JIDE EYITAYO

13549 125th STREET

QUEENS, NY 11420
(347) 388-8043/917-603-5496
[email protected]
linkedin.com/in/jide-eyi
SUMMARY:
To secure a management role in Enterprise IT Governance, Data Privacy, Risk Management, and Compliance,
I have an extensive expertise of Privacy Policy Management, IT Audit and Governance with operational
excellence to achieve organizational goals
A result-driven leader with over 15 years of experience of Business Risk Analysis, IT Infrastructure
management, and Project Management, my deep understanding of various Industry frameworks and Policies
has led to my successes in defining project objectives, risk controls, resource allocation, and delivering
projects on time in cross-functional teams to achieve organizational results.

SKILLS AND COMPETENCES:

 Policy Development and Implementation: Developed and implemented policies related to data security
and privacy management, compliance, and information security. (Frameworks GDPR, CCPA, HIPAA).
 Project Management: Managed projects related to GRC program development and improvement of
model to achieve 97% compliance. (Methodology: Waterfall and Agile).
 Led large-scale infrastructure projects, overseeing planning, execution, and delivery of IT infrastructure
solutions, ensuring alignment with business objectives and technical requirements.
 Information Security: Implemented measures to protect confidential and sensitive information from
unauthorized access and disclosure. (SIEM Tools Splunk, Sumo Logic).
 Risk Assessment and Management: Conducted risk assessments and implemented risk management
strategies to mitigate potential threats and vulnerabilities. (NIST CSF, ISO 27001, MetricStream, SAI
GRC).
 Coordinated with cross-functional teams including cloud architects, network engineers, and system
administrators to implement cloud infrastructure solutions on AWS and Azure.
 Data Analysis: Analyzed data related to privacy, risk management and compliance to identify trends
and areas for improvement. (DLP, Informatica PowerCenter, Collibra Data Governance)
 Knowledge of Industry Regulations and Standards: Stayed abreast of regulatory changes and industry
standards related to privacy, risk and compliance. (OneTrust GDPR Manager, Ipro, Osano, CCPA
Compliance).
 Third-Party Vendor Management: Developed and maintained relationships with third-party vendors to
facilitate ongoing communication and collaboration regarding risk management and compliance.
(LogicManager).
 Compliance and Audit: Ensured compliance with industry regulations and company policies through
regular audits and reviews. (Microsoft SharePoint, ArcSight, Splunk, Netwrix Auditor).
 Led cloud migration projects to AWS, ensuring seamless transitions of on-premises infrastructure to the
cloud while optimizing for cost efficiency, security, and scalability.
 Analytical Thinking: Analyzed data related to risk management and compliance to identify trends and
areas for improvement.
 Communication and Collaboration: Communicated effectively with internal and external stakeholders
and collaborated with cross-functional teams to achieve common goals.
 Problem Solving: Identified and addressed issues related to risk management and compliance of
industry standard.
 Critical Thinking: Evaluated complex situations and made decisions based on sound reasoning and
critical thinking.
 Interpersonal Skills: Built and maintained positive relationships with internal and external stakeholders.
 Adaptability and Flexibility: Adapted to changes in GRC programs and responded to new challenges
and opportunities as they arose.
 Time Management: Managed time effectively to ensure deadlines were met and priorities were
balanced.
 Contract Review and Negotiation: Reviewed and negotiated contracts with third-party vendors to
ensure that they meet company standards for risk management and compliance.
 Attention to Detail: Maintained accurate and up-to-date documentation related to risk management and
compliance.
  Incident Response: Participated in incident response activities related to risk management and
compliance, including conducting root cause analyses and implementing corrective actions.
 Continuous Improvement: Identified opportunities for improvement in GRC programs and implemented
changes to achieve better outcomes.
 Training and Education: Provided training and education to internal stakeholders on risk management
and compliance.
 Teamwork and Leadership: Worked effectively as a team member and provided leadership to achieve
common goals.
 Stakeholder Management: Managed stakeholder expectations and addressed their concerns related to
risk management and compliance. (Slack, Microsoft Teams, Trello, Jira, Kanban)
 Change Management: Managed change effectively and communicated changes to stakeholders in a
clear and concise manner. (Microsoft Project, Archer, Power BI)
 Business Acumen: Understood the business context and applied GRC strategies to support the
company's goals and objectives.
 Decision Making: Made informed and data-driven decisions related to privacy, risk management and
compliance.
 Strategic Planning: Developed and implemented strategic plans related to GRC programs to achieve
long-term success.

