FRANCIS ATAKORA

Drafted reports summarizing findings from compliance audits and investigations.
Evaluated current processes for identifying areas of non-compliance within the organization.
Coordinated efforts between external auditors and internal stakeholders during annual audits.
Liaise with business stakeholders to facilitate vendor Security Assessment, and coordinate efforts between IT, Cybersecurity, Business function and others.
Review and validate vendor documentation such as SOC 1 & 2 Type-I&II report, Vulnerability scan report, independent pen-test report, ISO 27001, PCI-DSS certification, essential security policies and procedures documentation.
Work as remediation analyst to ensure all gaps discovered during the assessment remediated or mitigated timely.
Perform vendor security risk assessments reviews.
Send out security risk assessment surveys to 3rd party vendors, analyzing and documenting results and determining risk factors and risk score.
conduct in-depth risk-based security assessment of housed, vendor and third party hosted environment.

• Stayed current with latest changes to applicable regulatory standards and company procedures.

Assisted in the investigation of security incidents, including identifying root cause analysis and recommending remediation steps.
Created reports outlining findings from security audits, incident response activities, and other related processes.
Monitored system performance metrics to ensure optimal performance levels are maintained at all times.
Performed periodic scans on networks using advanced security tools.
Worked face-to-face with multiple stakeholders interviewing, planning, or participating in a team effort to bring multiple complex projects to fruition in a highly motivated, fast paced environment.
Reviewed, maintained, and ensured all assessment and authorization (A&A) documentation is included in the system security package. Performed information security risk assessment and assisted with the internal auditing of information security process.
IT security policy and procedure development, update and review, and response to Audit request or Audit support/coordination.

Performed risk assessments for existing IT infrastructures and provided recommendations for improvements.
Reviewed user access privileges regularly in order to ensure that only authorized personnel had access to sensitive information.
Trained users on cyber security awareness topics such as phishing emails, password management techniques and social engineering attacks.
Supported the department information Security Management System (ISMS) including POAMS, Monthly Meetings, Internal Audits, and other components of an ISO compliant function.
Supported security assessment and authorization (SA&A) activities is required , including performing risk/vulnerability analysis, assessment of security controls, preparing security assessment reports and POA&Ms as needed.
Responded promptly to any requests from customers related to cybersecurity issues.
Provided technical guidance to staff members regarding data security best practices and regulations compliance requirements.