DESMOND NII QUAYE QUARSHIE
Tema,AA
Summary
A highly adaptable and detail-oriented Information Security and Compliance Analyst with a robust foundation in internal auditing, regulatory compliance, and risk management across diverse industries. Proficient in implementing and adhering to security and compliance frameworks, including HIPAA, GDPR, COSO, COBIT, and PCI DSS, alongside ISO 27001, NIST, and SOX standards. Demonstrates comprehensive expertise in safeguarding data, ensuring privacy, and managing regulatory compliance through effective policies and procedures. Currently pursuing the CISA certification, with hands-on experience in IT governance, control testing, and policy development. Recognized for a proactive approach to problem-solving, strong analytical skills, and a commitment to fostering secure, compliant organizational environments.
Overview
10
10
years of professional experience
1
1
Certification
Work History
Cybersecurity Consultant
TimeTech Cyber
11.2024 - Current
- Improved client cybersecurity posture through tailored risk assessments and mitigation strategies.
- Reduced cyber threats by implementing robust security frameworks and incident response plans.
- Achieved cost savings for clients by identifying areas for improvement in existing cybersecurity infrastructure.
- Managed third-party vendor relationships to ensure the timely delivery of high-quality cybersecurity products and services.
- Served as a key point of contact for clients and internal stakeholders, providing expert guidance on all aspects of cybersecurity risk management.
- Performed risk analyses to identify appropriate security countermeasures.
- Conducted security audits to identify vulnerabilities.
- Developed plans to safeguard computer files against modification, destruction, or disclosure.
- Recommend improvements in security systems and procedures.
- Built relationships and fostered effective communication with legal personnel to conduct practical investigations.
- Monitored confidential company data and mitigated hacking through network systems updates.
- Advised executive leadership on industry trends, helping them make informed decisions regarding cybersecurity investments.
- Strengthened business continuity by creating disaster recovery plans in the event of a cyber attack or breach.
- Improved overall security posture by regularly updating antivirus software, firewalls, intrusion detection systems, and other protective measures as required.
- Mitigated potential risks by performing in-depth analysis of emerging threats and suggesting appropriate countermeasures.
- Enhanced network security by conducting comprehensive vulnerability assessments and penetration tests.
- Ensured regulatory compliance by conducting thorough audits of information systems and security controls.
- Increased employee awareness of cybersecurity best practices by developing and delivering training programs.
- Collaborated with cross-functional teams to develop comprehensive cybersecurity policies and procedures.
- Protected sensitive data by designing and implementing encryption solutions for secure communication channels.
IT Internal Auditor
PWC
10.2020 - 10.2024
- Conducted comprehensive internal audits across multiple departments, assessing IT and operational processes to evaluate risk exposure, control effectiveness, and adherence to regulatory and corporate standards (SOX, GDPR, COBIT)
- Designed and executed audit plans with a focus on high-risk areas, ensuring thorough coverage of IT systems, data privacy practices, and cybersecurity protocols
- Reviewed and rigorously tested IT controls related to data access, network security, change management, and incident response, identifying control weaknesses and providing actionable recommendations to enhance organizational security and compliance
- Spearheaded vendor risk assessments by evaluating third-party service providers’ compliance with internal policies and regulatory requirements, contributing to a 30% reduction in vendor-related security incidents
- Prepared in-depth audit reports detailing findings, insights, and recommendations on risk mitigation strategies, compliance gaps, and control improvements, delivering critical information to management to support informed decision-making
- Partnered with IT, compliance, and management teams to implement corrective actions from audit findings, resulting in a measurable improvement in compliance scores and a streamlined audit process
- Developed and monitored key performance indicators (KPIs) to track remediation progress, continuously improving audit methodologies and reporting to align with evolving industry standards and best practices
- Facilitated ongoing communication and training with cross-functional teams on internal controls, compliance requirements, and risk management practices to build a stronger compliance culture across the organization.