CERTIFICATION:
PMP Credential # 3389825 PMI-RMP Credential # 3394080
AIGP, FIP, CIPP/E, CIPM:
International Scrum Institute: Scrum Master: - 63235207449644
CISA #232060263, CRISC #232060441, CISM #232060262, CGEIT #232067419

EDUCATION: University of Lagos, BA Eco.

EXPERIENCE:

MTA, New York June 2021 – Oct 2024

Program Manager
Project: Fleet Optimization and Ridership policy
Business Case: Developed a Business Case for acquired solution and controls.

 Conducted incident response and crisis management: As GRC Project Manager I was responsible for
managing and responding to compliance and risk management incidents, including developing incident
response plans, conducting investigations and implementing corrective actions.
 Serves as team captain representing Lead in administrative affairs, IT service meetings, Azure cloud
requests, and coordinating with core team members on functional requirements.
 Subject Matter Expert to Financial Services involving Vendor Risk and Cybersecurity.
 Architected AWS-based solutions using services such as EC2, S3, Lambda, RDS, and VPC to build
secure, high-availability cloud infrastructures
 Developed and executed detailed project plans, milestones, and timelines to ensure timely delivery of
infrastructure projects in alignment with business goals.
 Reported Compliance and regulatory: As GRC project and delivery manager I was responsible for
preparing and submitting various compliance and regulatory reports, such as annual reports, audit
reports, and compliance certifications. I was also needed to ensure that the organization is adhering to
all its reporting obligations, and that all necessary information is accurate and complete. Manage teams
working specifically on consolidation of all controls for SOX, SOC1, SOC2 financial systems into a
single Common Control Framework consisting of two different entities as well as integrating their
Governance, Risk, and compliance data into a single platform via RSA Archer. Ensured alignment and
implementation with Enterprise Risk Management (ERM) framework NIST RMF.
 Created and managed detailed project roadmaps in Jira, aligning them with business goals and
ensuring alignment across all project stakeholders.
 Managed vendors and third-party relationship: As a GRC Project Manager I was responsible for
managing these relationships to ensure that vendors comply with the organization's GRC policies and
procedures on third party policies agreement which includes performing vendor risk assessments,
monitoring vendor performance and implementing corrective actions for all necessary controls.
 Developed risk maps and gap analysis reports to identify areas of weakness and provided actionable
recommendations for risk mitigation with TrustMApp.
 Implemented best practices for project management, leveraging Agile and Waterfall methodologies to
deliver high-quality infrastructure solutions.
 Educated and trained employees: Conducted periodic risk assessments and instituted controls to
mitigate identified risks while continuously monitored and evaluated risk indicators to detect and
respond promptly to potential threats which was used to educate and trained employees on the
significance of risk management and the adherence to GRC policies and procedures.
 Engaged Stakeholder: Compiled and maintained an exhaustive risk register to prioritize and track risk
management efforts in delivering regular reports and updates to management to communicate risk
status and progress effectively to the business units and stakeholder in both formal and informal
briefing sessions, memos, presentations and teleconferences. . Worked with and prepared Staples.com
International for their RoC in Q4 2015 /Q1 2016. Completed end to end implementation of RSA Archer
with GRC components.
 Utilized AWS, Azure, and other cloud technologies to design and deploy scalable, secure, and cost-
efficient cloud infrastructure solutions across multiple regions.
 Change Management: Managed the project with the skill set of change management to planned,
executed and monitored the projects using project management methodologies and tools i.e. Agile and
waterfall principles and industry best practices, including stakeholder analysis, resistance management,
and communication planning in changing circumstances and adjustments as needed to meet project
goals and objectives.
 Optimized AWS infrastructure costs by analyzing usage patterns and leveraging reserved instances,
auto-scaling, and cost management tools.
 ServiceNow: Developed a detailed plan for the implementation of ServiceNow to manage GRC tasks
which includes compliance management, IRM solution, VRM solution to ensure it continues to meet the
changing needs of the organization and its vendors risk and relevant modules, customization of
workflows, and integration with other systems as needed and required.

