Abimbola Ogunfowora Email and Phone Number

• Develop, improve, and implement comprehensive security programs to ensure the protection and operational stability of our systems.• Function as a third-party risk assessor, executing risk evaluations by analyzing third-party attestations, assessing control designs, and verifying control implementations.• Focus on enhancing the overall security framework within the organization by identifying risks and challenges while highlighting areas for improvement.• Offer expertise and… Show more • Develop, improve, and implement comprehensive security programs to ensure the protection and operational stability of our systems.• Function as a third-party risk assessor, executing risk evaluations by analyzing third-party attestations, assessing control designs, and verifying control implementations.• Focus on enhancing the overall security framework within the organization by identifying risks and challenges while highlighting areas for improvement.• Offer expertise and recommendations to technology and business management on security best practices, risk assessments, and risk mitigation techniques.• Encourage practices that reduce risk and champion a strong culture of technology risk management throughout the organization.• Engage with key Market/Global Third-Party Risk Management stakeholders to initiate, define, and strategize cyber security risk control assessments for both new and existing high-risk suppliers.• Provide valuable suggestions for risk mitigation that significantly strengthen the third-party risk posture of Nerizon Ltd Canada. Show less

• Documented, reviewed and updated NIST SP 800-37, SP 800-39, SP 800-53, SP 800-53A, SP 800-34, SP 800-18, SP 800-128 during documentation.• Compiled data to complete Residual Risk Report and to insert contents into the POA&M.• Maintained SharePoint site containing vendor management documentation.• Responsible for executing on basic bids for hardware, software and services (RFI, RFQ, RFP, quotes)• Assisted in monitoring vendor performance to detect potential issues and ensure… Show more • Documented, reviewed and updated NIST SP 800-37, SP 800-39, SP 800-53, SP 800-53A, SP 800-34, SP 800-18, SP 800-128 during documentation.• Compiled data to complete Residual Risk Report and to insert contents into the POA&M.• Maintained SharePoint site containing vendor management documentation.• Responsible for executing on basic bids for hardware, software and services (RFI, RFQ, RFP, quotes)• Assisted in monitoring vendor performance to detect potential issues and ensure SLAs are being met.• Communicated priorities and escalate to fulfillment vendor, as necessary.• Lead ongoing monitoring activities of supplier relationships, which includes adherence to internal and external policies and due diligence.• Ensured all security solutions and designs met local and federal compliance requirements such as SOX, ISO 27001, and PCI DSS and coordinates with the Internal and External Auditors • Assisted System Owners and ISSO in preparing certification and Accreditation package for company's IT systems, making sure that management, operational and technical security controls adhere to a formal and well-established security requirement authorized by NIST SP 800-53 R4.• Facilitated discussions in the resolution of performance, risk and compliance issues identified during monthly SLA reviews and site visits.• Created and delivering current state daily, weekly, and monthly reporting using SharePoint and MS Excel• Created standard templates for required security assessment and authorization documents, including risk assessments, security plans, security assessment plans and reports, contingency plans, and security authorization packages. • Updated the following security Assessment and Authorization (SA&A) artifacts; FIPS 199, Risk Assessments Report (RAR) Privacy Threshold Analysis (PTA), Privacy Impact Analysis (PIA), Contingency Plan, security Test and Evaluations (ST&Es), E-Authentication, Plan of Action and Milestones (POAMs). Show less

• Initiated and litigated legal proceedings to enforce compliance with state and federal educational and healthcare regulations• Provided legal advice to senior management on day-to-day operations, including contract negotiations, intellectual property protection and corporate compliance• Drafted and negotiated settlement agreements resulting in 75% success rate in avoiding costly trials.• Provided guidance on compliance with policy issues and regulations and interface with the… Show more • Initiated and litigated legal proceedings to enforce compliance with state and federal educational and healthcare regulations• Provided legal advice to senior management on day-to-day operations, including contract negotiations, intellectual property protection and corporate compliance• Drafted and negotiated settlement agreements resulting in 75% success rate in avoiding costly trials.• Provided guidance on compliance with policy issues and regulations and interface with the regulatory agencies.• Ensured that organization compliance standards are in line with existing laws and practices and overseeing organization’s legal compliance procedures.• Conducted internal audits to assess compliance with policies, regulations, and industry standards, identifying areas for improvement and risk mitigation.• Developed and implemented compliance frameworks to ensure adherence to local, state, and federal regulations, including SOX, PCI DSS, and ISO standards.• Reviewed and analyzed policies and procedures to ensure alignment with regulatory requirements, facilitating updates and revisions as needed.• Collaborated with cross-functional teams to ensure compliance training and awareness programs were effectively communicated and understood.• Prepared detailed audit reports summarizing findings, recommendations, and action plans, presenting them to senior management and stakeholders.• Managed compliance monitoring programs to evaluate the effectiveness of internal controls and risk management strategies.• Performed risk assessments to identify vulnerabilities and recommend remediation strategies to strengthen organizational compliance posture. Show less