Information security assurance analyst
Fidelity Bank Ghana
09.2017 - 11.2019
- Conduct comprehensive reviews of operational processes, financial records, and IT controls to ensure adherence to established internal policies and regulatory requirements, improving the organization’s compliance and control framework
- Collaborate with audit and compliance teams to identify and document control deficiencies, operational risks, and improvement opportunities, contributing to a 30% reduction in audit findings through proactive risk management
- Design and execute testing procedures for key controls, assessing their effectiveness in mitigating risks associated with financial reporting, cybersecurity, and regulatory compliance, and ensuring alignment with standards such as SOX, ISO 27001, and COSO
- Analyze data and prepare detailed reports summarizing findings, risk exposures, and recommended corrective actions, providing senior management with actionable insights to strengthen the control environment
- Assist in developing and maintaining an internal control testing program, including risk-based scoping, testing frequency, and continuous monitoring activities, which led to a more proactive approach to risk management
- Support the implementation of remediation plans by working closely with process owners and compliance teams, ensuring timely and effective resolution of identified issues
- Conduct root cause analyses on incidents and control failures, identifying underlying issues and implementing preventive measures to improve overall control reliability
- Participate in internal audits and assessments, offering insights and expertise to help ensure a thorough and accurate review of controls, leading to enhanced operational efficiency and compliance
- Actively contribute to the creation and update of policies, procedures, and control documentation, ensuring that all guidelines are current and reflect the latest regulatory and business requirements
- Provide training and guidance to employees on compliance requirements, internal controls, and risk management best practices to strengthen a culture of accountability and compliance across the organization
- Utilize audit management tools and data analytics software to streamline audit processes, identify patterns, and provide a data-driven approach to risk and control assessments.
bank insurance associate
Societe Generale Ghana
01.2015 - 07.2017
- Assisted in promoting and selling the bank's insurance products to clients, actively contributing to the achievement of sales targets and expanding the bank’s insurance customer base
- Educated clients on the benefits, features, and coverage options of various insurance products, tailoring recommendations based on individual needs to ensure suitable product offerings
- Collaborated with relationship managers and the sales team to identify cross-selling opportunities, enhancing the customer experience and increasing overall product adoption rates
- Provided excellent customer service by addressing client inquiries, explaining policy terms, and guiding customers through the application and claims processes, contributing to higher customer satisfaction
- Maintained up-to-date knowledge of insurance products, market trends, and regulatory guidelines, enabling informed discussions with clients and ensuring compliance with industry standards
- Supported marketing campaigns and participated in promotional events to boost product visibility, strengthening the bank’s market presence in the insurance sector
- Documented client interactions and sales activities in the bank's CRM system, ensuring accurate records for follow-up and reporting purposes.
Education
Certified Cybersecurity GRC-IT Audit - Cybersecurity Fundamentals, Governance, Risk, and Compliance (GRC) Frameworks, IT Audit Principles and Practices, Policy and Procedure Review, SOX Compliance (Testing of ITGC Controls), SOX Reporting, Risk Assessment, Hashing and Encryption Testing, PCI DSS Compliance, Third-Party Risk Management, Risk Management Framework, Data Security and Privacy
Yesyoucan Cybersecure, LLC
Dallas, USACertificate - Cyber Security, Data Science, Ethical Hacking/ Pen
IBM , EC- Council, Cisco
US10-2024
Bachelor's Degree -
Economics and Psychology
01.2019
Skills
- Risk Assessment & Mitigation
- Regulatory Compliance
- Internal Audit
- Policy & Procedure Development
- Vulnerability Assessment
- IT Governance
- Data Privacy
- Cybersecurity Awareness Training
