OLUWATOBI IDOWU

GRC Cybersecurity Specialist

Lagos, NG.

About

Results-driven GRC Cybersecurity Specialist with demonstrated expertise in risk assessment, compliance monitoring, and embedding robust governance frameworks across enterprise operations. Proven ability to significantly reduce critical risk exposures by 25%, achieve zero major audit findings, and improve employee compliance awareness by 30% through strategic application of ISO 27001, NIST CSF, and NDPR. Adept at driving regulatory adherence and enhancing organizational resilience, poised to deliver high-impact cybersecurity compliance solutions.

Work

Custodian Investment Plc

Information Security Analyst

Lagos, Lagos State, Nigeria

Jan 2025

→

Present

Summary

Analyzed and monitored cybersecurity risks and compliance, implementing governance frameworks and data protection controls to enhance organizational resilience and regulatory adherence.

Highlights

Developed and enforced robust IT security policies, standards, and frameworks, aligning enterprise operations with NDPR, NIST CSF 2.0, CIS Controls v8, OWASP SAMM, and COBIT to strengthen the overall security posture.

Conducted comprehensive enterprise-wide risk assessments and meticulously maintained the Technology Risk Register, successfully reducing critical risk exposures by 25%.

Executed third-party/vendor risk assessments (TPRAQ, ISO 27001) to ensure compliance with security and data privacy standards, and supported internal/external audits, contributing to zero major audit findings.

Drove stringent compliance with NAICOM and NDPC regulations, enhancing organizational resilience and successfully preventing penalties by ensuring adherence to critical regulatory requirements.

Led impactful security and data privacy awareness initiatives, significantly improving employee compliance awareness by 30% across the organization.

Embedded security best practices into the SDLC through cross-functional collaboration and compliance-focused reviews, while assisting in monitoring data protection programs to ensure adherence to NDPR and international standards.

Education

University of Lagos, Nigeria

Lagos, Lagos State, Nigeria

Sep 2013

→

Jun 2017

B.Sc.

Biochemistry

Certificates

ISO/IEC 27001:2022 - Information Security Associate

Mar 2024

Issued By

Skillfront

Certified in Cybersecurity (CC)

Mar 2024

Issued By

ISC2

OWASP SAMM Fundamentals

Mar 2024

Issued By

OWASP

Introduction to Cybersecurity

Mar 2024

Issued By

Halogen

Skills

Risk Management

Enterprise-wide Risk Assessments, Technology Risk Register, Third-Party Risk Assessments (TPRAQ), Vendor Risk Management, Risk Exposure Reduction, Cybersecurity Analysis.

Governance & Compliance Frameworks

ISO/IEC 27001, NIST CSF 2.0, CIS Controls v8, COBIT, OWASP SAMM, Security Policies, Security Standards, Security Frameworks, Regulatory Compliance (NDPR, NDPC, NAICOM).

Data Protection & Privacy

Data Protection Programs, Privacy Programs, NDPR Adherence, International Best Practices.

Audit & Assurance

Internal Audits, External Audits, Control Effectiveness Evidence, Audit Findings Resolution.

Security Operations & Awareness

SDLC Security Integration, Compliance-Focused Security Reviews, Security Awareness Initiatives, Employee Compliance Training.