AT&T, Atlanta, GA October 2015 – May 2021

Business Compliance Program Manager/ Risk Analyst
Project 1: Replacement of the billing system (CARE)

 Risk Culture Awareness: Promoted a risk-aware culture within the organization by raising awareness
and providing training and education on compliance and risk management, worked closely with
business units to understand their risk management needs while gathering business unit risk
management data for business and use cases.
 Business Continuity Management: Ensured the organization had the necessary plans and processes in
place to minimize disruption in the event of a crisis keeping abreast of changes in regulations,
standards, and best practices in GRC and risk management to ensure the organization's approach is
current and effective.
 Collaborated with senior management to develop strategic plans for infrastructure upgrades, capacity
planning, and cloud migrations.
 Business Unit Risk Management Solutions: Collaborated with business units and deliver custom-
tailored risk management solutions by using tools such as Microsoft Excel questionnaire, Archer, RSA
to verify and deliver evidence of the organization's compliance with relevant regulations, standards, and
company policies. Verifying and Delivering compliance and noncompliance evidence to the
management.
 Created Policy and Procedure Management with ServiceNow's policy and procedure management
capabilities allowing us to create, manage, and enforce policies and procedures across the company.
 Identified the scope and objectives of the implementation. This includes analyzing the current risk
management processes, identifying gaps and inefficiencies, and determining the desired outcomes of
the iRM implementation.
 Define cloud network architecture using Azure virtual networks, VPN, and express route to establish
connectivity between on premise and cloud.
 Identified the scope and objectives of the implementations. This includes analyzing the current vendor
risk management processes, identified the gaps and inefficiencies, and determining the desired
outcomes of the VRM implementation.
 Project 2
 Designing and Implementing GRC Framework: Created, Designed and implemented a robust
Governance, Risk Management, and Compliance (GRC) framework utilizing industry-standard tools
such as Archer, RSA, advised on modified service policy data based on service needs from each billing
group by gathering data of customers service plans based on billing needs and controls which was part
of the auditing.
 Analytical skills: Defined the use of change management tools to lead cross-functional teams, manage
stakeholder relationships, and effectively manage project timelines and budgets, in adapting to changes
in circumstances and make adjustments as needed to meet project goals and objectives
 Access Control Policy: Redefined the controls of policy process for granting and revoking access to the
organization's resources, such as systems, networks, and applications outlining the risks associated
with this policy process include unauthorized access, abuse of privileges and security breaches, the
measures the organization should take to ensure the continuation of critical business functions in the
event of a disaster or disruption and risks associated with this policy include downtime, data loss, and
the potential for financial losses.
 Managed project budgets and financial forecasts, ensuring that infrastructure initiatives were delivered
within budget and that financial risks were proactively addressed.
 Acceptable Use Policy (AUP): Reinvented the Use policy of company assets, outlining the acceptable
behavior for using an organization's information technology resources, such as computers, networks,
software email, and internet access, spelling out all prohibited activities such as such as unauthorized
access to the network, hacking, spamming, and spreading viruses and encouraged users to report any
suspicious activity or violations of the privacy policy that may compromise the CIA triad i.e. prohibited
activities using NIST 800-53 framework and description of the consequences of non-compliance,
including disciplinary action, termination of access to technology resources, and possible legal action.
 Managed cloud architecture, design and implementation plans for hosting complex application
workloads on MS Azure.
 ServiceNow as a GRC tool, organizations can improve the efficiency and effectiveness of their GRC
processes, reduce risks from both employees and third parties, and ensure compliance with relevant
laws, regulations, and policies.

