Funke Omolere

About Me

I lead compliance programmes across some of the most complex regulatory environments in EMEA. ISO 27001, TISAX, BSI C5, Spain ENS, ISMAP, Cyber Essentials Plus, DORA, NIS2, third party risk, privacy risk. Not checkbox exercises. Programmes that are built to scale, survive audits, and actually reduce risk. I came into this field through a non-traditional route and that has made me a better practitioner. I understand how risk shows up in real environments, how to work with engineering and product teams who don't speak compliance, and how to get organisations audit ready without grinding them to a halt. Right now I'm focused on what comes next for GRC. Building automation, engineering repeatability into assurance workflows, and closing the gap between compliance and the teams that have to live inside it. I share the work publicly because I think this field needs more practitioners who build in the open. If you're looking for someone who can lead, deliver, and modernise how compliance gets done, let's talk.

Experience Highlights

• Led EMEA compliance programmes across ISO 27001, TISAX, BSI C5, Spain ENS, and CE+
• Delivered audit readiness across DORA, NIS2, privacy risk, and third party risk programmes
• Managed end to end compliance for SOC 2, PCI DSS, FedRAMP, and NIST frameworks
• Conducted risk assessments and internal audits across cloud, network, and enterprise IT
• Partnered with engineering, legal, and product teams to close control gaps at scale
• Presented audit findings and compliance posture to senior and executive stakeholders
• Building GRC automation tooling and open source skills libraries for the EMEA community
• Mentor practitioners entering and transitioning into GRC and information security

Get in Touch

Connect with me on LinkedIn