Lead Supply Chain Analyst
Seasoned Risk Management Professional with demonstrated expertise in developing and implementing risk management programs, conducting vendor due diligence, and managing third-party relationships. Proficient in industry frameworks, regulatory requirements, and standards, including NIST CSF, ISO, COBIT, FFIEC, PCI DSS and SOC 2.
Education:
UNIVERSITY OF MARYLAND
Master of Science in Information Technology (In Progress)
UNIVERSITY OF HOUSTON, HOUSTON, TEXAS
Juris Doctorate
UNIVERSITY OF IBADAN, OYO, NIGERIA
Bachelor of Laws
Career Details:
2024-PRESENT
LEAD SUPPLY CHAIN ANALYST, SHOW ME QUALITY CONSULTING, LLC
2021 - 2024
SENIOR THIRD-PARTY RISK ANALYST, ALLSTATE
- Proactively managed supplier and fourth-party sub-servicer portfolio of over 60 vendors, mitigating inherent and residual risks through periodic assessments and risk profile updates.
- Streamlined the third-party risk assessment process using ServiceNow, resulting in a 20% reduction in assessment time and a 10% increase in assessment accuracy
- Continuously identified, monitored, and reported on third-party risk landscapes, including key and emerging risks with actual and/or potential impacts on vendor portfolio
- Performed Vendor Risk Assessments (VRA), evaluating key risk factors including financial stability, security protocols, and regulatory compliance to fortify the vendor selection process
- Structured contractual safeguards by integrating clauses into vendor contracts, mandating adherence to our security benchmarks, and immediately reporting security incidents
- Safeguarded sensitive data from unauthorized third-party access by evaluating and mitigating information security and privacy risks such as cyberattacks and data breaches
- Assessed the Incident Response, Business Continuity and Change management protocols of third-party vendors, identified gaps, and formulated corrective action plans to mitigate risks
- Communicated vendor risk assessment and due diligence findings, as well as Remediation requirements, to senior management, business owners, and vendors
- Utilized COBIT principles to investigate third-party risk incidents, preventing potential losses and protecting the organizations reputation
- Crafted and executed key risk reporting, Key Risk Indicators (KRIs), and metrics such as security incidents to provide valuable insights into third-party risk exposure
- IT General Controls testing and documentation (e.g., Access Control, Data Backup, and Segregation of duties) for 20+ SaaS vendors leading to improved risk mitigation.
- Achievement: Collaborated on assessing post-COVID-19 risks (e.g., supply chain disruptions, remote work resilience and cyber threats) with a cross-functional team. Introduced a real-time data-driven continuous monitoring model, considering vendor financial stability and cybersecurity posture, resulting in a 15% reduction in third-party risk exposure
2019-2021
THIRD-PARTY RISK ANALYST, BNP PARIBAS BANK
- Implemented a multi-factor authentication (MFA) system for third-party vendors, reducing the risk of unauthorized access by 15%
- Conducted rigorous vendor risk assessments for cloud-based vendors (e.g. AWS) using CAIQ, ensuring compliance with regulatory norms and industry best practices
- Collaborated with cross-functional stakeholders to articulate risk appetite, laying the foundation for refined risk mitigation strategies and vendor relationship choices
- Provided third-party risk data and responses to regulatory and internal audit requests and exams, ensuring timeliness and accuracy
- Utilized BitSight for maintaining vendor profiles, conducting risk assessments, managing contracts, monitoring performance, and ensuring compliance with policies and procedures
- Performed vendor onboarding by customizing due diligence and evaluation criteria questionnaire utilizing Standardized Information Gathering (SIG) control domains
- Implemented Third-Party Management requirements to comply with regulatory standards and industry best practices such as PCI DSS, FFIEC and NIST CSF
- Achievement: Increased vendor onboarding efficiency by 20% by recommending an expedient online onboarding process (self-registration, document submission, Vendor Risk Assessment, and approval) during the COVID-19 pandemic, resulting in reduced costs and improved vendor satisfaction
2014 - 2019
IT AUDITOR & CONTROL ASSESSOR, HERITAGE BANK
- Managed and coordinated IT audit projects, from planning and execution to reporting
- Audited backup and recovery procedures to ensure data restoration in the event of a disaster
- Executed auditing processes to evaluate controls effectiveness, and compliance with GLBA, PCI DSS and ISO 270001; identified vulnerabilities, and provided recommendations
- Reviewed the change management process to ensure adequate control of IT system changes
- Tested access controls to ensure only authorized users can access sensitive data
- Evaluated the segregation of duties to ensure that no individual can abuse a process
2010-2013
PRIVACY COMPLIANCE SPECIALIST, LIAMSLAWS LLP
- Conducted Privacy Impact Assessments (PIA) and Audits for clients reducing potential data breaches through vulnerability identification and rectification
- Developed compliance training program for clients, boosting awareness and adherence
- Advised clients on the latest privacy laws and regulations, and compliance strategies
Certifications:
- Certified in Risk and Information Systems Control (CRISC)
- Certified Information System Auditor (CISA)
Awards & Recognitions:
- Excellence in Third-Party Risk Management Award (Allstate - 2023): Recognized for excelling in vendor risk assessments, compliance tracking, and collaborative partnerships.
- Compliance Champion Award (BNP Paribas - 2020): Awarded for championing compliance with regulatory standards and industry best practices, aligned with FFIEC and NIST CSF.
Professional Affiliations:
- Third Party Risk Association (TPRA)
- ISACA – Convention Coordinator, Boston 2023