Toluwalope Odeku

Co-owned the ISO 27001 ISMS, maintaining the Statement of Applicability, managing the risk register, and coordinating internal audits and management reviews. Led ISO 27701 privacy governance (RoPA, lawful basis, PII obligations, PIAs/DPIAs) and ISO 42001 AI governance (policies, AI risk assessments, inventory, human oversight, and audit readiness), supporting SOC 2 evidence mapping and exceptions

Developed audit programmes and audit plans, defined scope and criteria, and led opening/closing meetings with auditees. Gathered objective evidence via interviews, observation, and document review, assessing conformity against ISO and organisational requirements.

Developed and maintained internal GRC policies, frameworks, and procedures, ensuring clear accountability structures. Performed risk identification, assessment, and prioritisation, maintained risk registers, and supported board-level reporting on risk and compliance posture.

Monitored and responded to security incidents, applied patches, and mitigated threats. Owned vulnerability management and improved application security by integrating OWASP Top 10 practices into DevOps pipelines, implementing DLP controls and conducting email threat intelligence analysis.

Designed, deployed, and managed network security infrastructure including firewalls, routers, and switches. Planned security architecture and network upgrades (LAN/WAN/VoIP/Wireless) and developed enforcement of security policies to meet PCI DSS and data privacy requirements.

Completed a Professional Diploma in Cyber Security at BAZE University.

Completed a BSc (Hons) at Samuel Adegboyega University.