AYOTOBI AKALA
Dublin,Ireland
Summary
Risk expert with strong industry knowledge in risk management, compliance, auditing, cloud concepts & network security configurations and strategies, ensuring robust data privacy and continuous improvement across various industry-specific sectors. Demonstrates strategic planning and project management skills to drive process improvement and risk assessment initiatives. Proficient in AI governance, leveraging problem-solving abilities to enhance organisational security frameworks. Committed to advancing career goals by integrating cutting-edge technologies into comprehensive security solutions.
Overview
9
9
years of professional experience
Work history
Senior Cybersecurity Consultant
ARUP
Dublin, Ireland
12.2022 - 11.2025
- Conducted compliance audits and risk assessments models on various projects whilst liaising with third party clients to understand their security posture in line with various control & compliance frameworks ranging ISO27001, ISO42001, NIS2, GDPR, SOX, PCI DSS, DORA, ITGCs, SOC2, COBIT etc.
- Responsible for leading large scale regulatory compliance projects by strategically planning, delivering, and executing different initiatives based on regulatory requirements.
- Delivered concise reports detailing findings from routine vulnerability scans.
- Collaborate with stakeholders on project and issue resolution as well as recommend and update procedures to improve performance.
- Develop and own communication plans to effectively and proactively convey program status, issues, and risks to stakeholders.
- Assist several organisations to align and certify with international best practices to achieve compliance with ISO27001, ISO27701, and other frameworks.
- Reporting and communicating InfoSec risk and compliance matters to both internal and external stakeholders.
- Provide regular updates to senior management and the Audit Committee on SOX compliance status, key issues, and remediation efforts.
- Own, triage, investigate and respond to security matters using GRC platforms and tooling, ensuring timely communication, resolution and enhance customer experience and processes.
- Conducted security control testing for various transport clients using the NIST CSF and NIS2 Directive to understand the capability maturity model score and acceptable testing criteria.
- Acted as 2nd line of defence between various stakeholders and auditors to understand their various levels of risks before implementing risk controls based on security best practices.
- Provide governance and oversight to security project/security programs including firewall review, privilege user review, PCI scan review, BC/DR management, vulnerability management, website & network pentest.
- Drive process improvements across multiple teams and functions, including the reduction of manual efforts through automation.
- Conducted technology assessment on software and systems ensuring cybersecurity is fully integrated during commissioning, operation and retirement.
- Assessed and monitored audits logs based on different configuration baseline standards and prioritised GRC issues using RSA archer and ServiceNow tools.
- Implemented multi-factor authentication measures, strengthening access control systems.
- Contributed towards regulatory compliance by assisting in GDPR-related procedures.
- Managed cyber threats effectively through proactive monitoring and reporting procedures.
Governance Risk & Compliance Analyst
RBK CHARTERED ACCOUNTING AND BUSINESS ADVISORY
Dublin, Ireland
01.2022 - 12.2022
- Identified potential risks through meticulous evaluation of company policies.
- Managing information security policies and advising on and/or implementing these policies into practical, actionable procedures to ensure compliance.
- Utilised specialised software to efficiently organise, track metrics, and report on the progress, ensuring transparency and accountability throughout the project lifecycle.
- Develop and maintain regulatory and audit related status reports and key metrics and co-ordinate cybersecurity audit and assessments.
- Logged audit work, noted findings and evidence of non-conformities.
- Collaborate with clients to understand their business requirements, ensuring all engagements are delivered to the highest quality and standards.
- Provided expert advice on compliance matters, contributing to informed decision-making processes.
- Work closely with vendors on reviews, vulnerability assessments, mitigations, and implementation of cybersecurity-related activities.
- Participated in verification and inspections process with lead ISO auditors to verify implementation of corrective actions and minimise risks of future audit failures.
- Recommend enhancements to controls, processes, and testing methodologies to improve efficiency and effectiveness.
- Delivering cyber security risk assessment engagements in line with industry standards e.g ISO27001, SOC, NIS2 Directives., Cybersecurity Act, ITIL, DORA, PCI DSS.
- Facilitate and deliver GRC system training and risk awareness training as required across organisations to embed a strong risk culture.
Risk & Compliance Analyst
COVALEN SOLUTIONS
Dublin, Leinster
02.2021 - 01.2022
- Advanced overall efficiency by developing risk mitigation strategies and plans.
- Compiled comprehensive reports to assist in strategic decision making.
