Ibrahim Kehinde Alli — Associate Consultant
ABOUT IBRAHIM KEHINDE ALLI I’m a Governance, Risk & Compliance (GRC) professional with a strong IT Support/Helpdesk foundation, bridging day-to-day IT operations with security governance so controls work in the real world (not just on paper). I help organizations reduce cyber risk by translating frameworks into practical, auditable processes aligned to NIST CSF and ISO/IEC 27001. Alongside my IT Support work (Windows/macOS, networking, endpoint reliability, user access issues, troubleshooting), I’ve built a GRC portfolio program that mirrors how security teams operate in companies: policies, risk registers, control mapping, evidence plans, and third-party risk workflows. What I Deliver: • Risk assessments & risk register management (likelihood/impact scoring, treatment plans, owners, due dates, residual risk) • Control design & control testing support (what the control is, how it’s performed, how it’s measured, what evidence proves it) • Policy & procedure writing (Access Control, Incident Response, Asset Management, Change Management, Vendor) • Audit readiness (evidence collection plan, documentation structure, control-to-evidence traceability) • Third-party/vendor risk (questionnaires, access review requirements, onboarding/off-boarding, evidence requests) • Vulnerability & exposure awareness (Qualys VM concepts + security basics that connect technical findings to risk decisions) Certifications: Google Cybersecurity Professional, ISC2 CC, ISO 27001, NIST CSF, Qualys Vulnerability Management (plus additional security training). I’m currently targeting GRC Analyst / Risk & Compliance / Security Compliance / Third-Party Risk roles where I can support audits, strengthen control maturity, improve documentation, and help teams make defensible risk decisions. Keywords: GRC, cybersecurity risk, compliance, ISO 27001, NIST CSF, controls, audit readiness, evidence collection, risk assessment, risk register, policies, third-party risk, vendor risk, incident response, vulnerability management. Skills: Governance, Risk & Compliance (GRC) • Cybersecurity Risk Management • Security Compliance • ISO/IEC 27001 • NIST Cybersecurity Framework (NIST CSF) • Security Controls • Control Mapping • Controls Testing • Audit Readiness • Evidence Collection • Policy & Procedure Writing • Risk Assessments • Risk Register • Risk Treatment Plans • Third-Party Risk Management (TPRM) • Vendor Risk Management • Security Governance • Incident Response • Access Reviews • IAM • Asset Management • Change Management • Vulnerability Management • Qualys • Security Awareness
Stackforce AI infers this person is a Governance, Risk & Compliance expert in the Fintech industry.
Location: Federal Capital Territory, Nigeria
Experience: 2 yrs 5 mos
Skills
- Governance, Risk & Compliance (grc)
- Cloud Security
- Risk Management
- Security Operations
Career Highlights
- Expert in Governance, Risk & Compliance frameworks.
- Proven track record in cloud security implementations.
- Skilled in translating complex risk into actionable insights.
Work Experience
AWS Cloud Lab/Project
GRC Analyst | Cloud Risk & Identity Governance (3 mos)
PayNest (Independent Project)
GRC Analyst — PayNest FinTech Risk & Governance Program (11 mos)
PwC
Security Analyst Intern (1 yr 11 mos)
Self-employed
Active Directory using PowerShell Lab (2 yrs 2 mos)
Security Specialist (2 yrs 4 mos)
Malware Removal and SIEM Using Microsoft Sysmon with PowerShell (2 yrs 5 mos)
Cloud Engineer
Graduate (2 yrs 4 mos)
Education
Bachelor of Technology - BTech at Federal University of Technology Minna