FXCM, New York June 2011 – October 2015

Business Analyst/Project Manager
Project: Implementation new Trading Platform System

 Requirement Gathering: interviewed stakeholders to gather the required data to create the documented
workflow processes used in collecting data of daily trades and activities in identifying trends that fits the
objectives and goals of the process analysis.
 Data Analysis: Collected data to create the use cases reports to sort the inefficiencies mapped
processes and proposed process improvements to vendors and business owners.
 Analysing Workflow: Created process maps and flow chats using MS Visio to visually represent the
current process and mapping it to the new proposed processes of the new trading platform abilities,
outlining the responsibilities and roles of actions involved in understanding the working relationships.
 Project and Delivery Management: Developed the project plans and scopes while coordinating with
other teams and the offshore developer using MS project and MS excel to collect visual data and
manage the milestones of the project, resolving conflicts with business units to overcome requirements
gaps with feasible solutions.
 JAD: Successfully led Joint Application Development (JAD) sessions and workshops to gather
requirements and drive project forward with in-depth analysis of business processes, including GAP
analysis and workflows, to ensure alignment with business needs and regulative controls with clear and
effective workflow diagrams, working using TrustMApp closely with stakeholders and the board to reach
consensus.
 Developed (SOW) Statement of Works, (WBS) Work Breakdown Structure and Gantt Chart in
managing multiple projects and ensured compliance with policies, procedures and regulatory
requirements and strategies on implementation plans based on thorough research and input from
stakeholders as regards to the project.
 Operations Management: Documented detailed analysis of end-to-end business processes, action
items, issues and ensured information is accurate and complete.
MF Global (Platform Redesign), New York June 2009 – July
2011
Business Analyst
Project: Implementation of Trading system and the use of automate tracking processes of workflows including
Performance & Compensation Management.
 Conducted kick off meeting with the project team/stakeholders to provide overview of the project and
their key deliverables.
 Created workflow diagrams to support the process agreed to by the stakeholders.
 Organized Business Process Mapping (BPM) sessions with stakeholders including HR and
development teams.
 Responsible for gathering and defining business requirements as well as translating those
requirements into functional requirements.
 Coordinated weekly updates of the project team regarding the progress of the projects.
 Created detailed data dictionary and managed the document repository (Shared Drive) for my team.
 Gathered requirements on Insurance Industry licensing and company assets management and
implemented in UltiPro.
 Created Requirements Plan document for Phase II of the assets system as a guideline to managing
documents and obtaining signoffs.
 Analysed business processes/requests and produced detailed system requirements to proceed with
development of the solution.
 Created, defined and updated the security roles and access rights for the asset management system.
 Ensured regular flow of information between the entire project team and vendor by means of formal and
informal briefing sessions, memos, presentations and teleconferences.
 Managed the UAT verification phase and ensured that all functionalities are tested and defects/bug are
fixed.
 Measured standards by understanding of Key Performance Indicator (KPI) analysis and performance
measurement.
 Reviewed user acceptance test strategies to ensure the planned testing is comprehensive and
consistent with the business requirements.
 Supported user acceptance testing by analyzing problem logs as required to provide clarification of
defined business requirements to be resolved before implementation.
 Ensured a successful implementation for each assigned off project by contributing to the system and
user implementation strategies participating in problem resolution post-implementation; and
transitioning support of the application.


JP Morgan, New York Dec 2007 – June

2009
Business Analyst/Project lead
Project 1: Implementation of software Applicant Tracking System (ATS) used to automate all processes and
workflows.

 Conducting kick off meeting with the project team/stakeholders to provide overview of the project and
their key deliverables.
 Defined the integration of the Applicant tracking System with Horizon (HRIS) system for Scotiabank’s
internal application process.
 Defined data mapping spreadsheets for data exchange between the two systems.
 Organized Business Process Mapping (BPM) sessions for the Internal process with stakeholders
including product Managers.
 Responsible for gathering and defining business requirements as well as translating those
requirements into a solution requirement.
 Providing weekly update to management regarding the progress and milestones of my projects.
 Created detailed data dictionary (DD) and managed the document repository (SharePoint) for my team.
 Created Requirements Plan document for Phase two of the Applicant Tracking System as a guideline
to managing documents and obtaining signoffs.
 Communicated with vendors on the Search Engine Optimization portal.
 Took the lead in obtaining executive approval for initiatives by documenting business case documents
and marketing the benefits.
  Analysed business processes and requests in producing detailed system requirements to proceed with
technical design and development of the solution.
 Participated with the vendors and the development team in the definition of user interface design
specifications (the user’s interactive experience) ensuring a valuable and consistent experience for the
job applicant.
 Monitored and reviewed usability, design and functionality during the prototype phase and the
development phase.
 Reengineered business process work flows as required to support the introduction of the new solutions
on the ATS which are then agreed to by business/initiative sponsors.
 Ensured regular flow of information between the entire project team by means of M.S SharePoint for
document library and collaboration, M.S outlook, formal and informal briefings sessions, memos,
presentations and teleconferences.
 Managing the UAT verification phase and ensuring that all in-scope items are tested, and
variances/defects are fixed.
 Reviewed user acceptance test strategies to ensure the planned testing is comprehensive and
consistent with the business requirements. Support user acceptance testing by analyzing problem logs
as required to: provided clarification of business requirements and defined which problems needed to
be resolved for implementation.
 Ensured a successful implementation for each assigned project by contributing to the system and user
implementation strategies; participating in problem resolution post-implementation; and transitioning
support of the application to the Talent Acquisition Team support group.

