Summary
Overview
Work History
Education
Skills
Tools and Frameworks
Timeline
41

Boluwatife Olu-Ashake

Ikeja, Lagos

Summary

Governance, Risk & Compliance (GRC) Analyst with a legal background and track record of supporting compliance-driven organizations. Experienced in developing clear, audit-ready documentation aligned with SOC 2, ISO 27001, and other regulatory frameworks. Proficient in policy drafting, control mapping, and vendor risk assessments, with a talent for translating complex technical and security concepts into accessible, actionable content. Committed to integrating compliance into everyday operations to enable scalable and sustainable growth.

Overview

3
3
years of professional experience

Work History

Documentation Manager

Comet ML
04.2022 - 05.2024
  • Developed and implemented comprehensive risk management frameworks resulting in 30% reduction in compliance violations
  • Authored internal documentation supporting SOC 2 and GDPR compliance efforts.
  • Collaborated with cross-functional teams to create security-related documentation, including access management protocols and incident response workflows.
  • Integrated Git-based documentation into product release cycles, ensuring traceability for audits.
  • Designed documentation to align with risk mitigation procedures and internal controls.

Cybersecurity Technical Writer

W.Alley
May 2020 - 02.2022
  • Authored and maintained policies and procedures, contributing to 15% improvement in audit scores.
  • Collaborated with subject matter experts to develop accurate and comprehensive security documents for various projects.
  • Spearheaded the creation of an internal knowledge base containing essential cybersecurity information, fostering self-sufficiency among team members.
  • Supported incident response teams with clear and concise post-mortem reports, enabling efficient mitigation strategies implementation.
  • Created knowledge bases, user guides, and internal documentation aligned with PCI DSS and ISO 27001.

Education

LL.B - Law

University of Lagos
Lagos
09-2021

Certified in Cybersecurity (CC) - Cybersecurity And Compliance

ISC2

ISO/IEC 27001:2022 Information Security Associate - Cybersecurity

Skill Front

Certificate - Cybersecurity

Cisco Networking Academy

Skills

  • Policy and procedure writing
  • Control mapping and matrix creation
  • Compliance playbook development
  • Internal audit preparation and processes
  • Incident response documentation
  • Regulatory compliance analysis
  • Risk quantification
  • Threat modeling

Tools and Frameworks

GRC Platforms:
ServiceNow GRC, AuditBoard, MetricStream

Compliance Frameworks & Standards:
SOC 2 (Type I & II), ISO/IEC 27001, NIST SP 800-53, NIST CSF, HIPAA, GDPR, CCPA, COBIT, PCI DSS

Risk Management Tools:
Risk heat maps, control matrices, business impact analysis (BIA), third-party risk assessment tools

Documentation & Collaboration:
Confluence, JIRA, Microsoft Office Suite (Excel, Word, PowerPoint), Google Workspace, SharePoint

Security & IT Tools (Familiarity):
Splunk, AWS IAM, Azure Security Center

Timeline

Documentation Manager

Comet ML
04.2022 - 05.2024

Cybersecurity Technical Writer

W.Alley
May 2020 - 02.2022

LL.B - Law

University of Lagos

Certified in Cybersecurity (CC) - Cybersecurity And Compliance

ISC2

ISO/IEC 27001:2022 Information Security Associate - Cybersecurity

Skill Front

Certificate - Cybersecurity

Cisco Networking Academy
Boluwatife Olu-Ashake