Maurice Enema
Montreal,Canada
Summary
Governance, Risk, and Compliance (GRC) Analyst with over 10 years of experience in IT security, risk management, regulatory compliance (SOX, PCI DSS, ITGC), and audit support. Proven success in executing IT risk assessments, coordinating mitigation strategies, enhancing security frameworks, and conducting phishing simulations. Expertise in ISO 27001, NIST CSF 2.0, PCI DSS, and business continuity planning. Strong communicator skilled at producing security dashboards, aligning IT initiatives with business objectives, and building a culture of compliance and resilience.
Overview
15
15
years of professional experience
1
1
Certification
Work History
Senior Information Technology Security Analyst
Sherweb
01.2019 - Current
- Maintain organizational security policies, including physical access policies and digital access controls, ensuring alignment with regulatory standards.
- Conduct comprehensive security risk assessments and coordinate mitigation efforts across IT and business projects.
- Monitored and managed incident escalations using SIEM tools (e.g., Sentinel, Splunk) and conduct root cause analysis of security breaches.
- Lead phishing simulations and developed cybersecurity awareness campaigns, increasing security incident reporting by 40%.
- Assist in the development and enforcement of security policies aligned with NIST CSF 2.0 and ISO 27001 standards.
- Provide documentation and audit support during compliance checks, facilitating 100% pass rate on SOX and ISO audits.
- Conduct vendor security assessments and participate in contract negotiations to ensure compliance with security standards.
Cybersecurity Analyst
Teleperformance
04.2018 - 01.2019
- Executed IT risk assessments and supported external and internal audits, achieving a 97% compliance rate.
- Maintained and updated the organization's security risk register, tracking risk mitigation activities.
- Acted as point of contact for resolving physical and information security system malfunctions, tracking issues via ServiceNow.
- Conducted on-site inspections and collaborated with security vendors to implement upgrades to existing alarm and camera systems.
- Developed training materials and conducted awareness programs on physical and cyber safety protocols for staff and visitors.
IT Security Compliance Analyst
Arik Air Ltd., Arik Air Aviation Center
03.2013 - 03.2018
- Led the deployment and management of comprehensive security frameworks within a rapidly expanding fintech company, significantly strengthening the compliance infrastructure.
- Conducted regular evaluations and audits to ensure adherence to security standards, regulations, and best practices, consistently achieving compliance ratings of 95% or higher.
- Played a key role in attaining a 100% compliance rate with newly introduced regulatory mandates, ensuring uninterrupted business operations and enhancing organizational resilience.
- Ensured strict adherence to security frameworks and controls across all departments by fostering a culture of compliance and promptly addressing any deviations. Collaborated effectively with cross-functional teams to resolve compliance issues and implement corrective actions, promoting accountability.
- Provided essential support in addressing inquiries and audits related to security frameworks from internal and external stakeholders, ensuring transparency and compliance with industry standards.
- Assessed IAM procedures and controls to verify compliance with established policies and regulations, identified non-compliance issues, and recommended corrective measures to enhance security posture.
Junior Information System Auditor
Office of the Auditor-General for the Federation, Nigeria (OAuGF)
07.2010 - 06.2011
- Assessed adherence of Ministries, Departments, and Agencies (MDAs) to the Nigerian Constitution, financial regulations, and relevant laws, focusing on information systems and data management practices.
- Evaluated the adequacy and effectiveness of internal controls and governance structures related to information systems within MDAs, ensuring support for operational efficiency and data integrity.
- Identified compliance risks associated with information systems and recommended strategies to mitigate them, safeguarding data breaches and ensuring system reliability.
- Utilized audit findings to enhance transparency and accountability in public sector operations, particularly concerning the management and security of information systems.
- Internship
Education
DEC - Computer Systems Networking and Information Technology Support
Montreal College Information Technology
Bachelor of Science - Computer Science
University of Calabar, Cross-River State. Nigeria
Skills
- Soft Skills: Leadership, Strategy, Coaching, Agile Methodologies, Governance & Data Privacy, Audit Manager
- Programming Languages/Scripts: PowerShell
- Frameworks: COBIT, ISO 27001, NIST, PCI-DSS
- Tools: MS 365 Suite, MS SharePoint Online, Microsoft Intune -MDM, MS Azure, Splunk, Wireshark (Packet analyzer tool), Microsoft Sentinel, Nessus, Archer, ServiceNow
- Risk Assessment & Management (ISO 27005, NIST)
- IT Compliance Audits (SOX, PCI DSS, ITGC)
- Security Framework Implementation (ISO 27001, NIST CSF 20)
- Governance and Security Awareness Training
- Policy Development & Enforcement
- Metrics & Security Dashboards Reporting
- Phishing Simulations & Cybersecurity Awareness
- Vendor Risk Management
- Business Continuity & Disaster Recovery Planning
- Cloud Security Controls (AWS, Azure)
- Intrusion detection
- Endpoint security
- Identity and Access Management
- Risk mitigation
- Data loss prevention
- Incident response
- Vulnerability assessment
- Critical thinking skills
- Regulatory compliance
- Analytical skills
Certification
- ISC2 Certified in Cybersecurity (CC)
- CompTIA Security+
- Certified Information Systems Security Professional (CISSP) in view
- Certified Information Security Manager (CISM) in view
Languages
English
Native or Bilingual
French
Professional Working
Timeline
Senior Information Technology Security Analyst
Sherweb
01.2019 - Current
Cybersecurity Analyst
Teleperformance
04.2018 - 01.2019
IT Security Compliance Analyst
Arik Air Ltd., Arik Air Aviation Center
03.2013 - 03.2018
Junior Information System Auditor
Office of the Auditor-General for the Federation, Nigeria (OAuGF)
07.2010 - 06.2011
DEC - Computer Systems Networking and Information Technology Support
Montreal College Information Technology
Bachelor of Science - Computer Science
University of Calabar, Cross-River State. Nigeria
Similar Profiles
SHUBHAM SWARAJSHUBHAM SWARAJ
M365 Technical Support Specialist at SherWebM365 Technical Support Specialist at SherWeb
ANTHONY VASQUEZANTHONY VASQUEZ
Microsoft 365 Support Engineer at SherwebMicrosoft 365 Support Engineer at Sherweb
Ajay DavisAjay Davis
Azure Support Engineer at SherwebAzure Support Engineer at Sherweb
Aikya BarotAikya Barot
Technical Lead Microsoft 365 at SherwebTechnical Lead Microsoft 365 at Sherweb
Mustapha BachkiriMustapha Bachkiri
Head Assistant Manager at Mr. Puffs (Vieux-Port)Head Assistant Manager at Mr. Puffs (Vieux-Port)