Bukunmi Adunbarin

Governance, Risk, and Compliance (GRC) Specialist

Lagos, NG.

About

Highly analytical Governance, Risk, and Compliance (GRC) Specialist with over 2 years of combined experience in IT audits, risk assessments, and compliance management. Proven expertise in aligning security programs with ISO 27001, GDPR, and NIST CSF frameworks to significantly reduce risks and enhance operational efficiency. Successfully reduced audit non-conformance findings by 25% and improved compliance reporting efficiency by 20% through strategic implementation of GRC automation tools like RSA Archer and proactive monitoring.

Work

Vegeel Technologies

GRC Analyst

Lagos, Lagos, Nigeria

Mar 2024

→

Present

Summary

As a GRC Analyst at Vegeel Technologies, I lead IT audits and ensure compliance with industry standards, driving risk reduction and operational efficiency for fintech clients.

Highlights

Achieved a 25% reduction in audit non-conformance findings by implementing proactive compliance monitoring and targeted staff training programs.

Led IT audits for fintech clients, ensuring compliance with ISO 27001 and NIST CSF across access control, change management, and IT operations.

Developed and implemented robust risk assessment frameworks and risk registers, actively managing remediation efforts to close identified gaps.

Leveraged RSA Archer for comprehensive risk tracking, incident management, and automated reporting, providing actionable insights to senior management.

Authored and enforced corporate security policies, ensuring alignment with ISO 27001, GDPR, and NIST CSF standards.

Directed periodic access control reviews for sensitive systems, upholding least privilege principles and proactively mitigating unauthorized access.

Vegeel Technologies

GRC Intern

Lagos, Lagos, Nigeria

Jul 2023

→

Feb 2024

Summary

As a GRC Intern at Vegeel Technologies, I supported IT audits and compliance initiatives for fintech clients, contributing to enhanced reporting efficiency.

Highlights

Contributed to a GRC tool selection project, which enhanced compliance reporting efficiency by 20%.

Supported IT audits for a fintech client, focusing on access control, change management, and IT operations in alignment with ISO 27001 and NIST CSF standards.

Reviewed and documented IT change management processes, ensuring proper authorization, testing, and implementation of system changes.

Contributed to the creation and maintenance of a comprehensive asset inventory, enhancing risk identification and control mapping efficiency.

Conducted access control testing, identifying users with excessive privileges and recommending targeted corrective actions.

Researched and presented GRC automation tool options, providing data-driven recommendations that aligned with organizational compliance goals.

Education

Obafemi Awolowo University, Ile-Ife

Ile-Ife, Osun, Nigeria

Jan 2016

Master

Public Administration

Ajayi Crowther University, Oyo

Oyo, Oyo, Nigeria

Jan 2012

B.A

History and International Studies

Certificates

ISO 27001 Internal Auditor

Project Management Certificate

Jun 2022

Issued By

High Impact Careers, UK

Skills

Access Control

Access Control & User Rights Review, Least Privilege Access.

IT General Controls (ITGC)

ITGC Testing.

Change Management

Change Management Process Audit.

Risk Management

Risk Assessment & Compliance Reporting, Risk Tracking, Risk Registers, Incident Management.

Governance, Risk & Compliance (GRC)

ISO 27001, NIST CSF, GDPR Standards, Security Policy Development & Enforcement, Compliance Monitoring.

Incident Response

Incident Response & Business Continuity Planning, Tabletop Exercises.

GRC Tools

RSA Archer.

Productivity Tools

Microsoft Office Suite, Excel.