- Completed thorough due diligence checks on clients to ensure regulatory adherence.
- Developed strong relationships with regulators, facilitating smooth audit processes.
- Identified gaps in policies or processes by assessing risk, compliance, control management, and service quality, and driving process or control improvements to remediate them
- Developed and implement project plans, solutions, technologies, methodologies and frameworks as well as perform lead role in reviewing vendor proposals and making recommendations.
- Build scalable audit management processes and documentation systems that will support future expansion to additional geographies and compliance frameworks
Senior Risk & Compliance Analyst (IT Governance, Advisory & Cloud Operations)
ALLIANCE LEGAL
12.2016 - 12.2019
- Manage cross functional dependencies, risks, and changes effectively by optimizing scope, schedule, and resources.
- Monitor and respond to developments in data protection and information security in relation to confidentiality, integrity and availability.
- Responsibly support the delivery of compliance programs, control frameworks, third party audits as well as certification process.
- Facilitated meetings and engagements with various stakeholders based on quarterly reviews for business continuity plans, vulnerability assessments & security scan reports.
- Lead all aspects of and continuously improve the governance and management of security to reflect changing technology, threat landscapes, regulatory requirements, and industry standard methodologies.
- Provide expert counsel and mentorship to clients' senior leadership (including the board of directors) on security and its impact across business strategy, programs, products/services, and operations.
- Develop and own communication plans to effectively and proactively convey program status, issues, and risks to stakeholders.
- Conduct privacy impact assessments and guide the customers in implementing good data privacy practices.
- Conducted training sessions for staff to improve understanding of regulatory requirements.
Education
Professional Diploma - Cybersecurity
University College Dublin (UCD) Professional Academy
Dublin 07/2022 - 10/2022
MSc - International Business and Law
Griffith College Dublin
DublinLL. B - Law
University of Ibadan
Nigeria 09/2009 - 09/2014
Skills
- Information Security & Cyber Risk management
- Vulnerability Management
- IT Audit Control design & development
- Governance Risk & Compliance GRC
- Working Knowledge of Frameworks: NIST-CSF SOC2 ITIL
- Standards: ISO 27001 27701 42001 42006
- Regulations : GDPR PCI DSS NIS2
- Network Security: Windows server Middleware database antivirus secure network design MITRE ATT&CK
- Application security: secure software design OWASP 10 SDLC
- Network Architecture : VPC API EC2
- Security Incident management
- Security monitoring: SIEM - Splunk ES
- System administration: Microsoft 365 tools Active Directory PowerBI Excel
- Penetration testing
- AI/ML Governance
- Data privacy
- Compliance auditing
- Stakeholder engagement & management Process mapping
- Third Party risk management
- Project Management
- Security risk assessment risk analysis risk mitigations
- Audit management control testing monitoring
- AWS Well architected frameworks : Operational excellence Security Reliability Performance efficiency Cost explorer Sustainability
- AWS IAM : SSO PAM
- RSA Archer JIRA ServiceNow
- Communication: Problem solving Organisation & Planning Prioritise & manage multiple task
References
Available on request
Certifications
- 2025-10-01, ISO42001:2023 Lead Auditor - Artificial Intelligence Management, Completed
- 2024-12-01, Certified Solutions Architect AWS, Completed
- 2024-11-01, Certified Project Change Management Professional , Completed
- 2024-09-01, Certified Information Security Manager (CISM), Working towards qualification
- 2021-11-01, ISO 27001 Foundation - Information Security Certification, Completed
- 2021-11-01, Amazon Web Services Certified Cloud Practitioner, Completed
- 2021-08-01, Python for Data Science and Artificial Intelligence, Coursera, Completed
Timeline
Senior Cybersecurity Consultant
ARUP
12.2022 - 11.2025
Governance Risk & Compliance Analyst
RBK CHARTERED ACCOUNTING AND BUSINESS ADVISORY
01.2022 - 12.2022
Risk & Compliance Analyst
COVALEN SOLUTIONS
02.2021 - 01.2022
Senior Risk & Compliance Analyst (IT Governance, Advisory & Cloud Operations)
ALLIANCE LEGAL
12.2016 - 12.2019
Professional Diploma - Cybersecurity
University College Dublin (UCD) Professional Academy
07/2022 - 10/2022
MSc - International Business and Law
Griffith College Dublin
LL. B - Law
University of Ibadan
09/2009 - 09/2014