T

Tobi popoola

About

Detail

United States

Timeline

work
Job
school
Education

Résumé

Jobs verified_user 0% verified
  • VetsEZ
    Senior IT Risk Analyst
    VetsEZ
    Jan 2022 - Current (4 years 6 months)
    Lead IT risk assessments across enterprise systems, applications, and vendors, reducing high-risk findings by 35% in 12 months. Conducted third-party risk assessments for 40+ vendors annually, ensuring compliance with ISO 27001, SOC2, HIPAA, and GDPR. Collaborated with InfoSec and Compliance teams to enhance vendor onboarding risk assessment workflows, improving efficiency by 25%. Facilitated remediation of vulnerabilities identified in risk assessments, coordinating with system owners to close gaps within SLA timelines. Prepared executive-level risk dashboards and reports for CISO and Audit Committees. Updated IT governance framework regularly to address evolving organizational needs and industry best practices effectively. Maintained an u
  • Dell
    Risk & Compliance Analyst
    Dell
    Jun 2019 - Dec 2021 (2 years 7 months)
    Performed IT risk and compliance assessments to meet HIPAA and HITRUST regulatory standards. Supported internal and external audits, improving audit readiness and achieving zero major audit findings. Partnered with IT to evaluate security controls effectiveness and recommended enhanced security measures for sensitive patient data. Monitored and assessed third-party vendors for data security risks, reducing vendor-related incidents by 20%. Created and maintained policies, procedures, and risk register aligned with NIST CSF. Managed complex projects involving multiple lines of business, effectively balancing risk exposure against strategic objectives. Streamlined regulatory compliance processes for improved monitoring and reporting capabiliti
  • Humana
    Privacy & Security Analyst
    Humana
    Jan 2017 - Jun 2019 (2 years 6 months)
    Conducted daily security monitoring, vulnerability scanning, and incident response investigations using Splunk and Nessus. Assisted in risk assessments for infrastructure and cloud environments, ensuring compliance with security frameworks. Developed and implemented security awareness training, reducing phishing click rate by 40%. Coordinated with the GRC team to map IT risks to compliance requirements and internal controls. Drafted and updated risk management documentation (policies, risk treatment plans, risk assessment reports). Conducted security audits to identify vulnerabilities. Analyzed network traffic and system logs to detect malicious activities. Administered and monitored firewalls, intrusion detection systems and anti-virus sof
Education verified_user 0% verified
  • A
    Masters of Science in Information Assurance and Security
    AIU University, Houston, Texas
    Jan 2022
  • E
    Bachelor of Science in Computer Science
    ESSF University, Benin
    Nov 2015