Post Job Free
Sign in

Third-Party Risk Management

Location:
Maryland City, MD
Posted:
April 11, 2025

Contact this candidate

Resume:

VICTORIA OLANREWAJU

(***) *** - **** ***********@*****.***

OBJECTIVE: To secure a senior Third-Party Risk Analyst/Assessor position in the private sector, with a strong understanding of vendor risk management, leveraging extensive private-sector experience to enhance cybersecurity policy management, due diligence, risk mitigation, and compliance strategies in alignment with NIST cybersecurity protocol, standards and best practices to meet the US industry, federal agencies and the broader public, expertise In assessments regulatory compliance for business continuity, detail oriented and analytical.

HIGHLIGHTS OF QUALIFICATIONS:

● Over seven years of experience conducting third-party risk assessments, ensuring vendor compliance with cybersecurity frameworks such as NIST, ISO 27001, GDPR, and FedRAMP, while mitigating threats to organizational security.

● Skilled in developing and implementing governance frameworks to align third-party risk management programs with regulatory requirements and organizational cybersecurity policies. ● Proficient in utilizing GRC tools: ProcessUnity, RSA Archer, MetricStream, Coupa to analyze security risks, monitor vendor performance, and support risk-based decision-making.

● Proven ability to streamline operational workflows, reducing risk exposure and enhancing compliance monitoring, leading to increased operational efficiency and improved security posture.

PROFESSIONAL EXPERIENCE:

CUMMINS

Columbus, IN

Third Party Risk Assessor 02/2024 – 02/2025

Duties and Responsibilities:

● Led third-party due diligence processes to identify and assess risks within vendor control environments, ensuring alignment with organizational security policies and industry regulations. ● Conducted comprehensive risk assessments on third-party vendors and suppliers, evaluating cybersecurity controls, compliance status, and potential vulnerabilities.

● Developed and presented detailed reports and dashboards for senior management, providing actionable insights into vendor risk exposure and recommended mitigation strategies.

● Escalated instances of vendor non-compliance to the Vendor Management Office, collaborating on corrective action plans to address security gaps.

● Continuously monitored vendor performance and risk exposure through periodic reviews, identifying emerging threats and compliance deviations.

● Tracked and managed third-party risk issues, including control gaps, policy exceptions, and mitigation plans, ensuring timely resolution and risk reduction.

CITY NATIONAL BANK

San Diego, California

Third Party Risk Analyst 10/2023 – 01/2024 Duties and Responsibilities:

● Provided advisory and challenge functions to first-line business units, ensuring effective execution of Third-Party Risk Management (TPRM) program requirements.

● Conducted risk analysis to monitor compliance with TPRM policies and industry regulations across all business segments.

● Tracked and managed third-party risk issues, including control gaps, policy exceptions, and mitigation plans, ensuring timely resolution.

● Assisted in researching, developing, and maintaining TPRM policies and standards to align with federal and state regulatory requirements.

● Analyzed and reported on significant third-party risk exposure and concentration risks, providing insights to enhance risk mitigation strategies.

● Monitored and assessed key risk metrics to evaluate the organization's overall third-party risk exposure.

● Designed, prepared, and distributed comprehensive risk reports to stakeholders, supporting informed decision-making.

PROGRESSIVE INSURANCE

Pennsylvania, PA

Vendor Risk Assessor 03/2021 – 09/2022 Duties and Responsibilities:

● Conducted onsite and remote assessments of third-party vendors to evaluate security controls, compliance, and overall risk posture.

● Reviewed vendor security policies, procedures, standards, and guidelines to ensure alignment with regulatory requirements and organizational risk frameworks.

● Contributed to cybersecurity assessment metrics and Governance, Risk, and Compliance (GRC) reporting, providing senior management with data-driven insights to support risk-based decision-making.

● Identified and assessed third-party risks, recommended appropriate controls to mitigate threats, and communicated opportunities for security enhancements to vendors.

● Evaluated and challenged security control designs for third parties utilizing emerging technologies, including cloud computing and big data analytics.

● Developed standardized processes for assessing security controls within cloud environments, ensuring compliance with best practices and regulatory requirements.

● Served as a subject matter expert on third-party cloud security, providing guidance on risk assessments, security frameworks, and mitigation strategies.

EDUCATION

University of Winneba

Bachelor of Science, Economics 2015

University of Lagos

Masters of Science - Information Systems 2025

CERTIFICATIONS AND TRAINING:

Certifications:

CompTIA Security+

AWS Certified Cloud

Google Project Management Certificate ( PMP)

CLEARANCE

Public Clearance



Contact this candidate