) Hyattsville, Maryland

• Provide IT Risk and Compliance support to the school body, resulting in a 40% reduction in security incidents while

serving as the Subject Matter Expert (SME) for the IT Risk and Compliance team.

• Develop and implement IT Risk Assessment processes, management strategies, and methodologies, contributing to a 30%

improvement in risk detection and response time.

• Conduct regular company information security risk assessments, consulting with IT Risk and Compliance team members

to ensure 95% compliance with security standards.

• Mentor IT Risk and Compliance analysts, leading to a 25% increase in team efficiency and 20% improvement in individual

performance metrics.

• Train IT staff in conducting targeted information security risk assessments, improving their risk assessment accuracy by

35%.

• Develop and implement IT risk and security policies, reducing policy-related compliance gaps by 50%.

• Monitor information risks, mitigation, and remediation efforts; report and present risk updates to IT management,

ensuring 80% mitigation of identified risks within target timelines.

GRC ANALYST Jun 2023 - Dec 2023

Excel Mind Cyber Manhattan, Illinois

• Develop and implement a comprehensive risk assessment framework, achieving a 20% reduction in operational risks.

• Enhance compliance monitoring processes, yielding a 15% improvement in regulatory adherence.

• Conduct internal audits to identify and mitigate compliance gaps, leading to a 30% decrease in exposure to fines and

penalties.

IS AUDITING & COMPLIANCE OFFICER Jan 2021 - May 2023

Nemlig.com Copenhagen, Denmark

• Managed risk assessment and ongoing testing of transactional key controls, coupled with IT general controls review,

resulting in a 95% accuracy rate in control identification and documentation.

• Performed assessments of third-party service organization control reports and authored user security review documentation,

ensuring adherence to regulatory standards with a 100% pass rate in compliance audits.

• Evaluated and tested control measures to verify operational efficiency, information reliability, and compliance with

regulations, contributing to a 15% reduction in compliance-related discrepancies during audit periods.

• Executed process risk evaluations and impact analyses for change requests, working with deployment teams to understand

technology specifications, which contributed to a 30% decline in post-deployment issues.

THIRD PARTY RISK & COMPLIANCE Feb 2017 - Dec 2020

SWEDISH BANK Orebro, Sweden

• Guided remediation efforts resulted in a 30% decrease in identified compliance issues during assurance and review processes.

• Contributed to a 20% improvement in the effectiveness of the compliance program by aiding in audit preparations and risk

assessment procedures.

• Conducted thorough process walkthroughs, documenting all essential risk and control assessments, leading to an enhanced

grasp of risk exposure and mitigation tactics.

• Successfully oversaw and finalized third-party certifications and audits, achieving a 100% compliance rate and reducing

audit cycle time by 15%.

IS AUDIT AND RISK CONTROL CONSULTANT Mar 2014 - Jan 2017

Karlstad and Orebro Universities Sweden

• Collaborated with key stakeholders to evaluate the electronic Learning Management System, identifying critical

vulnerabilities and contributing to a 15% decrease in high-risk exposures.

• Led comprehensive analyses to uncover the origins of security breaches, enhancing the design and functionality of control

systems which led to a 20% reduction in control failures.

• Conducted thorough data analysis for program support, creating ad-hoc reports that bolstered decision-making efficiency

and accuracy by 25%.

IT DATA GOVERNANCE ANALYST Jun 2010 - Dec 2014

Prolog Orebro, Sweden

• Conducted comprehensive analysis and synthesized customer data findings to inform strategic decision-making processes.

• Delivered insightful presentations on critical data insights to business stakeholders, facilitating informed decision-making.

• Developed well-founded business cases by examining information governance topics, including relevant laws and

regulations.

EDUCATION

MBA FOCUS ON ACCOUNTING AND CONTROL FOR GLOBAL ENTERPRISES Sep 2016

Dalarna University School of Technology

MSC ECONOMICS AND ECONOMETRIC Nov 2014

Orebro University

MSC IN INFORMATICS (IT) Sep 2012

Orebro University

BACHELOR OF SCIENCE IN ECONOMICS AND MANAGEMENT Oct 2007

University of Buea

COURSES

CERTIFIED IN RISK AND INFORMATION SYSTEMS CONTROL (CRISC)

ISACA

CERTIFIED INFORMATION SYSTEMS AUDITOR (CISA)

ISACA

CERTIFICATE IN HR/PERSONNEL MANAGEMENT AND CUSTOMER CARE

JOBSHOP & Financial Solutions

SKILLS

GRC, Risk Assessment, Compliance Management, IT Auditing, Vulnerability Assessment, Data Analysis, ServiceNow,

Venminder, Black Kite, GDPR, HIPAA, SOX, ISO27001, NIST, PCI-DSS, Project Management, Stakeholder Management.

Contact this candidate