AFOLABI FADIMU
IT Security & Compliance Specialist-|- | Regina, SK
Professional Summary
Detail-oriented IT Security & Compliance professional with extensive experience in cybersecurity
operations, regulatory compliance, IT auditing, and risk management. Proven expertise in ensuring
organizational adherence to standards like ISO 27001, SOC 2, NIST, and HIPAA. Skilled in conducting audits,
responding to security incidents, maintaining IT security policies, and driving continuous improvement
initiatives. Strong background in financial institutions and healthcare technology sectors, with certifications
and hands-on experience supporting regulatory and client audit requirements.
Skills
•
•
•
•
•
•
•
•
Regulatory & Security Compliance: (ISO
27001, NIST, GDPR, HIPAA, SOC 2, PCI DSS
etc.)
•
IT Audit Preparation and CAPA Management
Strong documentation, reporting, and training
delivery skills
Audit tool: OneTrust, Archer and AuditBoard
Vulnerability & Risk Management: Nessus,
Qualys, Burp Suite, Snyk, Wireshark
Experienced with regulatory certifications
such as HITRUST and SOC2
Incident Response and Threat Hunting
•
•
Working knowledge of authentication,
authorization, and security principal identities
Proficient with Cloud Technologies: Azure,
AWS and GCP
Identity & Access Management (IAM, SSO,
PAM)
Security Tools and Technologies: Microsoft
Defender for Endpoint protection, Azure AD,
SailPoint and Okta as IdPs, MS Purview and
Netskope for DLP, Malwarebytes, Fortinet,
Microsoft Sentinel and Splunk as SIEM
1
Work History
IT Security and Identity Administrator
Jan 2022 – Present
League Inc.
Toronto
• Plan, design and develop, and deploy a robust identity and access management solution for League
• Support internal and client audit readiness by maintaining accurate audit documentation and
answering security questionnaires
• Develop and maintain IT policies and procedures, ensuring compliance with SOC 2, HIPAA, and ISO
standards
• Perform comprehensive cyber risk assessments, identified vulnerabilities, and provided
recommendations for risk mitigation
• Conduct regular security audits and assessments and assisted in developing security policies and
procedures
• Conduct security risk assessments for third-party vendors, applications, components, and services
IT Infrastructure and Security Analyst
Jul 2019 - Jan 2022
HealthHub Patients Engagement Solutions
Mississauga, ON
• Implemented security measures to reduce threats and damage related to cyber-attacks
• Enhanced security measures, reducing cyber threats and vulnerabilities
• Helped Internal Control team to conduct regular compliance reviews, system access audits, and risk
assessments, improving audit outcomes
• Participated in system incident investigations, producing detailed findings and recommendations for
process improvement
• Ensured regulatory compliance through IT service management practices aligned with ITIL standards
Senior IT Security Operation Analyst
Jan 2017
Zenith Bank Plc
Oct 2008Nigeria
• Monitored network environments and performed real-time incident detection and response for a
major financial institution.
• Conducted risk assessments, compliance audits, and vulnerability scans, producing actionable security
reports
• Supported the creation and maintenance of information security and disaster recovery plans.
• Responded to regulatory requirements and audit findings with effective remediation strategies.
• Delivered security awareness initiatives to employees to foster a culture of compliance and data
protection
2
Education
Rogers Cybersecure Program: Cyber Security
Oct 2022
Toronto Metropolitan University, Toronto, ON
Qualified for GIAC Advisory Board
Advanced Diploma: Business Information Systems
Saskatchewan Polytechnic, Moose Jaw, SK
Jun 2019
Graduated with Distinction
Bachelor of Science: Physics with Electronics
Olabisi Onabanjo University, Nigeria
Jan 2007
(WES Evaluated Equivalent to Canadian Bachelor's Degree)
Certifications and Trainings
•
•
•
•
•
Certified Information System Security Professional (CISSP)
OneTrust Certified GRC Professional
OneTrust Certified Privacy Professional
SANS GIAC Certified Incident Handler (GCIH)
ITIL 4 Foundation
Additional Skills
•
•
•
Strong analytical and problem-solving abilities
High attention to detail and accuracy in compliance activities
Excellent verbal and written communication skills for cross-functional collaboration
3
