Open to opportunities

Abdul Bamgbopa

@abdulbamgbopa

Message

Results-driven Information Systems and Security Risk Assessor/Auditor.

United States

Message

What I'm looking for

I am looking for a challenging role that offers opportunities for growth and allows me to leverage my cybersecurity expertise to enhance organizational security.

I am a results-driven Information Systems and Security Risk Assessor/Auditor with extensive experience in assessing and mitigating cybersecurity risks in both on-premise and cloud environments. My strong knowledge of global and regional IS standards, security frameworks, and IT audit methodologies enables me to ensure the security and integrity of organizational systems and data.

Currently, I serve as a Senior Third-Party Cybersecurity Risk/Vendor Lifecycle Management Analyst at TD Bank, where I design and implement Governance, Risk, and Compliance activities. I have successfully developed risk management frameworks and control frameworks for vendor risk assessments, achieving a completion run rate of over 70 vendors annually. My expertise in NIST 800-53, OWASP, and secure SDLC practices allows me to conduct thorough assessments and provide actionable recommendations to enhance security posture.

With a background in project management and stakeholder engagement, I excel in collaborating with cross-functional teams to identify and mitigate IT risks. I am passionate about leveraging my skills to contribute to a secure and compliant organizational environment, and I continuously seek opportunities for professional growth and development in the field of cybersecurity.

Experience

Work history, roles, and key accomplishments

Current

Senior Third-Party Cybersecurity Risk

Current

TD Bank (Rovust LLC)

Dec 2022 - Present (2 years 7 months)

Designed and implemented Governance, Risk, and Compliance activities for Vendor Risk Management and Vendor Lifecycle Management. Conducted due diligence reviews, risk assessments, and security audits of third-party vendors across On-Prem and Cloud environments.

Vendor Risk Management GRC Application Security NIST 800 53 ISO 27001 OWASP Threat Modeling SDLC Cloud Security API Security

Senior GRC Analyst/IS Controls Assessor

Sallfire LLC

Oct 2020 - Present (4 years 9 months)

Assisted in the development and implementation of GRC policies, standards, and procedures for information systems, applications, and infrastructure. Conducted comprehensive IS/IT audits to assess the effectiveness of internal controls and compliance with regulatory standards.

GRC IT Audit Risk Assessment IT General Controls SOX Cloud Security Internal Controls Regulatory Compliance Risk Mitigation

Risk Analyst / Third Party IS Risk Assessor

O2 Consulting Service

Oct 2017 - Present (7 years 9 months)

Evaluated vendors’ Information Security Controls per Inherent Risks for client portfolios. Conducted in-depth risk-based security assessments on supplier environments for various controls.

Vendor Assessment ISO 27001 PCI DSS Risk Based Security Assessments Access Control Incident Management Data Loss Prevention

Internal IS Auditor

Engold Consulting LLC

Mar 2014 - Present (11 years 4 months)

Provided guidance on ITGC and internal controls compliance globally as part of the IT Audit and Compliance team. Conducted IT security audits, including evaluating whether security vulnerabilities are properly identified and mitigated.