Post Job Free
Sign in

Security Analyst Financial

Location:
Alexandria, VA
Salary:
110000
Posted:
September 03, 2022

Contact this candidate

Resume:

GREGORY MENSAH KUMI

***********.******@*****.*** Alexandria Virginia, 22309. +1-571-***-****

PROFILE

A dynamic and detail-oriented Information System Analyst Professional with focus on Security Life Cycle and Vulnerability Management, using Risk Assessments, Audit Engagements, System Security Monitoring, Testing Information Technology Controls and Developing Security Policies, Procedures and Guidelines.

EDUCATION AND CERTIFICATIONS

Certifications

CISM, ISACA.

CISA, ISACA.

Security +, CompTIA.

IBM Cyber Security Analyst, Coursera.

Education

BSc. Actuarial Science

Kwame Nkrumah University of Science and Technology (Kumasi, Ghana.) August 2012 - May 2016

WORK EXPERIENCE

Unified Cyber Solutions Berwyn Heights, MD. October 2018 – Present.

Risk and Compliance Analyst (Contract)

Instilled a matured security posture for clients by identifying weaknesses and vulnerabilities in relation to PCI-DSS security framework. Performed vulnerability assessment by scanning the various systems and applications that are in scope for PCI – DSS Certification.

Worked directly with security team members to perform assessments on existing or new services and technologies within the PCI – DSS Credit Card Data Environment.

Initiated and led information security awareness and training programs to inform the team of their roles in maintaining a matured security posture.

Examined information security accreditation requests for approval and denial.

Conducted security control assessments to ensure controls are implemented to comply with ISO standards.

Provided required updates for reviewing risk appetite and tolerance statements.

Enabled the identification of emerging risks in daily operation of business using 2LOD.

Contributed to weekly change management meetings to evaluate change requests (systems or applications) that could lead to approval or denial of the request, validated testing results from testing environments and promoted changes to production environment.

Examined events logs for irregularities, identified irregularities are then reported as incidents. The incident response process is initiated to mitigate these irregularities.

Involved in security incident management to mitigate or resolve events that have the potential to impact the confidentiality, availability or integrity of information technology resources.

Created and manipulated security metrics to help senior management to make decisions.

Involved in third party contract evaluation to award contracts into the most cost-effective bidder.

Provided support to internal and external audit teams as required (Helped in the gathering and presentation of evidence to validate controls effectiveness and efficiency)

Equity Savings and Loans Accra, Ghana September 2017 – May 2018.

Personal Banking Representative

Processed deposits and withdrawal in a timely manner, which prevented attacks and robberies.

Increased the number of our online bankers by 60% by introducing new members to the banking platform and software within three months.

Performed regulator account maintenance which reduced the number of dormant accounts by 48%. Opened and closed accounts as required for members.

Followed up on all outstanding issues that concerns the client and updated the clients accordingly.

Took initiatives in performing general administration tasks which helped in the overall performance of the branch.

Standard Chartered Bank Ghana (National Service) Accra, Ghana September 2016 – August 2017.

Trade and Cash Analyst Transaction Banking

Designed the new strategy for Transaction Banking Ghana highlighting the changes in focus from Trade to Cash; this design laid the foundation for the units refreshed 4-point strategy.

Championed the preparing of concessions for clients.

I restored trust and transparency with the clients by updating the Trade and Cash Tariff guides and also, the Product Program Generic (PPG) and the Country Addendum (CA)

Sales team saw a 45% increase in revenue due to my Trade and Cash products training sessions and also my weekly updates on the competitive banks FX Rates to ascertain market levels.

Set up 100% of our clients on Global Pricing and Billing System (GPBS) and Integrated Client Documentation Management System (ICDMS).

Risk Analyst Transaction Banking

Championed Transaction Banking Ghana and Nigeria Front Office Peer Review. Supported the execution of audit/ advisory engagements covering IT and Data Management processing of the Bank

Worked closely with the Audit Supervisors and Audit Specialists to support the development and execution of risk-based work program

Closed an audit issue, which resulted in an increase in bonus for the team.

Functionally reported to the Program Manager, IT Audit and administratively to the Director, Strategy and Operations, who jointly was responsible for mentoring, performance evaluation and overall learning and professional development.

Evaluated the adequacy of internal controls and compliance with company policies and procedures by conducting interviews with all levels of personnel, examining transactions, documents, records, reports, observing procedures.

Influenced decisions taken by Senior management by writing audit reports for distribution to management and senior management documenting the results of the audit.

Made recommendations based on independent judgement of corrective action and suggested improvements to operations and reductions in cost.

Identified risks as part of the risk management process, including business continuity planning (BCP) and disaster recovery planning.

Conducted Business Impact Analysis (BIA) to analyze mission-critical business functions and identify and quantify the impact of those functions if these are lost. (example; Operational, financial). BIA helped to define the company’s business continuity plan and IT internal control audit objective.

Financial Analyst Transaction Banking

Followed-up and collected documents from clients (depending on client sensitivities) and then conducted searches on clients to make sure all regulatory requirements (AML risk) are met before initiating any new to bank or existing client cases

Prevented regulatory fines and sanctions by working with the New-to-Bank, International Corporate, Product partners and with the Financial Crime Control team to bring down the overdue and also made sure due diligence was thoroughly done.

Social Security and National Insurance Trust (Internship). May 2013 – August 2016. Records Officer

Championed the accessibility of records throughout their life cycle and that vulnerability due to neglect or disaster minimized.

Preserved records with long term or historical value.

Made preliminary decisions about the classification of records based on knowledge about the overall content of records or on evaluation of a representative sample of the information in the records.

Provided easy and reasonable access to unrestricted public records.

SUMMARY OF SKILLS

Adept at Microsoft Office (Excel, PowerPoint, Access & Word).

Audit and Accountability and Implemented Federal Information Security.

FISMA/FIPS 199/200 policies such as FISMA.

Assessment and Authorization (A&A) and Plan of Action and Milestones (POAMs).

Evaluating Policies/Procedures Management, Systems Development Life Cycle.

Advanced knowledge of HIPAA, HITRUST, ISO, CSAM, PCI-DSS framework, SSAE 18, TPRM, RMF, COBIT 5, ISO-2000 series, FAIR ISO-27001 series.

Governance Risk and Management (GRC), SOX, SOC2, GDPR/CCPA.

NIST Risk Management Framework (RMF) Tools and NIST Cyber Security Framework (CSF).

VMware vCenter Protect Essential, Agile practices and experience working with scrum teams.

Vulnerability Assessment (Nessus) (Shavlik), TrendMicro and Cisco Duo, Crowd Strike Endpoint Protection and Digital Shadow.

Experience with Network Security tools like 2FA, IPS, IDS, Firewalls etc.

Experience with Splunk or other SIEM Technologies.

Custom software, commercial-off-the-shelf and third-party SaaS and PaaS solutions.

RSA Archer, ServiceNow, Visio, VPN, LanScope, Stig Viewer, Sharepoint, API Experience, PowerShell Scripting.

Experienced in SPSS Statistics (version 17.0).

Company Name/ Contractor

Company

Type of Employment

Dates

Smartthink LLC (Contractor)

Unified Cyber Solutions

Contract

October 2018 - Present

Equity Savings and Loans

Equity Savings and Loans

Full time

August 2017 – May 2018

Standard Chartered Bank Ghana

Standard Chartered Bank Ghana

National Service

September 2016 – August 2017

Social Security and National Insurance Trust (SSNIT)

Social Security and National Insurance Trust (SSNIT)

Internship

May 2013 – August 2016



Contact this candidate