Summary
Overview
Work History
Education
Skills
Timeline
Generic

TOLU OYEBANJI

Regina,CA

Summary

Experienced GRC professional with 6+ years in regulatory enforcement, audit conduct, and risk assessment. Proficient in creating policies to mitigate risks and maintain compliance using analytical skills and technology for improved operational efficiency.

Overview

12
12
years of professional experience

Work History

GRC Analyst- Intern

Techni Rise Consulting
01.2024 - Current
  • As a highly adaptable GRC Analyst, handled multiple responsibilities simultaneously
  • Performs routine security audits and risk assessments to detect potential vulnerabilities
  • Writes high-quality reports for business and technical stakeholders
  • Communicate identified risks to key stakeholders to initiate and drive risk remediation
  • Develop and implement security policies with cybersecurity and Information Services teams
  • Perform onsite security assessments on third-party service providers
  • Perform network vulnerability scans and security assessments
  • Investigate and respond to security incidents and work to prevent future incidents from occurring
  • Perform information security reviews risk and privacy assessments on existing technologies and projects
  • Assist in reviewing and improving internal and external security processes
  • Participate in the development and implementation of the Cyber Security Awareness program
  • Leads employers in creating, executing, and improving security awareness through expert consultation
  • Delivers cybersecurity seminars, workshops, and training to all staff members
  • Research and stay current on the latest security threats and trends and implement appropriate countermeasures
  • Showed strong commitment towards enhancing enterprise-wide governance, risk management, and compliance as a GRC Analyst
  • Enhanced interdepartmental cooperation through advanced communication skills in the role of GRC Analyst
  • Analyzed, identified, and improved inefficiencies in Business Processes within the GRC scope
  • Implemented ISO 9001 standards to improve GRC processes, resulting in enhanced efficiency and compliance
  • Expertise in conducting comprehensive ISO Audits to enhance operational efficiency and mitigate business risks
  • Coordinated and executed comprehensive internal audits, providing in-depth analysis and recommendations for GRC improvement
  • Managed compliance with industry standards and regulations, contributing significantly to the development of robust GRC protocols
  • Managed and maintained Quality Documentation for GRC policies, procedures, standards, and guidelines promoting compliance with regulatory requirements.

Health and Safety Consultant

Saskatchewan Workers' Compensation Board (WCB)
12.2019 - 12.2023
  • Demonstrates expert leadership with external stakeholders and Prevention staff to provide coaching and mentorship on all health, safety and industrial hygiene department activities and serves as a master trainer for specific core Prevention Department programs such as the WorkSafe foundational pillars, investigations, hazard assessments, psychological health and safety and work disability prevention
  • Provides expert consultation and facilitation skills to lead employers in the development, implementation, measurement and enhancement of safety management systems
  • Leads and conducts Safety Management System Audits (SMSAs)
  • Completes the report and provides recommendations for implementation and enhancement to employers existing safety management systems and processes through collaborative consulting
  • Provides expert advice to employers on implementing and sustaining all safety management system elements for their industry
  • Support and consult with employers on serious injury investigations, hazard assessments and corrective action plans
  • Demonstrate and coach employers on SMS improvement and implementation
  • Collaborate with employers to develop metrics and milestones to track the implementation and success of their safety programs
  • Supports WCB's third-party training certification process by conducting on-site course evaluations of third-party training providers to ensure specific, documented quality requirements are met
  • Report back to QAQC any challenges for third-party training provider in meeting course delivery expectations as per the approved Worksafe Training Standard
  • Coach third-party suppliers on in-class training standard requirements to support successful certification as required
  • Conducts root-cause investigations into Fatalities and serious injuries in the province using DNV, 5why, Taproot, etc
  • Methodologies.

Risk and Compliance Officer

Maintenance Management Group MMG
12.2015 - 12.2019
  • Performed thorough Audit Preparation, aligning all documentation and processes with company policies and industry standards, resulting in successful audit outcomes
  • Managed business risks through risk analysis, mitigation strategy implementation, exposure monitoring and decision facilitation for optimal opportunities
  • Successfully oversaw entire compliance and operational testing
  • Collaborated with management to identify, analyze, assess, and develop appropriate risk management strategies for enterprise risks; facilitated business continuity deliverables for the organization, including business impact analyses, strategy and plan development, and exercises
  • Researched regulatory requirements and risk management practices to ensure MMG remains current and develops plans for implementation
  • Conducted risk management education and training for business units and management, emphasizing accountability, control ownership, and defense line responsibilities
  • Managed the preparation of regular and ad hoc risk reports, document reviews, and additional assigned projects for executive committees and the board
  • Conducted Risk Assessment Workshops with the project teams and program partners
  • Monitored and measured the associated mitigation actions to avert risk occurrence
  • Led frequent risk reviews with project teams and program partners to identify and manage risks
  • Conducted regular risk assessments to identify potential privacy risks and vulnerabilities
  • Planned and executed compliance audits to check company policies, procedures, and controls
  • Coordinated with different department managers to review all departmental compliance policies
  • Managed and optimized scheduling for GRC audits and compliance testing to ensure timely completion
  • Implemented Data Privacy protocols in accordance with GDPR and CCPA standards, successfully reducing the risk of data breaches
  • Successfully coordinated with cross-functional teams in a Collaborative Environment to ensure GRC policy compliance.

