Charlotte Osoba
Brampton,Ontario
Summary
- Excellent analytical, decision making and time management skills. Mature planning, organizing and delegation skills
- Strong analytical and problem solving skills to identify, analyse and mitigate GRC related risks in existing processes, policies and procedures
- Demonstrable leadership and interpersonal skills with experience in mentoring team members
- Strong experience in developing and managing technical solutions that include
- Polished communication skills including the ability to actively listen to the needs of the business
- Skills in accelerating change
- Strong knowledge and experience in managing complex project plans with interdependencies between many different projects and initiatives
Overview
9
9
years of professional experience
Work History
IT GOVERNANCE, RISK & COMPLIANCE CONSULTANT
City National Bank
07.2021 - Current
- Participated in firm wide and other department projects / initiatives as a GRC representative / subject matter expert to provide GRC guidance and interpretation of rules, regulations, risks, and best practices. Create and implement policies, procedures, training and communication of the new policies and procedures to support these projects
- Participated in the filing and creation of the GRC goals
- Mentored and educated team members on current industry technology and issues
- Ensured that IT computers and supporting infrastructures are validated and qualified according to IT policies, procedures and standards
- Managed at least 1 Vaccines IT risk on behalf of the IT Vaccines Leadership team and represent Vaccines IT in global IT risk category boards
- Managed at least 1 local SOP and represent Vaccines IT in ITMS SOP and IBM programs (incl. Deployment to Vaccines)
- Supported audit and inspections
- Experience in developing implementing, and/or managing large-scale, high profile corporate programs
GOVERNANCE, RISK & COMPLIANCE MANAGER
Liberty Mutual
03.2017 - 07.2021
- Ability to articulate thoughts clearly, plan initiatives, and execute with appropriate urgency
- Experience of GRC (governance, risk, compliance)
- Experienced with methodologies, activities, tools and enablers in a highly regulated industry
- Experienced in business process analysis, project methodology, or systems development life cycle through education or on-the-job experience, required
- Demonstrated a strong understanding of various compliance and regulatory areas (e.g. SOX, PCI, FFIEC) or the risk register, risk exposure, risk reporting and handling of risk events
- Demonstrable analytical capability
- Developed the strategic plan and roadmap to mature the initial implementation of our RSA Archer/GRC application
- Leveraged industry and technical expertise to assist management to address more effectively risks associated with the business
- Assisted management in the assessment of project risks and controls
- Applied the concepts of Enterprise Risk Management to help identify, assess, mitigate and proactively consider emerging risks
IT GOVERNANCE, RISK & COMPLIANCE ANALYST
Global Payments Inc
01.2015 - 06.2017
- Established and communicated priorities across the enterprise that balance the platforms strategic plan with short term goals and ad hoc needs
- Enhanced internal audit functions to further align to company strategy and risk
- Led a team of Archer Analysts responsible for the GRC program
- Coached and collaborated with associates who assist with this work, including providing coaching, feedback and guidance on work performance
- Created and managed access recertification’s and entitlement reviews for user and privileged access
- Understood corporate strategic plans and fundamental business activities of the GPI and its stakeholders. Maintain current knowledge of applicable cyber threats, regulatory and compliance issues related to information security. Based on this knowledge, develop, maintain and oversee an enterprise-wide GRC strategy and framework aligned with the GPI’s business strategy
- Led the IT department’s Business Continuity Planning and the league’s overall Disaster Recovery Program. Work with GPI’s Physical Security to confirm, and continue to revise as necessary the GPI’s overall BC/DR Plan
- Identified and understood management’s controls to be able to assess design adequacy and test operational effectiveness
Education
Bachelor Of Arts - Management Information Systems
DREXEL UNIVERSITY
United States 06.1998
Skills
- SOP Development
- Safety Audit Support
- Business Intelligence
- Leadership Techniques
- Organizational Skills
- Risk Management
- Team building
- Compliance reviews
- Project Oversight
- Reporting Requirements
- Fraud investigation
- Training delivery
- Performance review
- Continuous Improvement
- Investigations skills
- Audit management
- Report Preparation
- Anti-Money Laundering
- Human Resources Support
- Software use
- Auditing processes
- Data Verification
- Sanctions compliance
- Regulatory expertise
- Investigative reporting
- Compliance Monitoring
- Reporting management
- Vulnerability examination
- Industry trend assessments
- Emergency Action Planning
- Policy Enforcement
- Policy analysis
- Violation Reporting
- Policy Development
- Records Management
- Risk Assessment
- Payment Processing
- Process Implementation
Courses & Certifications
Certified Compliance & Ethics Professional (CCEP)
Obtained CCEP certification focused on compliance and ethics from the Society of Corporate Compliance and Ethics (SCCE).
Advanced Risk Management Using GRC Tools
Completed a specialized course on utilizing GRC tools for effective risk management from the Global Risk Community.
CERTIFICATIONS & EDUCATION:
ISACA Cybersecurity Nexus (CSX)
Risk and Information Systems Control (RISC)
Information Security Manager (ISM)
Information Systems Auditor (ISA)
Security+
Auditing and Monitoring Windows Server
Certified Multimedia Design Networks Specialist
State-of-The Art Program – Frame Relay, Fast Packet and ATM & ISDN
TECHNICAL TRAINING:
CISSP Boot Camp
Cyber Security Assessment Management (CSAM)
SANS System Forensics, Investigation & Response Course
eEye Retina REM Administrator CBT Course
SANS Intrusion Detection Course
Accomplishments
Led Compliance Monitoring Program
Pioneered a compliance program overhaul at Liberty Mutual, enhancing regulatory surveillance and improving compliance rates by a quarter.
Overhaul of Training Initiatives
Spearheaded the redesign of compliance training at Global Payments Inc, contributing significantly to a 30% decrease in regulatory infractions.
Key Stakeholder in GRC Implementation
Played a pivotal role in the seamless integration of a new GRC tool at City National Bank, markedly boosting efficiency by 20%.
Impact on Product Portfolio Growth
Instrumental in regulatory risk assessment of new gaming products at Global Payments Inc.
Timeline
IT GOVERNANCE, RISK & COMPLIANCE CONSULTANT
City National Bank
07.2021 - Current
GOVERNANCE, RISK & COMPLIANCE MANAGER
Liberty Mutual
03.2017 - 07.2021
IT GOVERNANCE, RISK & COMPLIANCE ANALYST
Global Payments Inc
01.2015 - 06.2017
Bachelor Of Arts - Management Information Systems
DREXEL UNIVERSITY