Summary
Overview
Work History
Education
Skills
Websites
Accomplishments
Languages
Affiliations
Certification
Software
Timeline
Generic

Shola Hassan

Calgary,Canada

Summary

Governance, Risk, and Compliance (GRC) Analyst with over 5 years of experience in cybersecurity risk management, IT compliance, and regulatory alignment across public and private sectors. Demonstrated success in maintaining cyber risk registers, leading threat modeling exercises, and conducting system security assessments aligned with NIST, FIPS, ISO, and GDPR standards. Adept at developing cyber policies, audit response packages, and engaging stakeholders to improve resilience and meet compliance targets. Currently pursuing CISSP certification.

Overview

5
5
years of professional experience
1
1
Certification

Work History

INFORMATION SECURITY ANALYST

TOP GROUP TECHNOLOGIES
01.2025 - Current
  • Documented and managed Risks in accordance with SP 800-30 and SP 800-37 using nine steps to evaluate the threats, vulnerabilities and security controls surrounding the Information System as well as the likelihood of an exploit and the impact it will have to systems operations
  • Built and maintained a cybersecurity risk register aligned with NIST SP 800-30, capturing threats, vulnerabilities, controls, and residual risk.
  • Conducted threat modeling and risk assessments on IT systems, generating Security Assessment Reports (SARs) and recommending risk mitigation strategies.
  • Authored complete ATO documentation sets including SSPs, ISCPs, DRPs, PIAs, and POA&Ms to meet compliance and audit requirements.
  • Mapped security categorizations using FIPS 199 and control selection based on SP 800-60 guidelines.
  • Provided ongoing policy review, internal training, and compliance assurance for security operations and stakeholder communications.

COMMERCIAL MANAGER

BRITISH COUNCIL
02.2021 - 03.2024
  • Conducted risk assessments and compliance reviews to ensure adherence to NIST 800-53, GDPR, and FIPS frameworks. Developed governance policies and managed third-party risk (TPRM) to maintain regulatory compliance. Led internal audits and implemented POAMs to remediate security vulnerabilities and improve risk posture
  • Managed commercial operations, ensuring compliance with regulatory frameworks and internal policies.
  • Led risk assessments, contract governance, and stakeholder engagement to optimize business operations while mitigating risks.
  • Developed and implemented business strategies aligned with regional and global compliance standards.
  • Enhanced compliance processes by streamlining contract governance and aligning with global best practices.
  • Successfully managed the transition to new tax and regulatory frameworks, ensuring business continuity.
  • Improved data-driven decision-making through effective reporting and risk analysis.

Education

Diploma - Cybersecurity

Alberta Educational Centre
Calgary, AB
08-2025

Master of Business Administration - Marketing

University of Nigeria, Nsukka
01.2023

Skills

  • GRC Framework Development
  • Third-Party Risk Management (TPRM)
  • Compliance Auditing
  • Data Privacy & Governance
  • Regulatory Standards (ISO, NIST, GDPR)
  • Cybersecurity Risk Management
  • Business Continuity & Resilience
  • Vendor Security Management
  • Stakeholder Engagement
  • Power BI & GRC Tools
  • Risk mitigation
  • Vulnerability assessment
  • Security awareness training
  • Compliance management
  • Critical thinking skills
  • Regulatory compliance

Websites

Accomplishments

  • Improved compliance and governance efficiency by 35% through embedding the Global Demand Planning framework into country operations, ensuring alignment with global standards and regulatory requirements.
  • Introduced Jira for structured collaboration on change management, reducing delivery risks and ensuring 100% of tasks were completed on schedule.

Languages

English

Affiliations

  • ISC2

Certification

  • Certified in Cybersecurity – ISC2, September 2024
  • PC Pro – TestOut, August 2024
  • IT Fundamentals PRO – TestOut, July 2024

Software

Jira

Power BI

Eramba

Timeline

INFORMATION SECURITY ANALYST

TOP GROUP TECHNOLOGIES
01.2025 - Current

COMMERCIAL MANAGER

BRITISH COUNCIL
02.2021 - 03.2024

Master of Business Administration - Marketing

University of Nigeria, Nsukka

Diploma - Cybersecurity

Alberta Educational Centre

Similar Profiles

  • Cheick Abou TraoreCheick Abou Traore

    Information Security Analyst at Top Group TechnologiesInformation Security Analyst at Top Group Technologies

  • Emeka AmikeEmeka Amike

    Information Security Analyst at African Diaspora Development Institute (ADDI)Information Security Analyst at African Diaspora Development Institute (ADDI)

  • YVON TSAFACKYVON TSAFACK

    Information Security Analyst at Cyber Centurion CorporationInformation Security Analyst at Cyber Centurion Corporation

  • Vamshi YadagiriVamshi Yadagiri

    Information Security Analyst at Wells FargoInformation Security Analyst at Wells Fargo

CREATE PROFILE
Shola Hassan