Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Olusola Ramon

Summary

Results-driven professional in risk and compliance, recognized for expertise in technology risk management and control effectiveness. Committed to advancing risk processes and ensuring compliance obligations are met while minimizing operational disruptions.

Overview

11
11
years of professional experience
4
4
Certifications

Work History

Risk and Compliance SME Manager, GRC Systems

Stripe
08.2025 - Current
  • Own and scale Stripe’s GRC System of Record, ensuring authoritative, high-quality data across risks, controls, issues, assessments, and compliance entities.
  • Partner with Audit, Risk, Compliance, and Regulatory SMEs to aggregate compliance and risk management requirements across frameworks.
  • Translate SOX, PCI DSS, SOC 1/2, DORA, and other regulatory requirements into clear system requirements, user journeys, and ideal future-state workflows for GRC platforms.
  • Lead cross-functional programs to evolve GRC systems supporting Audit, Risk, and Compliance workflows.
  • Configure and maintain workflows for risk identification, RCSAs, control design and testing, issue management, and remediation tracking.
  • Partner closely with engineering teams to design, build, and improve GRC system capabilities that enable compliance at scale.
  • Partner with engineering teams to integrate automated signals and continuous control monitoring into GRC systems.
  • Define how control failures, recoveries, and effectiveness are detected, tracked, and reported in the system.
  • Support audit and regulatory readiness through reliable, machine-readable assurance data, and reduced manual evidence collection.
  • Design dashboards and reports that provide leadership with a clear view of risk posture, control effectiveness, and compliance status.
  • Transform manual, periodic GRC processes into continuous, data-driven assessment, and assurance workflows.
  • Act as a trusted advisor on how teams should use GRC tooling to meet risk and compliance obligations.
  • Act as a subject matter expert on how technology risk and compliance requirements are operationalized within GRC systems.
  • Enable automated control monitoring and integrated system signals to detect control failures and recovery.

Program Manager, Technology Risk and Control

Stripe
02.2023 - 07.2025
  • Own and operate Stripe’s technology risk management processes across infrastructure, product, and engineering teams.
  • Lead end-to-end technology risk assessments, including RCSAs, deep-dive assessments, and issue-driven reviews.
  • Maintain the technology risk register with clear risk statements, taxonomy alignment, ownership, and remediation tracking.
  • Design, maintain, and evolve Stripe’s technology control framework across security, reliability, change, access, and data domains.
  • Assess control design and operating effectiveness, including evidence standards, and testing approaches.
  • Drive the remediation of control gaps, and validate restored effectiveness after failures.
  • Manage technology compliance programs across SOX, PCI DSS, SOC 1/2, DORA, and other applicable standards.
  • Translate regulatory and audit requirements into practical, scalable controls that fit Stripe’s engineering-led culture.
  • Ensure compliance requirements are embedded into technology delivery and operations.
  • Produce risk-based reporting for leadership, audit, and compliance stakeholders.
  • Provide a consolidated view of technology risk posture, trends, and emerging risks.
  • Act as a trusted risk partner to infrastructure, product, security, and engineering teams.
  • Balance regulatory expectations with Stripe’s need for speed, scalability, and developer productivity.
  • Influence risk-informed decisions without creating unnecessary friction.
  • Drive improvements to GRC tooling, workflows, and automation (e.g., risk registers, control libraries, monitoring pipelines).
  • Scale risk and compliance processes to support new products, markets, and regulatory regimes.

Manager, Governance, Risk and Compliance

Interac Corp
09.2021 - 02.2023
  • Manage Interac’s enterprise risk management framework and processes.
  • Lead enterprise risk identification and assessment activities, including RCSAs, across business and technology teams.
  • Oversee compliance with applicable regulatory, contractual, and network obligations.
  • Coordinate compliance assessments and ongoing compliance monitoring activities.
  • Assess control design and operating effectiveness.
  • Support the continuous improvement of controls to address emerging risks.
  • Produce risk and compliance reporting for executives, committees, and the board.
  • Provide a consolidated view of risk posture, trends, and key issues.
  • Drive the maturity of GRC processes, tooling, and documentation.
  • Identify opportunities to improve efficiency through automation and standardization.
  • Coordinate risk and compliance activities across internal teams and external participants.
  • Act as a key point of contact for internal and external audits.
  • Coordinate audit evidence, walkthroughs, and responses.
  • Manage audit findings, and ensure timely remediation.

Manager, Enterprise Risk Management

TD Bank Group
03.2021 - 08.2021
  • Lead the enterprise RCSA program across multiple TD entities and business lines.
  • Define RCSA methodology, risk taxonomy, scoring criteria, and documentation standards.
  • Ensure risks are identified, assessed, and rated consistently across TD Insurance, TD Wealth, and other subsidiaries.
  • Aggregate risk information across entities to provide a consolidated enterprise risk view.
  • Identify risk concentrations, inter-entity dependencies, and systemic risk themes.
  • Support enterprise-level risk appetite monitoring and reporting.
  • Prepare enterprise risk reporting for senior management, executive committees, and the Board.
  • Translate entity-level risks into clear, enterprise-level insights and implications.
  • Support risk discussions related to strategic initiatives, acquisitions, and new products.
  • Oversee the tracking and remediation of enterprise risk issues arising from RCSA results.
  • Monitor risk treatment plans, ownership, and timelines across entities.
  • Drive continuous improvement of enterprise risk programs, tools, and processes.
  • Enhance RCSA efficiency, quality, and scalability across the group.
  • Identify opportunities to improve data quality, risk insights, and risk decision-making.
  • Ensure consistent application of enterprise risk policies, standards, and methodologies across all TD entities.
  • Coordinate enterprise risk governance forums and risk committees.
  • Oversee the tracking and remediation of enterprise risk issues arising from RCSA results.
  • Monitor risk treatment plans, ownership, and timelines across entities.
  • Escalate material or systemic risks through appropriate enterprise governance channels.

