Data Security Engineer
Resume:
Stephen Obeng-Adjei
Email: **********@*****.*** 732-***-****
www.linkedin.com/in/So-Adjei
PROFESSIONAL SUMMARY
Seasoned Security Engineer with strong focus on Governor, Risk, and Compliance (GRC) as well as Automated & Data Security, with over 6 years of experience. Managing and implementing security policies, risk assessments, data protection strategies, and regulatory compliance initiatives across the organization. Possess a solid understanding of industry security frameworks, data security practices, and emerging threats. Work closely with cross-functional teams to ensure that the organization adheres to security practices while maintaining the confidentiality, integrity, and availability of data.
EDUCATION, CERTIFICATION AND TRAINING
New Jersey Institute of Technology Newark NJ -2024
(Network Security and Cybersecurity)
Kwame Nkrumah University of science and Technology Kumasi Ghana-2014
(BSc. Information Security and System Management)
CERTIFICATION & SKILLS PROFILE
CompTIA Security+: ISC (2) Certified Authorization Procedure (CAP), CISA – Ongoing
Operating System : Windows Client 7 & 10, Windows Server 12.
Networking : VLAN, LAN, WAN, VPN
Compliance : HIPAA, PCI-DSS, SOC, NOC, FISMA, NIST, ISO.
PROFESSIONAL EXPERIENCE
Aryon Consulting LLC Jan 2019-Present
Information Security Engineer.
(GRC Management)
Develop, Implement, and maintain security policies, standards, and procedures to ensure compliance with industrial standards; (ISO,20071, NIST, GDPR, HIPAA, PCI-DSS, SOC, NOC.)
Conduct regular security risk assessments and audits to identify gaps in compliance and recommend corrective actions.
Monitor and report on the effectiveness of the organization’s security and risk mitigation efforts
Stay up to date with regulatory changes and work with relevant department to ensure compliance with data protection laws and network
Data Security;
Implement and manage data security solutions, including encryption, data masking, and secure data transmission protocols.
Collaborate with IT teams to safeguard sensitive data, such as personally identifiable information (PII) and intellectual property.
Monitor and respond to data breaches, data loss events, and other security incidents, ensuring rapid containment and investigation.
Conduct regular vulnerability assessments and privacy impact assessments to ensure the integrity of organization data.
Security Awareness and Training;
Design and deliver security awareness training programs to educate employees on security best practices and compliance requirements.
Provide guidance on data security measures to teams handling sensitive information across the organization.
Assess the security posture of third-party vendors and partners to ensure they comply with the organization’s security requirements.
Collaborate with legal and procurement teams to integrate security requirements into third-party agreements.
Incident Response and Risk Mitigation;
Contribute to the development and execution of incident response plans, focusing on GRC and data security components.
Collaborate with incident response team to ensure proper escalation, investigation, and mitigation of security events.
Continuous Improvement.
Continuous evaluate and improve security control, GRC processes, and data security practices
Research and stay current with emerging threats, technologies, and industry trends to proactively address potential events.
Manav Consulting Group LLC. Dumfries VA April 2018 - Dec 2019
Information Security Analyst
Managed security incidents and performed root cause analysis, successfully reducing repeat incidents by 40%.
Implemented a centralized logging system, improving threat detection capabilities and incident reporting accuracy.
Trained staff on security awareness and best practices, resulting in a 50% decrease in phishing susceptibility.
Assisted in the development and execution of disaster recovery and business continuity plans.
Established a continuous monitoring program for security systems, leading to real-time detection and response to threats.
Implemented network segmentation strategies that reduced the attack surface and contained potential breaches effectively.
Developed automated scripts for threat intelligence gathering, improving the efficiency of vulnerability management processes.
Assisted in the migration to cloud-based services while ensuring compliance with security best practices and data protection regulations
Contact this candidate