Submitting more applications increases your chances of landing a job.

Here’s how busy the average job seeker was last month:

Opportunities viewed

Applications submitted

Keep exploring and applying to maximize your chances!

Looking for employers with a proven track record of hiring women?

Click here to explore opportunities now!
We Value Your Feedback

You are invited to participate in a survey designed to help researchers understand how best to match workers to the types of jobs they are searching for

Would You Be Likely to Participate?

If selected, we will contact you via email with further instructions and details about your participation.

You will receive a $7 payout for answering the survey.


User unblocked successfully
Taiwo Johnson, Independent GRC Consultant

Taiwo Johnson

Independent GRC Consultant·Self-Employed

Nigeria

Bachelor's degree, Statistics

Work experience

Total years of experience: 9 years, 7 months

Independent GRC Consultant

January 2026 - Present

Self-Employed

Lagos, Nigeria Remote

January 2026 - Present

Providing advisory and implementation support to scaling organizations on GRC program design, ISO 27001 readiness, and GDPR compliance operations.

• Advising 3+ client organizations on risk register design, control frameworks, and audit preparation aligned to ISO 27001 and NIST CSF; reducing average time-to-certification readiness by 6 weeks per engagement.

• Conducting ISO 27001 and NIST CSF compliance gap assessments; mapping control deficiencies to phased remediation roadmaps with prioritized owner actions.

• Supporting GDPR operations across 2 client engagements including data mapping, DPIA facilitation, and Article 30 records of processing activities.

• Supporting clients on SOC 2 readiness and control gap analysis covering 40+ Trust Service Criteria controls

Company industry:
Business Consultancy Services

GRC Analyst

January 2025 - January 2026

VAI - Victor Akinode Initiatives

Toronto, Canada Remote

January 2025 - January 2026

• Spearheaded comprehensive GRC implementation adhering to ISO 27001, NIST CSF, and GDPR standards, enhancing organizational compliance.

• Executed detailed risk assessments and control mapping for over 50 business processes, identifying vulnerabilities and strengthening security posture.

• Developed robust governance workflows and accountability frameworks, producing audit-ready documentation that facilitated seamless third-party audits.

• Instituted effective control testing protocols and evidence collection methodologies, ensuring operational readiness and continuous compliance monitoring.

Company industry:
IT Services

Compliance & Risk Analyst

January 2024 - January 2026

Confidential Fintech Client

Manitoba, Canada Remote

January 2024 - January 2026

Led enterprise compliance transformation covering ISO 27001, PCI-DSS, and GDPR across governance, information security,
and third-party risk. Delivered zero audit findings across all certification cycles.
• Managed 200+ operational controls spanning governance, information security, and regulatory domains across all
business units
• Produced quarterly board governance reports that directly informed capital project prioritization, contributing to $2M
in annual cost savings
• Embedded compliance processes into daily operations, reducing issue resolution time by 40% organization-wide
• Managed third-party risk program for 15+ strategic vendors; renegotiated contract terms reducing estimated
contractual liability exposure by 30%
• Designed control testing procedures that reduced repeat audit findings by 40%
• Coordinated annual audits; maintained 100% on-time findings closure with zero overdue items
• Established enterprise risk assessment methodology across 50+ critical business processes
• Conducted DPIAs and maintained records of processing activities in line with GDPR Article 30 requirements
Tools: ServiceNow GRC/IRM, Vanta, Secureframe, Drata, OneTrust
◦ Frameworks: ISO 27001, PCI-DSS, GDPR

Company industry:
IT Services
Job role:
Information Technology

GRC Compliance Consultant

January 2024 - January 2025

Payshere (Fintech / Payments Client)

Lagos, Nigeria Hybrid

January 2024 - January 2025

• Spearheaded the design and implementation of a comprehensive GRC program across five key frameworks: ISO 27001, PCI-DSS v4.0, GDPR, NDPR, and NIST CSF, focusing on risk assessment, policy development, internal audit readiness, and compliance monitoring.
• Executed thorough enterprise risk assessments, pinpointing threats and vulnerabilities while assessing their likelihood and impact, leading to informed treatment decisions and an up-to-date risk register across all control domains.
• Formulated and critically reviewed information security policies, ensuring alignment with regulatory requirements and best practices to enhance organizational compliance and security posture.

