Nkechi NSOFOR

Key Accomplishment: Implemented targeted training programs and realistic simulations to bolster cybersecurity preparedness which enhanced employee awareness and response to phishing attacks, leading to a 30% decrease in successful phishing attempts over a six-month period.

• Perform risk assessments and identify vulnerabilities within organization's anti-money laundering systems and processes.
• Collaborate with cross-functional teams to develop and implement security controls and measures to mitigate risks and vulnerabilities.
• Develop and enhance incident reporting framework to proactively identify and report potential money laundering activities, aligning it with regulatory requirements such as FINTRAC and OSFI.
• Assess security of transaction monitoring system to ensure it is protected against unauthorized access
  Lead comprehensive audits of anti-money laundering programs, policies, and procedures to ensure compliance with regulatory requirements and industry standards.
• Established secure communication channels with advanced encryption for Suspicious Activity Reporting (SAR) submissions, ensuring compliance with data protection regulations and minimizing risk of unauthorized access.
• Stay informed about emerging cybersecurity threats, industry trends, and regulatory changes to provide proactive guidance on risk management and incident reporting.
• Spearhead training programs on recognizing and mitigating phishing attacks, resulting in 30% reduction in successful attempts.
• Implement and manage incident response procedures to ensure timely identification, containment, and resolution of security incidents related to money laundering risks.
• 
  

• Led design, development, and implementation of GRC technology solutions for financial services clients, ensuring successful outcomes and alignment with organizational objectives.
• Collaborated closely with business and technology stakeholders to understand requirements and translate them into actionable strategies and roadmaps for implementing GRC solutions.
• Collaborated closely with business and technology stakeholders to understand requirements and translate them into actionable strategies and roadmaps for implementing GRC solutions.
• Provided leadership and guidance to project teams throughout design and implementation process, fostering collaboration and ensuring adherence to project timelines and quality standards.
• Performed allocated daily tasks, deliverables and processes with accuracy and quality.
• Conducted comprehensive risk assessments to identify areas for improvement in existing GRC processes and developed tailored solutions to address identified gaps.
• Developed and maintained documentation related to system design, configurations, and procedures, ensuring clarity and consistency for stakeholders.
• Stayed updated with latest trends and developments in GRC technology, continually proposing innovative solutions to enhance organizational capabilities and meet evolving client needs.
• Actively participated in industry forums, conferences, and knowledge-sharing sessions to stay abreast of emerging best practices and industry standards in GRC.

Key Accomplishment: I led internal audits and assessments where we identified gaps in compliance and recommended remedial actions to address deficiencies which led to a flawless compliance rate with both regulatory requirements and industry standards.

• Conducted risk assessments, vulnerability assessments, and penetration testing to identify security weaknesses and recommend appropriate controls.
• Collaborated with stakeholders to develop and enhance security policies, procedures, and standards to ensure compliance with regulatory requirements and industry best practices.
• Led incident response efforts, investigated security incidents, and implemented measures to prevent future occurrences.
• Conducted internal audits and assessments to evaluate effectiveness of information security controls and recommended remedial actions.
• Provided guidance and support in implementing security controls, including encryption, access controls, intrusion detection systems, and security information and event management (SIEM) solutions