Description

I’m a well-rounded Cybersecurity Analyst with deep experience in Governance, Risk & Compliance (GRC), cloud security (AWS, Azure), incident response, and enterprise risk management. I’ve helped over 60 organizations strengthen their cybersecurity posture through ISO 27001 and NIST CSF implementation, policy development, security awareness programs, vulnerability management, and audit readiness. I work comfortably across technical and strategic domains—conducting risk assessments, designing security frameworks, and guiding executive leadership on regulatory compliance and security strategy.

I’m highly skilled in SIEM tools, incident monitoring, third-party risk assessments, and developing business continuity plans. I hold certifications including ISO 27001 Lead Implementer and CISM, and I bring a results-driven approach to every engagement, whether you're a startup or a large enterprise. Let’s work together to protect your data, ensure compliance, and build a resilient security program.

Industry field of expertise

Languages

English
Native or bilingual

Workplace preferences

Remote only

Primarily works remotely

Cybarik LTD
GRC Consultant
January 2022 - Today (4 years and 5 months)
United Kingdom
Key experience

• Designed, implemented, and maintained enterprise-wide risk and compliance frameworks aligned with ISO 27001, NIST CSF, and other regulatory standards.
• Advised senior leadership on GRC best practices, risk management, regulatory obligations, and strategic control enhancements.
• Collaborated cross-functionally with IT and business to ensure GRC implementation across business units.
• Conducted comprehensive risk assessments, identified control deficiencies, and developed effective mitigation strategies to improve security and compliance maturity.
• Led internal and external audit readiness efforts, ensuring consistent alignment with best practice standards and frameworks.
• Delivered targeted training and awareness programs to increase staff understanding of risk management and compliance responsibilities.
• Supported continuous improvement initiatives by analysing existing processes and recommending optimisation for better efficiency and alignment.
Isecurdata Limited
GRC Consultant
August 2019 - December 2021 (2 years and 4 months)
London, UK
My experiences include but not limited to the following:

• Led the end-to-end development and implementation of Governance, Risk, and Compliance (GRC) frameworks, ensuring alignment with ISO 27001, NIST, and relevant industry standards.
• Conducted information security risk assessments to identify, evaluate, and prioritize risks, translating findings into actionable remediation and risk mitigation plans.
• Designed and rolled out internal control systems to manage regulatory compliance and operational risk across multiple business units.
• Authored and maintained risk and compliance documentation including policies, procedures, control matrices, and risk registers.
• Partnered with audit teams and stakeholders to support internal and third-party audits, ensuring readiness and resolving audit findings.
• Delivered GRC awareness initiatives, including staff training sessions and executive briefings to embed a culture of compliance and risk accountability.
• Provided strategic advisory to senior leadership on risk exposure, compliance posture, and improvement opportunities through reports and dashboards.
• Drove continuous improvement by benchmarking existing GRC practices against leading frameworks and incorporating feedback from audits and assessments.
Cscs Ltd
Information Security Manager
January 2018 - August 2019 (1 year and 7 months)
Nigeria
As Information Security Manager, I facilitated collaboration between senior management and stakeholders to ensure effective controls safeguarded platforms, services, and information assets. I developed budgets and business cases for security investments, led policy initiatives, and conducted organization-wide security awareness training. I implemented security for cloud applications (AWS, Azure) and managed business continuity efforts, including impact assessments and continuity planning.

I aligned practices with ISO 27001, ISO 22301, and NIST CSF. I worked closely with engineers on risk identification and control implementation and coordinated responses to critical vulnerabilities. I developed in-house incident monitoring and response procedures and advised executives on risks and mitigation strategies. I led awareness programs for employees and contractors and used SIEM tools for event monitoring.

I created and enforced information security policies and compliance programs. I conducted asset triage, threat modeling, and risk assessments. I provided guidance for vulnerability and penetration testing and oversaw risk management activities across assets, threats, vulnerabilities, and controls. I also managed third-party risk assessments, performance reviews, and audits. I implemented a robust incident management framework and aligned security goals with business objectives, tracking and reporting metrics to leadership.

Key achievements: I led ISO 27001 implementation internally, saving $20,000 in consultancy fees and achieving certification. I created a compliance roadmap for ongoing improvement and developed a cybersecurity strategy aligned with business goals. I secured funding for five security tools through strong business cases and led a team of four in executing the roadmap. I also delivered board-level awareness training using storytelling, leading to referrals based on its success.