Company industry:
Business Process Outsourcing (BPO)
Job role:
Information Technology

GRC Analyst

January 2024 - January 2025

VAI

Toronto, Canada Remote

January 2024 - January 2025

Concurrent contract alongside primary role. Built ISO 27001 compliance program from scratch, aligned to NIST CSF and GDPR, achieving full operational readiness 2 months ahead of an 8-month planned schedule.

• Conducted enterprise risk assessments across 35+ critical business processes within SaaS product and engineering functions using NIST RMF; prioritized remediation by risk severity.

• Mapped 150+ controls to ISO 27001 Annex A requirements; delivered clean mapping audit with zero deficiencies.

• Achieved 100% control documentation completion ahead of certification audit.

• Delivered full operational readiness in 6 months against a planned 8-month timeline
Tools: ServiceNow GRC ◦ ISO 27001, NIST GDPR

Company industry:
IT Services

Risk & Compliance Analyst

January 2020 - October 2024

Adejumo Agro Limited

Idiroko, Nigeria

January 2020 - October 2024

• Developed and managed comprehensive risk registers encompassing regulatory, operational, and information security risks, directly informing senior governance and management reviews over four years.
• Created and maintained audit-ready compliance documentation to facilitate internal audits, regulatory inspections, and compliance assessments, ensuring adherence to industry standards.
• Analyzed compliance incidents and control failures, executing thorough root-cause analysis and implementing corrective and preventive measures, achieving verified closure on identified issues.
• Collaborated with cross-functional teams to enhance risk management frameworks and compliance strategies, contributing to a robust governance, risk, and compliance (GRC) environment.

Company industry:
Agriculture & Crop Production

GRC & Operational Risk Specialist

January 2020 - October 2024

Adejumo Agro Group

Idiroko, Nigeria

January 2020 - October 2024

• Multi-site agricultural operation: 3 farms, 2 operational sites, 1 central warehouse, 27 employees, 20-50 active vendors Dual mandate leading GRC and compliance functions alongside operational oversight. Responsible for enterprise risk register management, certification readiness, incident management, vendor risk, and supply chain resilience across a multi-site agricultural enterprise operating under GRC and compliance governance standards.

• Designed and maintained enterprise risk registers covering operational, supply chain, vendor, compliance, and business continuity risks across 8 categories; achieved first-submission certification success with zero documentation rejections.

• Led incident investigations and root-cause analyses; preventive controls reduced incident recurrence and annual incident costs by 35% (from ₦2M to ₦950k annually).

• Managed vendor ecosystem of 20-50 active suppliers; implemented vendor risk scoring and quarterly performance reviews reducing third-party exposure.

• Coordinated annual compliance audits; delivered 100% of required evidence ahead of deadlines across two audit cycles.

• Developed and delivered compliance training across 12+ topics; achieved 90% post-training pass rate and reduced compliance-related operational issues by 25%.

• Strengthened supply chain resilience across logistics, procurement, and vendor management processes through operational risk controls Frameworks: ISO 27001, PCI-DSS, ISO 31000, NIST RMF.

Company industry:
Agriculture & Crop Production

Regulatory & Compliance Risk Analyst

January 2018 - January 2019

Jiset Limited

Lagos, Nigeria Hybrid

January 2018 - January 2019

• Collaborated with cross-functional teams to navigate regulatory enforcement actions, identifying incident patterns and systemic control weaknesses.
• Developed and executed validation controls and compliance frameworks, enhancing overall inspection readiness and risk mitigation.
• Streamlined compliance documentation processes, fostering proactive stakeholder engagement to minimize regulatory enforcement challenges.
• Leveraged analytical skills to assess compliance risks, ensuring alignment with industry standards and best practices in governance, risk, and compliance (GRC).
• Championed initiatives to promote a culture of compliance and security awareness across the organization, contributing to improved information security posture.

Company industry:
Industrial Production

Regulatory Compliance Officer

January 2018 - January 2019

Jiset Limited

Ibadan, Nigeria Hybrid

January 2018 - January 2019

• Regulatory compliance role focused on inspection readiness and compliance infrastructure.

