Martins Obula

Led enterprise SOX 404, SOC 1, and SOC 2 compliance across multiple business units, including evidence collection, control testing, and auditor coordination. Reduced SOX audit findings by 30% by optimizing control design and using GRC automation, while also managing third-party risk, data privacy (CCPA/GDPR), responsible AI compliance, tabletop exercises, and SLA-driven vulnerability remediation.

Conducted cybersecurity and IT audit/risk assessments, including HIPAA compliance for healthcare clients and SaaS/security posture reviews (SOC 2, data residency, encryption, API security, and identity federation). Managed end-to-end remediation for OCC and Federal Reserve findings, improving governance posture by 25% across two audit cycles.

Led IT audit engagements across financial, operational, and technology systems by testing ITGC and ITAC controls and reporting control deficiencies for timely remediation. Developed risk-based audit programs and produced executive reporting by translating audit results into actionable insights to strengthen enterprise risk posture.

Led SOX 404 IT compliance activities, including scoping, risk assessment, and testing of ITGCs and ITACs to achieve full coverage of key financial reporting controls. Improved control effectiveness by driving remediation with owners, achieving a 95% on-time closure rate and reducing recurring control failures by 20% year-over-year.

Contributed to the development and ongoing management of the organization’s third-party risk management (TPRM) strategy, including risk assessments and governance approvals. Supported enterprise risk teams by advising on complex vendor risks (including fintech and cloud providers) and aligning assessments with regulatory guidance and industry best practices such as FFIEC and OCC expectations.

Earned a Master of Business Administration (MBA) with a focus on Business Administration & Management.

Earned a Bachelor of Science (BSc) in Economics.