Risk and Compliance Analyst

Ferrovial Facility Management and Maintenance FMM
10.2013 - 11.2015
  • Applied Agile principles to the risk management tasks, improving response times and accuracy
  • Conducted regular compliance audits and assessments, ensuring adherence to industry regulations and internal policies
  • Prepared and presented detailed risk and compliance reports to senior management, providing insights and recommendations for mitigation strategies
  • Developed and executed comprehensive risk management frameworks, resulting in a 25% reduction in identified risks
  • Trained employees in compliance best practices, boosting awareness and adherence by 15%
  • Played a key role in implementing a risk assessment framework, contributing to an effective approach to risk identification
  • Prepared and presented detailed risk reports to senior management, providing insights and recommendations for decision-making
  • Conducted in-depth risk assessments and analyses, identifying potential threats and vulnerabilities in financial processes
  • Assisted in the development and enhancement of risk management frameworks, policies, and procedures
  • Implemented and maintained risk monitoring systems, alerting stakeholders to emerging risks and trends
  • Contributed to strategic planning initiatives through effective IT Governance, improving overall operational effectiveness
  • Exhibited proficiency in Incident Management while serving as a GRC Analyst, drastically reducing response times for security incidents.

Identity and Access Control Specialist

Permasteelisa Gartner Qatar LLC
10.2012 - 10.2013
  • Monitored and controlled access of employees, visitors, and contractors in and out of the restricted areas by ensuring positive personnel identification
  • Ensured prohibited and restricted items were not brought into or left the building
  • Interact with and assist employees and visitors with directions to various locations and provide other customer service functions
  • Implemented and maintained multi-factor authentication (MFA) solutions, enhancing the organization and security posture
  • Monitored and identified continuous improvement processes for badging and card access systems
  • Implemented data entry for access control for new and existing badge holders for contractors, volunteers, and others as designated
  • Performed regular system access reviews and prepared reports to maintain integrity of the card access system for the Safety and Security Director
  • Conducted Fire extinguisher inspections and made reports to the senior management
  • Work to promote safety and security awareness during badging procedures.

Education

Bachelor of Science - Geology and Applied Geophysics

University of Ado-Ekiti
Ekiti State, Nigeria
12.2008

Skills

  • Strong communicator and collaborator, able to work closely with stakeholders to foster a culture of compliance and security awareness
  • Possesses strong interpersonal skills and the ability to collaborate effectively with individuals of diverse backgrounds
  • Skilled in analyzing complex situations to generate recommendations and report outcomes
  • Demonstrated leadership skills with the ability to work independently and collaboratively across various levels
  • Strong knowledge and experience managing complex project plans with interdependencies between projects and initiatives
  • Strong critical thinking skills and ability to manage multi-projects with prioritization
  • Comprehensive knowledge of regulations and frameworks- HIPAA, PCI-DSS, NIST CSF, ISO, 27001
  • Strong understanding of patient rights and confidentiality principles
  • Certified in Risk and Information Systems Control (CRISC)
  • ISC2- Certified in Cybersecurity Scheduling, Highly Adaptable, Commitment, Commitment, Communication Skills, Audit Preparation, Data Privacy, Data Privacy, Agile, Business Processes, Business Processes, Collaborative Environment, ISO 9001, ISO Audits, IT Governance, Incident Management, Internal Audits, Manage Compliance, Manage Compliance, Multi-Disciplined, Quality Documentation, Team-Oriented

Timeline

GRC Analyst- Intern

Techni Rise Consulting
01.2024 - Current

Health and Safety Consultant

Saskatchewan Workers' Compensation Board (WCB)
12.2019 - 12.2023

Risk and Compliance Officer

Maintenance Management Group MMG
12.2015 - 12.2019

Risk and Compliance Analyst

Ferrovial Facility Management and Maintenance FMM
10.2013 - 11.2015

Identity and Access Control Specialist

Permasteelisa Gartner Qatar LLC
10.2012 - 10.2013

Bachelor of Science - Geology and Applied Geophysics

University of Ado-Ekiti

Similar Profiles

CREATE PROFILE
TOLU OYEBANJI