• Led the organizations first compliance tracking build and delivered zero violations on regulatory inspection.

• Implemented validation controls and inspection-readiness procedures; achieved zero violations on regulatory authority inspection and earned a 6-month compliance extension versus the standard 3-month review cycle.

• Established monthly compliance reporting cadence to regulatory authorities, reducing communication friction and improving transparency.

• Built automated regulatory compliance tracking systems, achieving a 100% on-time filing rate

Company industry:
Chemicals Manufacture

Operational & Financial Risk Consultant

January 2016 - January 2018

Independent / Freelance

Lagos, Nigeria Remote

January 2016 - January 2018

• Delivered comprehensive risk analysis to organizations navigating operational uncertainties and financial vulnerabilities.

• Leveraged historical data to pinpoint critical risk drivers, enhancing the understanding of potential threats.

• Collaborated with cross-functional teams to implement risk-informed controls, improving overall organizational resilience.

• Developed actionable insights that contributed to informed decision-making and strategic planning.

• Fostered a culture of compliance by aligning risk management practices with industry standards and regulatory requirements.

• Enhanced information security posture through effective risk assessment methodologies, ensuring robust protection against potential breaches.

Company industry:
IT Services

Education

University of Ilorin

April 2016

April 2016

Bachelor's degree, Statistics

Nigeria

GPA (point): 2.64 out of 4

GPA (point): 2.64 out of 4

Completed a final year project on regression modeling for agricultural yield prediction. Active member of the Statistics Students Association, organizing peer tutorials and workshops. Developed strong skills in SPSS, R, and Python for data analysis.

Skills

CYBER GOVERNANCE
Intermediate
CYBER GOVERNANCE
Intermediate
ENTERPRISE RISK MANAGEMENT ERM
Intermediate
ENTERPRISE RISK MANAGEMENT ERM
Intermediate
COMPLIANCE MANAGEMENT
Intermediate
COMPLIANCE MANAGEMENT
Intermediate
ISO IEC 27001
Intermediate
ISO IEC 27001
Intermediate
OPERATIONALIZING AI
Intermediate
OPERATIONALIZING AI
Intermediate
OPERATIONS
Intermediate
OPERATIONS
Intermediate
THIRD PARTY RISK MANAGEMENT
Intermediate
THIRD PARTY RISK MANAGEMENT
Intermediate
COMPLIANCE REPORTING
Intermediate
COMPLIANCE REPORTING
Intermediate
CYBER SECURITY
Intermediate
CYBER SECURITY
Intermediate
GENERAL DATA PROTECTION REGULATION GDPR
Intermediate
GENERAL DATA PROTECTION REGULATION GDPR
Intermediate
GOVERNANCE RISK MANAGEMENT AND COMPLIANCE
Intermediate
GOVERNANCE RISK MANAGEMENT AND COMPLIANCE
Intermediate
INTERNAL AUDITING
Intermediate
INTERNAL AUDITING
Intermediate
LEADERSHIP
Intermediate
LEADERSHIP
Intermediate
NIST 800
Intermediate
NIST 800
Intermediate
PAYMENT CARD INDUSTRY PCI DATA SECURITY STANDARDS
Intermediate
PAYMENT CARD INDUSTRY PCI DATA SECURITY STANDARDS
Intermediate
POLICY DEVELOPMENT
Intermediate
POLICY DEVELOPMENT
Intermediate
RISK ANALYSIS
Intermediate
RISK ANALYSIS
Intermediate

Social profiles

Languages

English

Expert

French

Beginner

Arabic

Beginner

Training and Certifications

Certifications
SSCP — ISC2
Currently
The Certified Cybersecurity Educator Professional (CCEP)
Six Sigma Yellow Belt
GDPR for Healthcare
Certified in Cybersecurity (CC) — ISC2
ServiceNow GRC IRM
ServiceNow
Introduction to Offensive Security with AI —
Foundations of Log Analysis for Cyber Defense —
GDPR for Healthcare — CPD-Accredited
Six Sigma Yellow Belt — AIGPE
Certified in Cybersecurity (CC)

Hobbies and interests

Auto Racing
Movie And Movie Memorabilia Collecting
Soccer

Secured victory in a prestigious tournament, showcasing exceptional strategic prowess and teamwork.