Agyapong Degraft
BRISTOL,GLOUCESTERSHIRE
Summary
Driven professional with focus on cybersecurity leadership and risk management. Demonstrates strategic thinking and effective communication skills, coupled with expertise in information security protocols. Committed to safeguarding organizational assets and ensuring robust security measures.
Overview
14
14
years of professional experience
Work history
Information security officer
Sinapi Aba Savings & Loans LTD
Ghana
2024.08 - Current
- Spearheaded training sessions for staff, increasing cybersecurity awareness.
- Reviewed and updated existing company security policies for improved compliance with regulations.
- Initiated standardization efforts across multiple departments improving consistency in handling sensitive data.
- Maintained up-to-date knowledge of current industry trends in cybersecurity thereby aligning organization's security infrastructure accordingly.
- Liaised with regulatory bodies to maintain compliance with data privacy laws and guidelines.
- Collaborated with IT teams for seamless integration of cybersecurity measures in system architecture.
- Implemented robust security protocols to mitigate cyber threats.
- Guided cross-functional teams on integrating privacy requirements into product designs thus adhering to GDPR like regulations.
- Conducted regular audits of information systems to ensure adherence to established standards.
- Formulated risk management strategies, reducing potential vulnerabilities and threats.
- Provided strategic guidance on enterprise-wide risk management matters ensuring better preparedness against potential risks.
- Established disaster recovery plan for business continuity during unforeseen situations.
- Increased revenue by 15% by implementing ISO27001 framework.
- Reduced Information security incident by 60% by putting in place robust incident management plan.
Cyber & Information Security Manager
Sinapi Aba Savings & Loans LTD
Kumasi, Ghana
2020.11 - 2024.07
- Advise senior management and Board on Cyber and Information Management
- Formulate institutional methodology for managing cyber and information security risk
- Develop Cyber and information security policy and submit it to senior management for approval
- Develop and update specific and general work procedures for realizing cyber and information security policy
- Maintain ongoing process of cyber and information security risk assessment with relevant institutional units to analyze and assess risk levels integral to technological and business activities
- Integrate and coordinate all institutional cyber and information security efforts, including oversight and control of all institutional units participating in these efforts
- Perform regular and ad-hoc institutional cyber and information security controls
- Coordinate cyber and information security activities, including joint exercises with business partners and service providers
- Promote cyber and information security awareness and train employees
- Regularly audit and assess organization's security controls to ensure compliance with industry standards and regulations (e.g., ISO 27001, GDPR)
- Facilitated cross-departmental communication to encourage best practice sharing in IT security matters.
- Draft security governance policies and procedures for company assets.
- Collaborated closely with IT team to develop robust disaster recovery plans.
- Kept abreast of latest cybersecurity trends for continuous improvement in procedures.
System Administrator (2nd Line IT Support)
Sinapi Aba Savings & Loans LTD
Kumasi, Ghana
2014.09 - 2020.10
- Troubleshoot and correct user-related IT complaints
- Collaborated with helpdesk teams in diagnosing and resolving issues.
- Provide periodic reports of all incidents and user complaints
- Ensure that all service packs and software updates for Server systems and client OS are downloaded and installed for IT systems
- Maintain computer network and information systems
- Installed and configured computer hardware operating systems and applications
- Researching, installing, and configuring new computer systems
- Monitored and maintained computer systems, networks (LAN & WAN), and IP cameras
- Resolving, diagnosing, and solving network problems and relevant software faults
- Windows Active Directory Administration
- Installed network equipment like routers and switches, improving connectivity.
