Ertimis Academy

Certificate in Cybersecurity & Security Governance USA

University of Cape Town

South Africa

MPhil Criminology & Law ( Specializing in Financial, Organized and Cyber Crimes )

University of Ghana

Bachelor of Arts in Pyschology Ghana

Present

2021

Diaspora Care Inc, NY

Information Security/ GRC Specialist

CONTACT INFO

Columbus, OH, USA

ad11np@r.postjobfree.com

+1-614-***-****

KEY SKILLS

Developing Security Plans

Data Security

Compliance and Regulation

Expertise.

Security Vulnerability Assessment

Risk Assessment and Management

Security Policy Development.

Vendor Management.

Security Audit and Assessment.

PCI DSS Compliance

Incident Response Management

Critical Thinking

Last updated on 2023-08-28.

EBENEZER HUTCHFUL

Result driven Governance Risk and Compliance professional with over five years of experience developing and implementing security solutions in fast-paced environments. Skilled in vulnerability management and incident response with proven history of delivering exceptional risk management support with extensive experience developing and testing security framework for cloud-based software. Versed in robust network defense strategies, security governance/compliance, as well as personnel training. EDUCATION

PROFESSIONAL EXPERIENCE

Prepared remediation plan for third party assessment.

Developed, implemented and documented security programs and policies and monitored compliance across departments.

Performed risk and vulnerability assessments and provided results and recommendations to senior management.

Created policies and procedures for emerging security technologies and proposals.

Performed risk analyses to identify appropriate security countermeasures.

Led teams of up 5 in developing and implementing security systems, resulting in 30% fewer threats.

Created cybersecurity best practice communications to educate staff against known threats and potential vectors of attack.

Performed secure user identification and authentication best practices by following access controls policies to maintain compliance to ISO/IEC 27001, NIST, PCI DSS, HIPPA security controls.

Collaborated with third-party payment card industry (PCI) compliance partners during third party audits.

Updated relevant policies to ensure they reflect regulatory requirements.

Conducted security audits to identify vulnerabilities in the IT environment.

Executed annual assessment, using the Shared Assessment Framework Shared Control Assessment (SCA), to identify areas where the company needed to fortify in terms of its security and data privacy posture.

Supported key business initiatives by identifying compliance risks and providing resolutions to manage these risks.

Provide overall management of the third party review process, ensuring timely reviews as well as process updates to comply with legal and compliance activities.

2021

2019 Union Assurance,

GRC Specialist

2019

2018 Kum Shipping & Logistics, Cape Town SA

Technical Support Specialist

2018

2017 Diasco Hardware & General Merchants, GH

Information Security Specialist

Designed company-wide policies to bring operations in line with Center for Internet Security (CIS), NIST, ISO 27001, OWASP standards.

Authored security incident reports, highlighting breaches, vulnerabilities and remedial measures.

Reviewed violations of computer security procedures and developed mitigation plans.

Contributed to monitoring and testing of security controls, plans and related metrics.

Conducted security audits to identify vulnerabilities.

Developed plans to safeguard computer files against modification, destruction or disclosure.

Educated clients on mitigating vulnerabilities by demonstrating secure configuration guidelines to reduce exposure

Administered onsite training for POS handling, to maintain compliance with PCI DSS and reduce the risk of client payment card disclosure during remote transactions.

Coordinated all third party penetration testing, including corporate network, platform, and solution penetration.

Performed weekly critical system audits of help desk tools to maintain security adherence for critical infrastructure

Served as second tier of escalation in public global helpdesk, responding to customers via Twitter using a Ticket API

Explained technical information in clear terms to promote better understanding for non-technical users.

Collaborated with supervisors to escalate and address customer inquiries or technical issues.

Collaborated with vendors to locate replacement components and resolve advanced problems.

Developed concise, tailored cybersecurity awareness content and documentation including SOPs and resolutions to common issues, improving security posture within the Support Team

Employed malware analysis tools to remove over 1,000+ vulnerabilities monthly and remediate virus attacks from client computers

Implemented secure baseline configuration

Prepared, executed, and reported on audit of subset of NIST SP 800-53 cybersecurity controls to include interview, document review, and testing of systems to support compliance audit activities

Knowledgeable on NIST Cybersecurity Framework and how the Identify, Protect, Detect, Respond, and Recover categories comprise and facilitate an information security program

Managed Staff Training to ensure compliance and best practices in operational processes.

Conducted thorough Vendor/Third Party vetting to mitigate risk.

Led comprehensive walkthroughs to identify risks, control gaps and updated contingency plans

CompTIA Security

Completed

CISSP – Certified Information System Security Professional In Progress

CERTIFICATIONS

CIPA - Certified Compliance Professional

In Progress

Contact this candidate