Summary

Overview

Work History

Education

Skills

Websites

Certification

Timeline

Jedidiah Jimoh

Bowie

Summary

Seasoned IT professional with over 5 years of experience specializing in risk assessments, security policy development, and aligning organizations with critical standards such as ISO 27001, NIST CSF, HITRUST, HIPAA, PCI DSS, and GDPR. Proven track record in leading initiatives to create and deliver engaging security awareness and training programs tailored to various roles, significantly improving compliance and reducing organizational risk. Strong commitment to achieving core objectives of confidentiality, integrity, and availability (CIA) drives efforts to enhance security awareness within organizations and strengthen overall security posture.

Overview

years of professional experience

Certification

Work History

IT INTERNAL Auditor

Kaiser Permanente

05.2023 - Current

Perform comprehensive gap analyses to assess whether Kaiser Permanente has implemented appropriate administrative, technical, and physical safeguards, ensuring data, network infrastructure, and systems are protected from unauthorized access and breaches.
Lead and facilitate risk assessments on identified vulnerabilities within IT systems, collaborating with stakeholders to analyze root causes and develop corrective action plans, which are clearly documented and communicated to risk owners.
Ensure ongoing compliance with industry standards and regulatory frameworks such as HIPAA, SOC 2, and HITRUST, by validating controls, monitoring adherence, and maintaining traceability of findings and remediation efforts.
Review and audit enterprise IT systems, applications, and operational processes to verify effectiveness, efficiency, and alignment with policies and compliance requirements.
Evaluate infrastructure readiness to support business continuity and disaster recovery objectives, identifying potential risks or gaps in resilience.
Conduct vulnerability assessments using tools and manual techniques to identify misconfigurations, weaknesses, and outdated systems, and deliver risk-based findings for remediation.
Confirm timely deployment of software updates and security patches and monitor development practices to ensure secure coding and adherence to the secure software development lifecycle (SDLC).
Validate the accuracy, consistency, and integrity of data across IT systems, ensuring reliable information handling and appropriate access controls.
Present audit findings to leadership, clearly communicating risks, control gaps, and recommended remediation strategies that support a stronger compliance and security posture.
Identify and classify security issues and compliance failures, perform root cause analysis, and recommend specific, achievable corrective actions or mitigation.
Conduct follow-up audits and remediation validations to ensure previous audit recommendations have been effectively implemented, and associated risks addressed.
Develop audit plans with defined scope, risks, control objectives, and methodologies, supporting structured and repeatable audit engagements.
Maintain thorough audit documentation, including testing results, evidence, and control assessments to support transparency, audit readiness and external assessments.

GRC Analyst

Ares Management Corporation

03.2020 - 02.2023

Ensured the organization adhered to applicable laws, regulations, and standards such as NIST, ISO 27001, and internal policies related to information security and data protection.
Assisted in developing and reviewing governance, risk, and compliance (GRC) security policies by conducting control mapping, gap analyses, and risk documentation reviews.
Performed risk assessments to identify, analyze, and mitigate risks impacting the organization’s information security and operations.
Tracked risk and compliance metrics and generated reports for senior leadership and audit stakeholders.
Support audit processes by scheduling meetings, collecting audit evidence, and reviewing documentation for accuracy before submission to auditors.
Addressed audit findings by developing Corrective Action Plans (CAPS) and monitoring their implementation to closure.
Maintained audit readiness by organizing control documentation and evidence in alignment with compliance requirements.
Led or supported phishing simulation campaigns and security awareness initiatives, improving employee response and reducing click rates.
Assisted with third-party risk assessments and conducted vendor due diligence to evaluate external security risks.
Created and maintained security policies, standards, and procedures to support the organization’s compliance framework and ensure alignment with regulatory and business objectives.
REMOTE

Education

Bachelor’s degree - accounting

Nile University

07.2018

Skills

Compliance Frameworks: ISO 27001, NIST-CSF, HITRUST, HIPAA, PCI-DSS and GDPR
Tools: Splunk, Service Now, SQL, Python, JIRA, Power BI, Okta, Logic Gate, SharePoint, Microsoft 365, RSA Archer
Problem Solving
Analytical Thinking

Collaboration & Teamwork
Communication
Adaptability & Continuous Learning

Websites

https://www.linkedin.com/in/jedidiah-jimoh-a6b7151b6/

Certification

CompTIA Security+
Certified Information Systems Auditor (In progress)

Timeline

IT INTERNAL Auditor

Kaiser Permanente

05.2023 - Current

GRC Analyst

Ares Management Corporation

03.2020 - 02.2023

Bachelor’s degree - accounting

Nile University

Jedidiah Jimoh

Summary

Overview

Work History

IT INTERNAL Auditor

GRC Analyst

Education

Bachelor’s degree - accounting

Skills

Websites

Certification

Timeline

IT INTERNAL Auditor

GRC Analyst

Bachelor’s degree - accounting

Similar Profiles

Marie A. StevensonMarie A. Stevenson

Edith NagunaEdith Naguna

MICHAEL NAVAMICHAEL NAVA

Diana IovescuDiana Iovescu

Adama Bah PharrAdama Bah Pharr