Rufai Olaide Azeez | Freelancer Resume

Summary RUFAI OLAIDE AZEEZ Experienced Cybersecurity GRC Analyst with a demonstrated history of leading and participating in compliance audit programs, including ISO 27001, HIPAA, SOC, and HITRUST. Proficient in auditing applications, configurations, and internal practices to ensure adherence to regulatory standards such as HIPAA, HITRUST, and NIST-800-53. Adept at developing forward-thinking information security policies, performing gap analyses, identifying risks, and managing third-party risk assessments. Committed to promoting security awareness, enhancing compliance processes, and implementing effective governance strategies to mitigate risks and support organizational resilience. Work Experience InfoSafe techNigeria GRC ANALYSTMay 2024 - Present • Assessed adherence to standards such as ISO 27001, 27002, PCI DSS, and NIST, ensuring compliance and enhancing security posture • Conducted risk and control assessments against corporate cybersecurity frameworks, identifying vulnerabilities and implementing key improvements that enhanced security posture. • Developed and reviewed policies, procedures, processes, and internal controls, leading to improved compliance and operational efficiency • Implemented and enhanced security awareness training, boosting employee cybersecurity risk awareness and adherence to best practices. • Conducted comprehensive security assessments of projects and third-party vendors, achieving a 30% reduction in risk exposure and improved compliance with security standards. • Identified and prioritized key improvement areas through security assessments and gap analysis using ISO 27001, enhancing overall security compliance. • Worked closely with management to enhance security practices, significantly boosting organizational security awareness and reducing incidents by 25%. • Enhanced the company's cybersecurity strategies by identifying and mitigating risks, resulting in a 30% reduction in potential security threats. • Enhanced third-party audits to test and improve the effectiveness of security controls, ensuring compliance with ISO 27001, Cyber Essentials, and GDPR standards. • Enhanced and sustained business information integrity and security by conducting thorough policy reviews, leading to heightened data protection and compliance. • Conducted risk assessments on critical infrastructure and delivered targeted recommendations, leading to a 30% improvement in security measures aligned with the organization's risk appetite. CARDIFYNigeria INFORMATION SECURITY ANALYSTOct 2022 - Apr 2024 • Led comprehensive information security risk assessments, and improved organizational risk posture by identifying and addressing critical vulnerabilities. • Enhanced compliance with regulatory frameworks and industry standards, including ISO 27001, NIST, and PCI DSS, resulting in a 20% reduction in compliance audit findings. • Improved security measures by maintaining and enhancing the organization's standards by implementing best practices. • I collaborated closely with colleagues to respond to a third-party attack, successfully isolating the affected systems and swiftly containing the incident to prevent further impact. Skills Third-party management, Risk assessment and management, Security awareness program, Knowledge of ISO 27001, NIST, PCI DSS, SOX ITGC, BCMS, INCIDENT RESPONSE, GDPR, Compliance audit: ISO 27001, Good collaborator/ team player, Stakeholder management, Project management, Attention to details, Vulnerability management (Nessus), Excellent communication skills, Excellent analytical skills and time management Certifications Certified in Cybersecurity ISC: CompTIA+: (In progress) ISO 27001 lead implementer: (In progress) IT Auditing: Foundation in ISO/IEC 29100:2024 Privacy framework: SBP ISO 22301:2019 Business continuity management: SBP ISO 31000:2018 Risk management: SBP Cyber threat management: CISCO Google Professional Cybersecurity: Google Education University of Ibadan, Nigeria Political Science 2025