Post Job Free
Sign in

Compliance Analyst Risk Management

Location:
Dallas, TX
Posted:
July 11, 2025

Contact this candidate

Resume:

Abayomi Charles Odeniran CISA, CISM, CRISC, CompTIA Sec+

Email- **************@*****.***/ Phone# -+1-469-***-****

PROFESSIONAL PROFILE

Results-driven Governance Risk and Compliance Analyst with expertise in IT Governance, Risk Management, and Compliance . Skilled in conducting in developing and maintaining IT policies, standards, Control farmeworks and procedures from inception for IT operations and Infrastructure, and also Data security . I’m passionate at performing risk assessment, gap analysis and regulatory compliance for frameworks like SOC, SOX, COSO,COBIT, NIST 800-53 and internal GRC objectives. Supporting control implementations. Experienced in overseeing security documentation and ensuring compliance with industry standards and regulations.

Core Competencies

IT Governance & Risk Management

GRC Tools ( e.g, Archer, ServiceNow GRC)

Policy & Procedure Development

Compliance Monitoring & Reporting

COBIT,NIST 800-53, FFIEC,OCC,FDIC

Control Design & Implementation

Risk Assessment & Gap Analysis

Cross functional Collaboration

Quality Documentation & Presentation

WORK EXPERIENCE

Hikima Academy, Frisco TX September 2023 – till date

Senior Governance Risk and Compliance Analyst

Lead the review of attestation audits including SOC 2, ISO27001, and NIST 800-53,COBIT audits.

Facilitate audit engagements and the remediation of findings from different internal and external engagements.

Perform the periodic review and update of baseline configuration documents, policies, and maintain the IT/security risk register.

Lead the performance of large and complex IT audits of critical areas such as software development Life Cycle, Change Management,Security, IT Infrastructure, Third -Party vendors, Disaster Recovery /Business Continuity, Data Protection & Privacy ( GDPR, CCPA)

Performed GRC gap analysis across multiple departments, identifying non-compliance with frameworks such as COBIT and NIST 800-53, and collaborated with stakeholders to develop remediation plans

Conduct ongoing due diligence on new and existing third parties for compliance with operational partners policies and standards.

Facilitate the remediation of vulnerability compliance scans and coordinate rescans to ensure identified vulnerabilities are remediated.

Perform testing of the design and effectivess of controls around access management, change management, business continuity, disaster recovery, asset management, and other service management processes.

Created and Implemented IT policies, control documents and SOPs from implementation to support Data Governance, IT Operations and Infrastructure teams .

Presented GRC findings and Metrics in executive dashboards and audit committee reports, driving action on high-risk issues.

Identified potential risks in the environment and assessing their likelihood and potential impact .

Implemented strategies to reduce potential impact from identied risks .

Provided education and information to process owners, control owners and system owner on risk management strategies .

Maintain risk register,recording all potential risks in a risk register for tracking and reviewing

Risk reporting, delivering timely and accurate reports and metrics on risk management objectives attainment to leadership and relevant stakeholders .

Developed a risk mitigation strategy and established plans to mitigate identified risks and monitoring risks by overseeing identified risks to assess the effectiveness of implemented controls or strategies.

NTT Data (Citibank) August 2022 – August 2023 Information Security Compliance Analyst

Managed application compliance, collaborating with application owners to assess adherence to Information Security directives and ensure proper execution of compliance requirements.

Provided oversight and advisory support within the Cyber Information Security Office’s Global Identity and Access Management (GIAM) controls, assisting with the implementation and management of security controls.

Engaged with application managers to review compliance status, identify gaps, and recommend corrective action plans to mitigate risk and ensure regulatory compliance.

Led Compliance readiness efforts across multiple engagemens to ensure client alignment with FFIEC,OCC,FDIC, GLBA,BSA internal controls, and third-party risk standards .

Maintained Internal Information security policies and compliance checklists, aligned with COBIT and Organizational objectives.

Utilized ServiceNow GRC and Archer to document controls, automate compliance workflows, and track risk indicators

Supported third-party vendor assessments and compliance tracking for regulatory standards (e.g., SOC 2, ISO 27001, PCI DSS).

Collaborated with InfoSec and Legal teams to validate vendor data access controls, encryption methods, and security policies.

Supported third-party risk assessments by reviewing vendor documentation,SLA and compliance evidence also tracking performancemetrics for critical and high risk vendors .

Lead the performance of large and complex IT audits of critical areas such as software development Life Cycle, Change Management,Security, IT Infrastructure, Third -Party vendors, Disaster Recovery /Business Continuity, Data Protection & Privacy ( GDPR, CCPA)

Technova July 2017 – July 2022

Senior Audit Associate

Led and executed comprehensive IT audit programs, ensuring high-quality results and actionable recommendations.

Performed SOX Audit and risk assessment around Sarbanes Oxley controls and testing Compliance around Internal Control over financial reporting (ICFR) if they are well designed and are working effectively .

Defined and executed data analytics procedures to support audit work and ensure continuous risk monitoring.

Designed and executed tests of application and general IT controls as part of integrated audits, covering cybersecurity, change management, data integrity, system operations, and recovery.

Planned and delivered IT audits covering general IT controls, applications, infrastructure, and technologies supporting business processes.

Data Collection and Analysis gathering and assessing data to support the audit process .

Compliance Assessment evaluating the level of compliance to standards within the organization

Audit reporting, creating a report to summarize audit findings and recommend corrective action plan

Followed up on audits to ensure corrective actions plans were implemented.

Evaluated Internal controls assessing the design and effectiveness of the company’s internal controls .

Facilitated Audit staff training and providing ongoing training .

Incoporating risk management into the audit process and communication of audit findings with management for review and action .

I ensured IT systems and controls comply with regulations and meet the organizations objectives .

I make sure policies are reviewed regularly and updated regularly

EDUCATION

Ladoke Akintola University of Science and Technology, NG

oBachelor of Technology

University of Texas, Dallas

AI and Machine learning in CyberSecurity ( In view )

Technical Proficiecies

GRC Tools: Archer, ServiceNow GRC.

Frameworks and Regulatory/Compliance Standards: SOX,GLBA,GDPR, PCI-DSS, COBIT, NIST 800-53, FFIEC, ISO 27001, SOC

Reporting Tools: Tableu, Power BI for visualization reporting

CERTIFICATIONS

Certified Information Systems Auditor (CISA)

Certified Information Security Manager (CISM)

Certified ISO/IEC 27001 Lead Auditor

Certified in Risk and Information Systems Control (CRISC)

CompTIA Sec +

Cybersecurity Foundation -(GSDC) Global Generative AI Cybersecurity and Risk and Compliance

Certified in Information Systems Security Professional ( CISSP) *recent



Contact this candidate