Kwame Boateng
Education:
Bachelor's degree
Information Technology
Kumasi Technical University
2014
Experience:
Manage third-party audits and security risk assessments with external partners and vendors.
Build key partnerships with senior stakeholders to develop and evangelize enterprise-wide IT security policies, standards, and procedures resulting in a 70% reduction of audit findings.
Act as key participant in monitoring, evaluating, and measuring the impact of decisions practiced in Risk Management functional area.
Work closely with management to determine acceptable levels of risk to the organization.
Monitor moderately complex business-specific programs and provide risk management consulting to support the business in designing and implementing risk-mitigation strategies.
Monitor, measure, evaluate, and report on the impact of decisions and controls to the relevant business group or functional area.
Develop and implement risk monitoring and risk reporting processes and controls.
Collaborate and partner with relevant business groups to identify current and emerging risks associated with business activities and operations and provide guidance in developing and implementing risk-mitigating strategies.
Use automated tools to perform ongoing monitoring of business controls, control testing, root cause analysis, and examination of the effectiveness of established business controls.
Review and approve security policies, controls, and cyber incident response planning.
Brief executive team on the status and risks facing the organization and serve as a catalyst for security.
Effectively lead development of Enterprise capabilities such as Vulnerability Assessments, Security Awareness, Threat/Risk Assessments, and Security Incident Response.
Oversee internal and external security audits and penetration testing.
2021 : Present
DEXIS
Information Security Analyst
2018 :
DEXIS
Cyber Security Analyst
2018 :
Self
Manager
Managed cloud and non-cloud vendor due diligence program which ensured all clients (PI) personal
information stored by vendors complied with FERPA/ PCI-DSS, HIPAA/HITECH.
Monitored user compliance with networking and internet security policies.
Conducted risk assessments, including reviewing organizational policies, standards, and procedures and
providing advice on their adequacy, accuracy, and compliance with industry standards.
Assessed the level of risk and develops and/or recommends and operationalize appropriate mitigation
countermeasures.
Communicated results of vulnerability and risk assessments to system and data owners.
Provided timely updates to team members and audit management on engagement progress and audit issues,
ensuring all deadlines are consistently achieved.
2017 : 2019
Computer Generated Solutions India Private Limited
Security Analyst
Utilized technology and systems to track the movement and quantity of goods in the warehouse.
Predicted future demand to optimize inventory levels and prevent overstocking or stock-outs.
Managed orders from receipt to shipment, ensuring accuracy and timeliness.
2015 : 2016
Plastic Omnium
Logistics Associate
Company: DEXIS
Years of Experience: 7