Skip to main content
EK
Open to opportunities

Evelyn Koffi

@evelynkoffi

I lead enterprise third-party risk and supplier governance to strengthen compliance, resilience, and audit readiness.

United States
Message

What I'm looking for

I’m looking for a leadership role where I can run enterprise third-party risk & compliance governance, build scalable NIST/ISO/SOC 2-aligned frameworks, partner cross-functionally, and strengthen audit readiness, remediation, and operational resilience.

I’m an IT governance, risk, and compliance (GRC) leader with 10+ years of experience leading enterprise risk assessments, supplier governance, IT audit, compliance operations, and vendor lifecycle management across technology, consulting, and regulated industries. I’ve managed large-scale vendor ecosystems, supported 1,000+ supplier and vendor assessments, and driven remediation that reduces high-risk vendor exposure by 25% while improving enterprise risk visibility.

In my current role, I lead enterprise-wide operational risk, third-party risk governance, supplier governance, and compliance initiatives—partnering with Security, Procurement, Legal, Privacy, and executive stakeholders to operationalize compliance programs. I build scalable governance frameworks aligned to NIST, ISO 27001, SOC 2, and cloud security best practices, leveraging continuous monitoring, KPI/SLA oversight, issue management, and risk analytics to strengthen audit readiness and operational resilience.

Experience

Work history, roles, and key accomplishments

TS
Current

Third-Party Risk & Compliance Leader

TikTok U.S. Data Security

Jan 2024 - Present (2 years 6 months)

Led enterprise-wide risk governance and supplier governance programs to strengthen cybersecurity and privacy compliance across complex technology ecosystems. Drove scalable third-party risk governance using continuous monitoring and SLA/KPI oversight, reducing high-risk vendor exposure by 25% and improving audit readiness.

TS

Third-Party Risk Analyst

TikTok U.S. Data Security

Jan 2022 - Jan 2023 (1 year)

Conducted large-scale third-party and operational risk assessments across 1,000+ vendors spanning cybersecurity, privacy, and compliance risks. Improved governance methodologies and inherent/residual risk scoring accuracy by 20% and helped reduce vendor-related incidents by 25%.

CC

IT GRC Consultant

Cross Country Consulting

Jan 2019 - Jan 2020 (1 year)

Designed and implemented enterprise compliance programs and risk assessment strategies aligned to NIST, ISO 27001, and SOC 2 to strengthen governance, cybersecurity, and privacy. Led regulatory and operational risk assessments and improved audit readiness by 30% through control validation and remediation support.

IC

IT Risk Analyst

IBSS Corporation

Jan 2016 - Jan 2017 (1 year)

Supported federal risk management and compliance initiatives by conducting compliance assessments and assisting audit activities across governed environments. Performed NIST 800-53A (DOJ)–aligned assessments and improved remediation timelines by 25% through structured risk tracking, reporting, and continuous monitoring.

Education

Degrees, certifications, and relevant coursework

University of Maryland, College Park logoUP

University of Maryland, College Park

Bachelor of Arts

Earned a Bachelor of Arts from the University of Maryland, College Park.

Tech stack

Software and tools used professionally

Get matched with your dream remote job

Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan