Privacy & Security Analyst for Public Sector (NIST/HIPAA)

LANRE OROBIYI, CISA

INFORMATION SECURITY & PRIVACY ANALYST

Privacy & Security Governance NIST HIPAA Risk & Vulnerability Management ************@*****.*** 862-***-****

LinkedIn: linkedin.com/in/lanre-orobiyi-98abbb13b

PROFESSIONAL SUMMARY

Information security and privacy professional with 8+ years of experience supporting data protection, security governance, and risk management in regulated environments. Strong background in risk assessments, vulnerability management support, policy documentation, access control, incident support, and security awareness training, aligned with NIST guidance and HIPAA privacy and security requirements. Proven ability to work autonomously, coordinate with vendors and internal teams, and support mission-driven public service objectives.

CORE SKILLS & KNOWLEDGE

• Information Security & Privacy Controls

• NIST Security Frameworks & SDLC Controls

• Risk & Vulnerability Assessments

• HIPAA Privacy & Security (45 CFR 160 & 164)

• Security Policy & Procedure Documentation

• Access Control & Data Protection

• Incident & Violation Support

• Security Awareness & User Training

• Vendor & Third-Party Coordination

• Technical Writing & Research

PROFESSIONAL EXPERIENCE

Senior Cybersecurity Risk & Compliance Analyst

Diaspocare Inc. — St. Paul, MN

September 2023 – Present

• Perform risk assessments and security reviews to ensure protection of sensitive client and system data.

• Support vulnerability management activities, including tracking findings and remediation actions.

• Assist in safeguarding systems, applications, databases, and transmitted data from unauthorized access or disclosure.

• Document and maintain security and privacy policies, procedures, and controls aligned to NIST and HIPAA requirements.

• Support security incident investigations, including documentation, evidence collection, and corrective action tracking.

• Monitor user access and assist with access modifications to ensure appropriate authorization levels.

• Promote security awareness and compliance through guidance and collaboration with users and stakeholders.

PCI DSS / IT Compliance Analyst

Eretmis Inc. — Bronx, NY

2020 – 2023

• Supported security control testing, risk reviews, and compliance monitoring across systems and applications.

• Assisted with access control management, system security updates, and documentation maintenance.

• Conducted vendor security reviews and coordinated remediation activities.

• Documented security procedures, emergency measures, and audit evidence.

• Worked cross-functionally with IT and compliance teams to address security violations and prevent recurrence.

IT Auditor / Compliance Analyst

Olad Multidynamics Investments Lagos, Nigeria

2012 – 2019

• Conducted IT and security assessments to evaluate risks, controls, and data protection practices.

• Reviewed access controls, system configurations, and security procedures.

• Documented findings, recommendations, and corrective action plans.

• Supported governance initiatives and internal control improvements. EDUCATION

Master of Legal Studies (MLS) – Lagos State University Master of Business Administration (MBA) – Lagos State University Bachelor of Science in Business Administration – Lagos State University CERTIFICATIONS & TRAINING

• NIST-Aligned Security & Risk Management Practices

• HIPAA Privacy & Security (Professional Experience)

• Vulnerability & Risk Assessment Support

• Information Security Policy Development

Contact this candidate