Profiles search

Funso R.

Thought Leader | AI Pragmatic Ethicist | Writer | GRC+ Strategy Advisor | ISO | Powering Security Programs that reduce business risks
United States

Details

Education: Certificate

Cybersecurity

Harvard University

2021 : 2021

Master Online Teacher Certificate

E-Learning

University of Illinois

2013 : 2014

Certificate of Completion

CompTIA Security+

Career Academy

2016 : 2016

Certificate of Completion

CompTIA Networking

IT University Online

2015 : 2015

Master of Science (MS)

Psychology

Kaplan University

2010 : 2011
Experience: Responsible for global cybersecurity strategy and governance, AI Governance and Ethics initiatives, Third-Party Risk management. Manages the Enterprise Cybersecurity Trust program which assures secure development operations and product delivery enabling market expansion and revenue generation. Facilitates cybersecurity forum with third-party executive and security leadership to ensure risks are addressed promptly. Oversees enterprise controls assurance program which includes external audit and risk assessment engagements, such as HIPAA Security Risk Assessment, HITRUST, SOC2, NIST, SOX, PCI, clients’ assurance, insurance due diligence, source code analysis (DAST, SAST, Threat Modeling), web application assessment and penetration testing.

2022 : Present

Healthcare

AVP, Cybersecurity

Responsible for global information security governance, security risk operations center and business operations resiliency program. Oversees external audit and risk assessment engagements, including HIPAA Security Risk Assessment, HITRUST, SOC2, NIST, SOX, PCI, clients' assurance, insurance due diligence, source code analysis and penetration testing. Advises leadership on security direction and resource investments and supports design of appropriate policies to manage information security risk, strategy, development, delivery, and administration of an organizational information security program and corresponding functions that include risk management, vendor management, audit, cloud assurance, disaster recovery, digital forensic investigations, and incident response.

Skills : Data Privacy · Compliance Management · IT Security Assessments · Information Technology · Operational Risk Management · Information Security Management · Management · Project Management · Leadership · Cloud Assurance · Threat-adaptive Intelligence · Third-Party Assurance · Vendor Risk Management · Attack Surface Intelligence · SOC 2 · HIPAA Security Risk Assessment · Payment Card Industry Data Security Standard (PCI DSS) · Cloud Security · Information Security Awareness · Cyber Defense · Security Incident Response · Disaster Recovery · HITRUST · Information Security · Cyber Threat Intelligence (CTI) · Business Continuity

2020 : 2022

Healthcare

Information Security Officer/ Sr. Director, IT Security

Provided executive level leadership for the development and implementation of a security program that leveraged collaborations and facilitated information security governance. Responsible for the governance, policies and processes management, security strategy, security program oversight and security architecture development and implementation. Oversaw the security operations center, vulnerability management, incident response, user awareness/education, cloud security program strategy development and implementation.

2018 : 2020

Healthcare

Information Security Officer / Director IT Security

Responsible for building the security program of a leading US healthcare revenue cycle company. Established a risk-based security process that proactively mitigated threats to critical business operations. Developed a governance, risk, and compliance program that provided assurance to a high-profiled clientele, including several leading US healthcare systems. Oversaw the security operations center responsible for incident response, vulnerability management, and disaster recovery processes.

2017 : 2018

Healthcare

Manager IT Security

Responsible for governance, risk, and compliance program. Authored enterprise policies and procedures and established process assurance. Led the development of identity and access management controls which reduced program risk by 45%. Developed a risk assessment process to improve organizational security posture.

2017 : 2017

Milestone Technical Institute

Information Security Analyst
Company: Healthcare
Years of Experience: 18
Spoken Language: English, Yoruba

Skills

Artificial Intelligence (AI), Attack Surface Intelligence, Business Continuity, Business Operations Resilience, Business Process Improvement, Cloud Assurance, Cloud Assurance , Cloud Security, Compliance Management, Computer Ethics, Critical Operations Risk Management, Cyber-security, Cyber Defense, Cyber Threat Intelligence (CTI), Data Privacy, Digital Risk Operations, Disaster Recovery, Enterprise Risk Management, Generative AI, Governance, Risk, and Compliance, HIPAA Security Risk Assessment, HITRUST, Identity & Access Management (IAM), Information Security, Information Security Awareness, Information Security Management, Information Security Management System (ISMS), Information Technology, IT Security Assessments, IT Security Policies & Procedures, Large Language Models (LLM), Leadership, Management, Natural Language Processing (NLP), NIST CSF, Operational Risk Management, Payment Card Industry Data Security Standard (PCI DSS), Project Management, Prompt Engineering, Security Incident Response, Security Risk Operations Center, SOC 2, Team Building, Third-Party Assurance, Threat-adaptive Intelligence, Vendor Cyber Risk Management, Vendor Risk Management

About

With over 15 years of experience in leading and implementing cybersecurity programs, I am a HITRUST-certified and Harvard-trained information security executive who excels at reducing business risks and ensuring regulatory compliance. As the AVP of Cybersecurity in a leading US healthcare revenue cycle management company, I am responsible for the global cybersecurity strategy and governance, AI governance and ethics initiatives, third-party risk management, and enterprise cybersecurity trust program.



I have a proven track record of collaborating and contributing to interdepartmental enterprise initiatives, including vendor management, product delivery, AI implementation, data privacy, cyber liability insurance, change management, compliance, risk mitigation, technology transformation, and business continuity and disaster recovery programs. I am also a thought leader and a writer who shares my insights and perspectives on cybersecurity, AI ethics, and GRC topics through various publications and platforms.



My cybersecurity philosophy is to support business critical missions and preserve revenue by implementing risk-based thinking and data-driven policies, processes, and platforms, while leading and empowering an eclectic team of cybersecurity and risk professionals.