Summary
Overview
Work History
Education
Skills
Affiliations
Certification
Timeline
Generic

BENNETH ADU DARKO

Atlanta,Georgia

Summary

Results-driven cybersecurity professional with a strong background in compliance and risk management. Skilled in identifying and mitigating vulnerabilities, implementing compliance measures, and leading teams to achieve common goals. Extensive experience in Audit, Risk Management Framework (RMF), Sox Compliance, ISO Framework, Banking and Loan Operations.

Overview

10
10
years of professional experience
1
1
Certification

Work History

3rd Party Risk Analyst

Deloitte(Contractor)
Atlanta, GA
11.2023 - Current
  • Assess vendor responses to security questionnaires and supporting artifacts such as information security policies, SOC2 Type 2 Report, ISO Certification, Penetration test reports, Vulnerability Scan Reports, Scorecard.
  • Communicate vendor security issues to stakeholders, ensuring good understanding of associated risks and actions needed for remediation using defined Key Performance Indicators and Key Risk Indicators.
  • Assess vendor responses to security questionnaires and supporting artifacts such as information security policies, SOC2 Type 2 Report, ISO Certification, Penetration test reports, Vulnerability Scan Reports, Scorecard.
  • Assist in developing, reviewing, updating, and maintaining policies and procedures to ensure compliance with regulatory frameworks.
  • Perform routine awareness and training programs and remain current with security threats.
  • Conduct continuous monitoring and reassessment of vendors

CYBERSECURITY COMPLIANCE ANALYST

State Street (Contractor)
01.2022 - 11.2024
  • Coordinate efforts with external audit firms to reduce fees and increase reliance on internal controls
  • Lead the development and testing of Sox compliance measures for a major finance company
  • Validate and implemented mitigating controls for North America, resulting in a 90% reduction in segregation of duties issues
  • Train management and role owners to effectively utilize the system, improving overall efficiency and reducing Sox deficiencies.

CYBER AUDIT AND COMPLIANCE OFFICER

Ernest and Young (Contractor)
09.2020 - 12.2021
  • Reduced tested controls by more than 20% each year through effective testing, interviewing, and examination of internal controls
  • Assessed the design and implementation of security processes, procedures, and monitoring for clients in various industries
  • Examined and reviewed internal controls based on NIST requirements, and prepared Security Tests and Evaluation Reports as directed by NIST SP 800-53A
  • Performed multiple special projects for senior management and external audit teams.

SUPPORTIVE LOAN OPERATIONS OFFICER

Bank of America (Contractor)
01.2019 - 07.2020
  • Established structures for documentation review, boarding, funding, servicing, and balancing of commercial loans, and collaborated with the accounting department to balance the loan suspense GL
  • Built and managed the loan operations department, from stealth mode to launch
  • Performed quality assurance on loans with 90% precision and tracked and logged bugs using the Jira system
  • Received a grade of 'Strong' during OCC audits.

INFORMATION TECHNOLOGY SECURITY ANALYST

Deloitte (Contractor)
05.2015 - 11.2018
  • Contributed to the development and implementation of security processes, procedures, and monitoring for clients in various industries
  • Developed a System Security Plan document, guided by NIST SP 800-16, to ensure the system was properly documented
  • Prepared authorization packages for approval and engaged in continuous monitoring to ensure the system was constantly in compliance and risks were being mitigated
  • Established test plans for key controls and advised management on control weaknesses and recommended improvements.

Education

B. A. COMMUNICATION STUDIES -

Ghana Institute of Journalism
01.2014

Skills

  • NIST framework
  • FISMA regulations
  • FedRAMP guidelines
  • COSO framework
  • ISO 27001
  • ISO 27002 standards
  • Cloud security protocols
  • IT compliance regulations
  • Google Suite tools
  • Jira issue tracking
  • Strong attention to detail
  • Effective problem-solving abilities

Affiliations

  • CLOUD SECURITY ALLIANCE (CSA) NEW YORK METRO CHAPTER
  • Wall Street Friends

Certification

Certified Information Security Manager(CISM) Expected February 2025

Certified Information Systems Auditor(CISA) Expected May 2025

CiSSP Expected July 2025

Timeline

3rd Party Risk Analyst

Deloitte(Contractor)
11.2023 - Current

CYBERSECURITY COMPLIANCE ANALYST

State Street (Contractor)
01.2022 - 11.2024

CYBER AUDIT AND COMPLIANCE OFFICER

Ernest and Young (Contractor)
09.2020 - 12.2021

SUPPORTIVE LOAN OPERATIONS OFFICER

Bank of America (Contractor)
01.2019 - 07.2020

INFORMATION TECHNOLOGY SECURITY ANALYST

Deloitte (Contractor)
05.2015 - 11.2018

B. A. COMMUNICATION STUDIES -

Ghana Institute of Journalism

Similar Profiles

  • Kevin De PiazzaKevin De Piazza

    VP - IT Governance, Risk, Compliance, IT OPS – Security, Global Help Desk and Access management at Legends Hospitality, LLCVP - IT Governance, Risk, Compliance, IT OPS – Security, Global Help Desk and Access management at Legends Hospitality, LLC

  • Manikumar SubramanianManikumar Subramanian

    Technology Risk Manager at KPMG Mew ZealandTechnology Risk Manager at KPMG Mew Zealand

  • Ayse DemirAyse Demir

    Risk Advisor at CORL TechnologiesRisk Advisor at CORL Technologies

  • JUAN MUNOZJUAN MUNOZ

    Lead, IT Security, Risk & Compliance at Wizards Auto WorldLead, IT Security, Risk & Compliance at Wizards Auto World

CREATE PROFILE
BENNETH ADU DARKO