Open to opportunities

Olarinde Salako

@olarindesalako

Message

Results-driven IT Risk & Compliance Analyst with 6+ years experience.

United States

Message

What I'm looking for

I am looking for a role that fosters growth, collaboration, and innovation in IT risk management.

I am a results-driven IT Risk & Compliance Analyst with over 6 years of progressive experience in cybersecurity, cloud security, and regulatory compliance. My expertise lies in identifying control gaps, mitigating enterprise IT risks, and ensuring alignment with various standards such as SOX, NIST 800-53, and ISO 27001. I have successfully led numerous third-party risk assessments and managed IAM and security monitoring initiatives, driving secure transformation across AWS and Azure environments.

Throughout my career, I have demonstrated a strong ability to collaborate across IT, audit, and compliance functions. At Capital One, I led the execution of SOX 404 audits and partnered with internal and external auditors to streamline processes and enhance compliance maturity. My experience also includes developing automated compliance dashboards using Power BI, which provided executive leadership with critical insights into control health and audit status.

My commitment to continuous improvement is evident in my proactive approach to risk management and compliance training. I have delivered training sessions to cross-functional teams, enhancing their understanding of IT risk awareness and control self-assessments. I am passionate about leveraging my skills to contribute to an organization's security posture and compliance framework.

Experience

Work history, roles, and key accomplishments

Current

IT Risk & Compliance Analyst

Current

Capital One

May 2023 - Present (2 years 2 months)

Led the execution of over 20+ SOX 404 and IT General Control (ITGC) audits, ensuring proper evidence collection and timely remediation. Spearheaded cloud risk assessments for critical AWS-hosted applications, validating shared responsibility models and ensuring alignment with NIST 800-53 and CIS Benchmarks. Developed and automated compliance and risk dashboards using Power BI, providing executive

ITGC AWS NIST 800 53 Power BI DevSecOps CI CD

IAM, Data Protection & Security Monitoring Analyst

TechnipFMC

Feb 2021 - Present (4 years 5 months)

Managed global Identity and Access Management (IAM) processes, overseeing user provisioning/deprovisioning, segregation of duties (SoD), and privileged access reviews across on-prem and Azure environments. Designed and enforced data protection policies using Symantec DLP and Azure Information Protection, safeguarding sensitive intellectual property and personal data. Implemented SIEM-based monitor

IAM Azure Symantec DLP Azure Information Protection Splunk Sailpoint Azure AD GDPR HIPAA)RBAC

Cloud Security & Vulnerability Management Analyst

Schlumberger

Jun 2019 - Present (6 years 1 month)

Led enterprise vulnerability management by configuring and managing tools such as Qualys, Tenable Nessus, and Rapid7 InsightVM to scan, classify, and prioritize vulnerabilities across 5,000+ assets. Developed a vulnerability scoring system based on CVSS v3, integrating results into the Archer GRC platform and reducing patch remediation SLAs by 40%. Collaborated with DevOps and infrastructure teams

Vulnerability Management Qualys Nessus Rapid7 InsightVM CVSS Archer GRC AWS Azure Splunk Incident Response

Risk Analyst – Governance, Risk & Healthcare IT Security

Leon Medical Center

Dec 2017 - Present (7 years 7 months)

Conducted HIPAA compliance audits and security risk assessments across healthcare systems, including EMRs, cloud storage, and mobile endpoints. Monitored access to ePHI and PII, performing periodic user access reviews and security logs analysis using Splunk and Microsoft Sentinel to detect suspicious activity. Managed IT risk registers, risk acceptance documentation, and control remediation plans

HIPAA)Risk Assessment Splunk Risk Register Security Awareness ISO 27001

Education

Degrees, certifications, and relevant coursework

Indiana Institute of Technology

M.S., Cybersecurity & Digital Forensics

Focused on advanced cybersecurity principles and digital forensic techniques. Gained expertise in incident response, network security, and data recovery.

Lagos State University

B.Sc., Business Administration

Acquired fundamental knowledge in business administration, covering core business functions and management principles. Prepared for entry-level roles in business.

Indiana Institute of Technology

MBA, Business Administration

Developed a strong foundation in business administration, including strategic management, finance, and marketing. Prepared for leadership roles in various industries.