Himalayas logo
OK
Open to opportunities

Olu Kazeem

@olukazeem

I am a GRC specialist improving compliance, risk, and security programs.

United States
Message

What I'm looking for

I seek a GRC role leading compliance and third‑party risk programs, improving audit readiness via policy and automation, and working cross-functionally to reduce vulnerabilities and support SOC 2, FedRAMP, or HITRUST readiness.

I am a Governance, Risk & Compliance (GRC) specialist with experience managing compliance, risk, and security programs across utilities, biopharma, and consulting environments. I lead vendor risk programs, coordinate SOC 2 and ISO 27001 attestations, and improve audit readiness through policy development and process automation.

I drive privacy and third‑party risk assessments, support FedRAMP and HITRUST readiness, and reduce vulnerabilities using tools like Drata, Archer, Qualys, and Tenable, backed by CISA and Security+ certifications.

Experience

Work history, roles, and key accomplishments

Duke Energy logoDE
Current

GRC / Third-Party Risk Analyst

Duke Energy

Sep 2021 - Present (4 years)

Developed and enforced enterprise-wide security and compliance policies aligned with SOC 2, ISO 27001, and NIST CSF, significantly improving audit readiness and supporting SOC 2 attestations. Managed third-party risk across vendors, led PIAs/DPIAs and DSAR processing, and drove GRC automation to reduce manual reporting effort.

SOCISO 27001NIST CSFVendor Risk ManagementPIAs DPIAsGRCDrataArcher GRCFedRAMPHITRUST
BL

IT Risk & Controls Analyst

Biopharma Informatic, LLC

Jul 2018 - Sep 2021 (3 years 2 months)

Executed ITGC and application control testing across enterprise systems, driving down audit exceptions and maintaining compliance with HIPAA, PCI DSS, and GDPR. Created and maintained SSPs per NIST SP 800-53 and FedRAMP, and supported vulnerability scanning and patch management to address critical risks.

ITGCIT Application ControlsNIST 800 53FedRAMPQualysTenablePatch Management
Deloitte logoDE

IT Compliance & Risk Analyst

Deloitte

Jun 2016 - Jul 2018 (2 years 1 month)

Performed regulatory analysis and internal audits for SOX, ISO 27001, and GDPR, maintaining risk registers and recommending mitigation strategies. Managed customer due diligence, privacy compliance reviews, and partnered with engineering on security assessments for new features.

SOXISO 27001GDPRInternal AuditPrivacy ComplianceRisk RegisterSecurity Reviews

Education

Degrees, certifications, and relevant coursework

Babcock University logoBU

Babcock University

Bachelor of Science, Economics

Bachelor of Science in Economics from Babcock University, completed in 2010.

Tech stack

Software and tools used professionally

Splunk logo

Splunk

Qualys logo

Qualys

ServiceNow logo

ServiceNow

Availability

Open to opportunities

Location

United States

Authorized to work in

United States

Job categories

Governance And Compliance SpecialistRisk AnalystCompliance AnalystPrivacy Support SpecialistSecurity AnalystAudit SpecialistVendor Relationship ManagerRisk ManagerCorporate Governance SpecialistSenior Compliance SpecialistRegulatory Compliance SpecialistCompliance SpecialistGlobal Compliance SpecialistRisk Compliance Analyst

Skills

Governance Risk & ComplianceSOCHIPAAHITRUSTGDPRCCPAPCI DSSFedRAMPISO 27001Enterprise Risk ManagementThird Party Risk ManagementPIAs DPIAsVulnerability ManagementRisk ScoringPolicy DevelopmentContinuous Control MonitoringIncident ResponsePrivacy ManagementDrataArcher GRCSplunkQualysTenableServiceNowSAP GRC Access ControlsData Subject RequestsITGCVulnerability TestingPatch Management

Interested in hiring Olu?

You can contact Olu and 90k+ other talented remote workers on Himalayas.

Message Olu

People also viewed

View all talent

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan
Olu Kazeem - GRC / Third-Party Risk Analyst - Duke Energy | Himalayas