Funke Ernest Omoruyi
Summary
Cybersecurity Advisor with the City of Edmonton, possessing a strong foundation in IT audit, risk management, and compliance. Proven ability to identify and mitigate cybersecurity risks, implement effective controls, and ensure compliance with industry best practices. Adept at analyzing complex situations, developing practical solutions, and communicating effectively with diverse stakeholders. Demonstrated problem-solving and project management skills. Passionate about fostering a culture of security awareness and continuous improvement, with a strong desire to learn and continually grow leadership skills.
Overview
15
15
years of professional experience
1
1
Certification
Work History
Cybersecurity GRCA Advisor
City of Edmonton
07.2023 - Current
- Led the implementation of the Eramba risk management tool, resulting in a 35% reduction in security incidents and a significantly improved cybersecurity risk posture for the City.
- Developed and delivered cybersecurity awareness training programs for city employees, improving overall security posture
- Collaborated with cross-functional teams to assess and mitigate cybersecurity risks, ensuring compliance with industry best practices and regulatory requirements
- Proactively identified and resolved security vulnerabilities, preventing potential data breaches and system disruptions
- Streamlined the incident response process, achieving a 20% reduction in the average time to resolution.
- Contributed to the development and implementation of the City's cybersecurity strategy, aligning with organizational objectives
Senior Analyst, IT Audit & GRC
Helcim
08.2022 - 06.2023
- Planned and executed SOX ITGC Audit program for a Fin-tech firm covering critical systems, processes, people, and tools
- Designed risk-based IT audit plan to support IT Audit reviews covering business risks
- Collaborated with control owners to assess audit evidence efficiency and control effectiveness
- Proactively tested ITGCs, ITACs, and Information Security controls
- Supported Vendor Risk process / Third-party Risk Management and vendor audits
- Executed risk-based audits, evaluated controls and processes
- Conducted audits for 15 existing and 5 new systems, ensuring governance, data application controls, data integrity, and system security, resulting in a 10% reduction in identified vulnerabilities.
- Supported controls catalogue efforts
- Performed IT SOX control assessment
- Enhanced review of key applications, Active Directory, databases, and servers
Senior Consultant, IT Risk & Advisory
Safepro Services Ltd
04.2021 - 05.2021
- Coordinated IT General controls (ITGC) review
- Supported reviews against security frameworks (ISO27001) and internal policies
- Performed risk assessments and gap analysis
- Conducted business impact analysis and information security risk assessment
- Prepared reports for clients and internal audit teams
- Reviewed and updated Information Security Policy
- Scheduled and executed vulnerability management
- Managed IS Risk Management Program (ISRMP) and assessed GRC tools
- Liaised with controls operators to coordinate remediation efforts
- Evaluated cloud security assessment
IT Audit & Risk Analyst
Polaris Bank
05.2016 - 02.2021
- Reviewed internal IT controls (ELC, ITAC, ITGCs)
- Supported SOX ITGC audit
- Established process for evaluating IT infrastructural Assets
- Involved in IT audit planning processes (SOX, ISO 27001, PCI)
- Assessed key IT applications
- Benchmarked security policies and IT policies
- Led audit finding meetings
- Analyzed control environments and developed audit steps
- Executed threat modelling exercise
- Ensured adherence to policies and guidelines.
IT Risk & Compliance Analyst
Polaris Bank
06.2013 - 04.2016
- Designed and implemented control operating system
- Investigated compliance risk issues and regulatory inquiries
- Conducted risk assessment and gap analysis
- Reviewed and updated governance and risk management policies
- Provided recommendations on control deficiencies that led to a 20% reduction in audit findings.
- Developed and maintained controls self-attestation process
- Evaluated business processes and procedures, strengthening controls and reducing risk exposure by 10%, as measured by a decrease in audit findings.
- Managed periodic maturity assessments of vendor IT risk program
Compliance, Audit & Risk Officer
Skye Bank Plc
05.2010 - 05.2013
- Participated in all phases of IT audit (ITGCs)
- Conducted Sarbanes-Oxley (SOX) testing
- Performed risk assessment and gap analysis
- Evaluated controls for PCI DSS and ISO 27001 certification
- Conducted risk assessments and ensured compliance
- Analyzed compliance and risk issues
- Prepared, executed, and reported on NIST SP 800-53 controls audit
- Implemented application certification framework
- Reviewed corrective action plan (CAP)
Education
MBA - Business Administration
Benson Idahosa University
Bachelor of Science - Accounting
Madonna University
Skills
- Threat Detection
- Vulnerability Management
- Incident Response
- Security Awareness Training
- Security Policy Development
- Risk Assessment
- Risk Mitigation
- IT Risk Management
- Vendor Risk Management
- Compliance Risk Management
- Internal Audit
- External Audit
- SOX ITGC Testing
- IT Application Controls (ITAC)
- Control Testing
- Audit Planning and Execution
- ISO 27001
- PCI DSS
- NIST
- COBIT
- Regulatory Compliance
- Project Management
- Communication (Written and Verbal)
- Collaboration and Teamwork
- Conflict Resolution
- Strategic Thinking
- Adaptability and Resilience
- Change Management
- Strategic Planning
Certification
- Certified Information Security Manager (CISM)
- Certified Information System Auditor(CISA)
- CompTIA Security+
- ISC2 Certified in Cybersecurity
- Qualys Policy Compliance Foundation
- Qualys PCI Compliance
- Vulnerability Management, Detection and Response
Timeline
Cybersecurity GRCA Advisor
City of Edmonton
07.2023 - Current
Senior Analyst, IT Audit & GRC
Helcim
08.2022 - 06.2023
Senior Consultant, IT Risk & Advisory
Safepro Services Ltd
04.2021 - 05.2021
IT Audit & Risk Analyst
Polaris Bank
05.2016 - 02.2021
IT Risk & Compliance Analyst
Polaris Bank
06.2013 - 04.2016
Compliance, Audit & Risk Officer
Skye Bank Plc
05.2010 - 05.2013
MBA - Business Administration
Benson Idahosa University
Bachelor of Science - Accounting
Madonna University
Similar Profiles
Juliana CustJuliana Cust
Permanent Part Time Lifeguard at City of EdmontonPermanent Part Time Lifeguard at City of Edmonton
April HopkinsApril Hopkins
Recreation Technician at City of EdmontonRecreation Technician at City of Edmonton
YEMI TAIWOYEMI TAIWO
Janitorial Lead at CITY OF EDMONTONJanitorial Lead at CITY OF EDMONTON
Faizan SiddiquiFaizan Siddiqui
Disclosure Analyst - Information and Privacy Unit at City of EdmontonDisclosure Analyst - Information and Privacy Unit at City of Edmonton
GIRIJA VENKATESANGIRIJA VENKATESAN
Senior Governance Risk Control (GRCA) Advisor at Shell Energy AmericasSenior Governance Risk Control (GRCA) Advisor at Shell Energy Americas