JP Morgan, New York Mar 2007 – Dec 2007

Technical Business Analyst
Project 1: Integration of New System
 Document detailed software requirements specifications.
 Liaise with the developers and the QA team.
 Defined data mapping spreadsheets and Schema requirements for data exchange between the two
systems.
 Created and managed use cases, process flows and functional specification requirements for the
effective integration of the data.
 Conducted data mapping of the various fields that the data is being integrated to and from.
 Ensured regular flow of information between the entire project team by means of M.S SharePoint for
document library and collaboration, M.S outlook, formal and informal briefings sessions, memos,
presentations and teleconferences.
 Prepared and regularly updated information on the SRS, obtained stakeholder signoff on the SRS.
 Wrote user stories on workflow and approval groups.
 Created Use Cases for new process/workflow on DevOps and Production systems
 Assisted the development team, QA team, to monitor and test that the application performed up to
specification.
 Helped produced Test Cases and participated in UAT, obtained signoffs on test results, participated in
training users, and staff on new application, involved in the Project Life Cycle (PLC) and Software
Development Life Cycle (SDLC)
 Participated in sprint planning meetings and facilitated JAD sessions.
 Participated in verification and review sessions with project team and business users as required.
 Used relational Databases and the process of Extract Transform Load (ETL) using SQL in data
integration.

BT Exect (NHS Spine), New York May 2006 – Mar 2007

Technical Business Analyst
Project: Centralization of GP patience Data Process Management.
 Document detailed technical business requirements.
 Analysis and mapping of business workflows and processes.
 Reviewed web team’s end-to-end implementation processes and the existing data experience to
anticipate stakeholder needs for improvement.
 Responsible for requirement gathering and creating project artifacts, defining functionality and
stakeholder identification.
  Responsible for helping develop business case for this project mapping and helped stakeholders to
conduct feasibility studies, Cost Benefit Analysis, Strength Weakness Opportunity and Threat Analysis
(SWOT) leading to Senior Management approval for the project.
 Helped identify and create stakeholder list for proper identification and management of stakeholder
requirements.
 Helped create Matrices to track requirements from use cases to test cases and ensure that no
requirements conflicts arose.
 Gathered requirements by sending electronic questionnaires to the GP for data collections compliance.
 Ensured regular flow of information between the entire project team.
 Maintained SharePoint for document library and collaboration, formal and informal briefings sessions,
memos, presentations and teleconferences.
 Created project artifacts and deliverables like business requirement documentation and functional
requirements for stakeholder reviews, feedback and approval.
 Helped create Test Strategies, Test Plans, and Test Scripts used to correctly evaluate data system and
ensure that the solution met client expectations.

Shared Technology, New York Sep 2004 –

April 2006
Business Analyst/Benefit Analyst (SME)
Project: Implementation of a system Quotes to Underwriters IT Continuous improvement.
 Responsible for helping develop business case for this project and helped stakeholders to conduct
feasibility studies, Cost Benefit Analysis, Strength Weakness Opportunity and Threat Analysis (SWOT)
leading to Senior Management buy-in and approval for the project.
 Document detailed group insurance benefits requirements.
 lead and supported the Sr. project manager to ensure that the project remained within timelines to
avoid scope creep.
 Worked in consultation with the project team and business architects to develop artifacts as set down
within the project timelines and completed client proposals.
 Participated in verification and review sessions with project team and business users as required.

PROFESSIONAL ORGANIZATIONS CHAPTERS:

ISACA, New York
PMI, New York