- Incident Response & Management
- Project Management
- Data Analysis & Reporting
- Vendor Risk Management
- Control Testing
- Threat Intelligence
- Access Control Management
- Network Security
- Compliance Auditing
- Fraud Detection & Prevention
- Process Improvement
- Change Management
- Team management
- Strong decision-making
- Complex problem solving
- Strategic Goals Setting / Achievement
- Customer Servicing
- IT Skilled
- Motivator/Mentoring
- Public speaking
- Marketing
- Coaching/Training
- Innovative
- Critical Thinking / Analytical
- Attention to details
- Vulnerability assessment
- Social engineering
- Security auditing
- Security analytics
- NIST frameworks
- Identity management
- Privacy regulations
- Threat intelligence
- Encryption technologies
- Virtualization security
- Penetration testing
- Phishing prevention
- Wireless security
- SIEM management
- ISO 27001 compliance
- Mobile security
- Application security
- Firewall management
- Business continuity
- Data protection
- Compliance management
- Incident response
- PCI DSS compliance
- Disaster recovery
- DDoS mitigation
- IoT security
- Configuration management
- Zero trust architecture
- Network security
- HIPAA compliance
- Biometric security
- GDPR compliance
- Security policy development
- Access control
- Patch management
- DevSecOps integration
- Cloud security
- Cybersecurity frameworks
- Security training
- Malware analysis
- Ethical hacking
- Network protocols
- Network security management
- Disaster recovery planning
- Compliance auditing
- Security risk assessment
- Business continuity planning
- Risk assessment
- Security assurance
- Data security
- Information governance
- Security planning
- Data encryption
- Information protection
- Wireshark software
- Teamwork
- Telecommunications systems
- Qualys cloud platform
- Teamwork and collaboration
- Attention to detail
- Time management
- Problem-solving
- Multitasking Abilities
- Problem-solving abilities
- Reliability
- Excellent communication
- Organizational skills
- Team collaboration
- Active listening
- Effective communication
- Decision-making
- Relationship building
- Adaptability and flexibility
- Team building
- Self motivation
- Interpersonal skills
- Analytical thinking
- Goal setting
- Professionalism
- Task prioritization
- Security metrics
- Security needs assessment
- Endpoint security
- Intrusion detection
Accomplishments
- Used Microsoft Excel to develop inventory tracking spreadsheets.
- Achieved 90% by completing Training and Awareness with accuracy and efficiency.
- Resolved product issue through consumer testing.
- Supervised a team of 16 staff members.
- Collaborated with a team of 10 in the development of Access Control Security policy.
Certification
Certificate of Recognition, Prudential Life Ghana
Affiliations
- TimeTech Cyber
Languages
English
Bilingual or Proficient (C2)
Timeline
Cybersecurity Consultant
TimeTech Cyber
11.2024 - Current
IT Internal Auditor
PWC
10.2020 - 10.2024
Information security assurance analyst
Fidelity Bank Ghana
09.2017 - 11.2019
bank insurance associate
Societe Generale Ghana
01.2015 - 07.2017
Bachelor's Degree -
Economics and Psychology
Certified Cybersecurity GRC-IT Audit - Cybersecurity Fundamentals, Governance, Risk, and Compliance (GRC) Frameworks, IT Audit Principles and Practices, Policy and Procedure Review, SOX Compliance (Testing of ITGC Controls), SOX Reporting, Risk Assessment, Hashing and Encryption Testing, PCI DSS Compliance, Third-Party Risk Management, Risk Management Framework, Data Security and Privacy
Yesyoucan Cybersecure, LLC
Certificate - Cyber Security, Data Science, Ethical Hacking/ Pen
IBM , EC- Council, Cisco
Similar Profiles
TRINA D. SHAFFERTRINA D. SHAFFER
Training Technician at 1st Cyber Battalion, Cyber Protection BrigadeTraining Technician at 1st Cyber Battalion, Cyber Protection Brigade
PRIYASHA SINGHPRIYASHA SINGH
Cybersecurity Student at Cyber Security And Cyber DefenceCybersecurity Student at Cyber Security And Cyber Defence
PETER BERNHARDTPETER BERNHARDT
Senior Cyber Threat Intelligence Analyst at 1st Cyber Battalion, Cyber Protection BrigadeSenior Cyber Threat Intelligence Analyst at 1st Cyber Battalion, Cyber Protection Brigade
Esenam Dzifa AgbevemEsenam Dzifa Agbevem
Sales Manager at Sunhills and Pharma LimitedSales Manager at Sunhills and Pharma Limited
GODWIN DZIEDZORM KUMORDZIGODWIN DZIEDZORM KUMORDZI
Transport Manager at Goodness Energy LimitedTransport Manager at Goodness Energy Limited