Information technology security consultant
Raycom Technologies LTD
Accra (Remote), Ghana
2025.07 - Current
- Lead end-to-end ISO 27001 ISMS implementation projects
- Define ISMS scope, context, and boundaries
- Develop and maintain policies, procedures, and controls aligned with Annex A
- Create Statements of Applicability (SoA)
- Conduct information security risk assessments
- Identify threats, vulnerabilities, and impacts
- Recommend and implement appropriate risk treatment plans
- Ensure risks align with business objectives and compliance requirements
- Ensure compliance with ISO 27001, contractual obligations, and relevant regulations (e.g. GDPR, UK Data Protection Act where applicable)
- Support organisations in building governance frameworks for information security
- Align security controls with business processes
- Prepare for internal audits, certification audits, and surveillance audits
- Conduct gap analyses and internal ISMS audits
- Support corrective actions and continual improvement activities
- Act as key liaison with certification bodies
- Advise on implementation of technical and organisational security controls (e.g. access control, incident management, asset management)
- Work with IT teams to ensure controls are practical and effective
- Review system architectures and security designs
- Draft and review ISMS documentation (policies, risk registers, procedures)
- Produce clear reports for management and stakeholders
- Maintain evidence required for audits and certification
- Deliver information security awareness training to staff and stakeholders
- Educate clients on ISO 27001 requirements and best practices
- Promote strong security culture within organisations
Information technology security consultant
Straj Solutions Inc
Canada (Remote)
2023.08 - Current
- Streamlined vulnerability management processes, reducing potential threats.
- Led development of bespoke security policies for enhanced data protection.
- Collaborated closely with IT team to develop robust disaster recovery plans.
- Kept abreast of latest cybersecurity trends for continuous improvement in procedures.
- Successfully developed and implemented ISMS framework from scratch.
- Ensured ISO 27001:2022 compliance, leading towards certification readiness.
- Establish a monitoring and review process for continuous improvement of ISMS.
- Strengthened risk management processes, reducing security vulnerabilities, and improving resilience.
- Enhanced security awareness and training for employees, improving overall security culture.
- Established structured security policies and governance frameworks, ensuring long-term compliance.
Customer Service Assistant
Sinapi Aba Savings & Loans LTD
Kumasi, Ghana
2012.08 - 2014.08
- Check customers' accounts status and track cheques and payments.
- Cross-selling of banking products to customers
- Creating accounts for new customers.
- Answering questions about account types and banking products.
- Manage Over 50 customer calls per day.
- Increased sales by 10-20%
- Provided exceptional levels of customer service consistently; creating loyal customers .
- Assisted in the training of new staff members, ensuring consistency in service delivery.
- Managed time efficiently during peak hours to limit customer waiting periods.
- Adapted quickly to changes in store layout or products range, minimising disruption to service delivery .
Education
Professional Certificate - ISO27001 Lead Implementer
PECB
Professional Certificate - System Security Certified Practitioner (SSCP)
ISC2
KSICertificate - Certificate in Cyber Intelligence & Forensics
KAIPTC
Accra2021
Certificate of Participation - Cyber Security Preparedness & Response
Galilee International Management Institute
IsraelBachelor of Science - Information Technology
Blue Crest University College
Ghana 05/2013 - 11/2016
Skills
- Risk mitigation planning
- Problem-Solving
- ISMS
- Technical support
- Operating systems
- Customer service
- User Support
- SIEM
- Strategic it consulting
- Application security development
- Data privacy protection
- Cryptography understanding
- Compliance management
- Threat management
Accomplishments
- Lead Implementer in acquiring ISO 27001 certification for Sinapi Aba Savings & Loans Company Limited (Ghana).
- Lead Implementer in acquiring ISO 27001 certification for Straj Solutions Inc (Canada).
- Lead Implementer in acquiring ISO 27001 certification for RayCom Technologies Limited (Ghana)
Work availability
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Sunday
morning
afternoon
evening
swipe to browse
Languages
English
Timeline
Information technology security consultant
Raycom Technologies LTD
2025.07 - Current
Information security officer
Sinapi Aba Savings & Loans LTD
2024.08 - Current
Information technology security consultant
Straj Solutions Inc
2023.08 - Current
Cyber & Information Security Manager
Sinapi Aba Savings & Loans LTD
2020.11 - 2024.07
System Administrator (2nd Line IT Support)
Sinapi Aba Savings & Loans LTD
2014.09 - 2020.10
Customer Service Assistant
Sinapi Aba Savings & Loans LTD
2012.08 - 2014.08
Bachelor of Science - Information Technology
Blue Crest University College
05/2013 - 11/2016
Professional Certificate - ISO27001 Lead Implementer
PECB
Professional Certificate - System Security Certified Practitioner (SSCP)
ISC2
Certificate - Certificate in Cyber Intelligence & Forensics
KAIPTC
Certificate of Participation - Cyber Security Preparedness & Response
Galilee International Management Institute