Fraud Risk Analyst

TD Bank Group
01.2020 - 02.2021
  • Identify and assess fraud risks across banking products, channels, and customer segments.
  • Assess the design and effectiveness of fraud prevention and detection controls.
  • Partner with fraud operations and technology teams to address control gaps.
  • Analyze fraud trends, loss data, and emerging fraud typologies.
  • Track key fraud risk indicators and control performance metrics.
  • Stay current on evolving fraud schemes, digital threats, and industry trends.
  • Contribute to enhancements in fraud risk frameworks, tooling, and analytics.

Manager, Risk and Compliance

Contec Global Infotech
Ilupeju, Lagos
05.2016 - 10.2019
  • Own and evolve the technology risk management framework across engineering, infrastructure, and product teams.
  • Maintain the technology risk register, ensuring accurate risk statements, ratings, ownership, and remediation tracking.
  • Manage technology compliance obligations across frameworks such as SOC 1/2, ISO 27001, PCI DSS, SOX, and emerging regulations.
  • Interpret regulatory and audit requirements, and translate them into practical, scalable technology controls.
  • Ensure compliance requirements are embedded into technology and operational workflows.
  • Produce clear, risk-based reporting for leadership, risk committees, and regulators.
  • Support internal and external audits, acting as the primary point of contact for technology risk and compliance matters.
  • Drive remediation of control gaps, audit findings, and risk issues through to closure.
  • Validate remediation actions, and confirm risk reduction outcomes.
  • Escalate material technology risks and compliance issues to senior leadership, as needed.
  • Partner closely with engineering, infrastructure, product, and security teams, as a trusted risk advisor.
  • Lead improvements to risk tooling, automation, and GRC systems.
  • Scale risk and compliance processes to support growth, new products, and new markets.
  • Lead end-to-end technology risk assessments, including RCSAs, deep-dive assessments, and issue-driven reviews.
  • Promote a strong risk and compliance culture across technology teams.
  • Stay current on emerging technology risks, fintech regulations, and industry best practices.
  • Promote a strong risk and compliance culture across technology teams.
  • Stay current on emerging technology risks, fintech regulations, and industry best practices.

Operational & Information Technology Risk Analyst

Sterling Bank PLC
Marina, Lagos
11.2014 - 04.2016
  • Identify and assess operational and technology risks across systems, products, and business processes.
  • Perform risk assessments, such as RCSAs, deep-dive assessments, and issue-based reviews.
  • Support the design, maintenance, and execution of the technology and operational risk management framework.
  • Apply standardized risk taxonomies and methodologies consistently across teams.
  • Evaluate the design and operating effectiveness of technology and operational controls.
  • Partner with engineering, IT, and business teams to identify control gaps and improvement opportunities.
  • Contribute to improving risk processes, tooling, and automation.
  • Provide guidance on risk ownership, accountability, and risk-informed decision-making.
  • Track risk issues, control failures, and remediation plans through to closure.
  • Validate remediation actions, and confirm risk reduction outcomes.

Education

Graduate Certificate - Data Analytics, Big Data & Predictive Analytics:

Ryerson University
Toronto
04-2021

Bachelor of Science - Economics

University of Lagos
Lagos
11-2011

Skills

  • Regulatory compliance
  • Risk assessment
  • GRC systems management
  • Control design and effectiveness testing
  • Technology risk management
  • Cross-functional collaboration
  • Risk management
  • Process improvement
  • Risk identification and assessment
  • Risk taxonomy and register management
  • Quantitative risk analysis and KRI reporting

Certification

Certified Information Systems Security Professional (CISSP) (In View)

Timeline

Risk and Compliance SME Manager, GRC Systems

Stripe
08.2025 - Current

Program Manager, Technology Risk and Control

Stripe
02.2023 - 07.2025

Manager, Governance, Risk and Compliance

Interac Corp
09.2021 - 02.2023

Manager, Enterprise Risk Management

TD Bank Group
03.2021 - 08.2021

Fraud Risk Analyst

TD Bank Group
01.2020 - 02.2021

Manager, Risk and Compliance

Contec Global Infotech
05.2016 - 10.2019

Operational & Information Technology Risk Analyst

Sterling Bank PLC
11.2014 - 04.2016

Graduate Certificate - Data Analytics, Big Data & Predictive Analytics:

Ryerson University

Bachelor of Science - Economics

University of Lagos

Similar Profiles

  • S KS K

    Senior GRC & PCI DSS Compliance SME at MiGSO-PCUBED (MP)Senior GRC & PCI DSS Compliance SME at MiGSO-PCUBED (MP)

  • Isaac Barfi OpokuIsaac Barfi Opoku

    Lead Governance, Risk & Compliance (GRC) Analyst at The Central Bank of GhanaLead Governance, Risk & Compliance (GRC) Analyst at The Central Bank of Ghana

  • Ankur BhallaAnkur Bhalla

    Managing Director – Risk & Financial Advisory, GRC & IT Compliance Leader at Deloitte & Touche LLPManaging Director – Risk & Financial Advisory, GRC & IT Compliance Leader at Deloitte & Touche LLP

  • AFOLABI FOLAWOLEAFOLABI FOLAWOLE

    Senior GRC Risk/Compliance Analyst at RSM US LLPSenior GRC Risk/Compliance Analyst at RSM US LLP

CREATE PROFILE
Olusola Ramon