Summary
Overview
Work History
Education
Skills
Certification
Affiliations
Timeline
Generic
Frank Owusu

Frank Owusu

Accra,Accra

Summary

Strong Information Assurance technical competence in Auditing the design, implementation and management of information security systems, IT security audit and compliance, forensic readiness capability, and incident response and business continuity strategies.

Strong consulting and advisory skills combined with good business acumen, exceptional customer- focus attitude, and strong time management skills, ability to priorities and manage multiple tasks and work streams effectively.

Overview

21
21
years of professional experience
1
1
Certification

Work History

Group IT Project Consultant

Cymain Group of Companies
01.2023 - Current
  • Implement Infrastructure Software Project for the Group of Companies
  • Delivered high-quality project results by consistently adhering to established standards and protocols.
  • Built strong relationships with clients through effective communication and understanding their needs, promoting repeat business opportunities.
  • Implemented risk mitigation strategies through thorough analysis of potential issues, minimizing the impact on project timelines.
  • Negotiated contracts with vendors and suppliers to secure favorable terms while maintaining budgetary constraints.
  • Evaluated client needs and expectations, establishing clear goals for each consulting engagement.

Manager, IT Systems and Cyber Security Audit

Consolidated Bank Ghana Ltd
08.2018 - 07.2024
  • Audit the designing and implementation of information security management systems (ISMS), based on ISO-IEC 27001:2013 requirements and ISO-IEC 27002:2013 code of practice, as an information security strategy and Audit.
  • Audit businesses develop policies that support the implementation of security controls and processes necessary for attaining compliance with information security standards such as ISO-IEC 27001:2013 and PCIDSS.
  • Assess policy objectives, and review develop strategies to achieve those objectives; Ability to engage management/decision-makers in ways that secure their commitment to, and support for, an information security policy of the organization.
  • Audit the Information Security awareness of policies (including their understanding of compliance and non-compliance issues).
  • Review deployed signature-based perimeter security defenses (that is, IPS, IDS, firewalls, and anti-virus products) to detect known and unknown threats that target known vulnerabilities, as well as recommending how to implement signature-less security defenses to detect and defend against known and unknown threats that target unknown vulnerabilities (including zero-day attacks).
  • Review the implemented vulnerability management program that identifies and priorities exploitable system and network security vulnerabilities, and priorities remediation strategies that mitigate/eliminate identified vulnerabilities in a timely fashion.

IT Project Manager

Imperial General Assurance Ltd
03.2023 - 05.2024
  • Streamlined project delivery by implementing Agile methodologies and improving collaboration among team members.
  • Facilitated communication among team members to solve complex technical challenges efficiently and effectively.
  • Delivered reliable solutions by overseeing software design, development, testing, implementation, and support phases of IT projects.
  • Managed cross-functional teams to ensure efficient allocation of resources and successful project completion.
  • Led and managed staff team members engaged in administering complex IT infrastructure.

IT Project Manager

Imperial General Assurance Ltd
01.2023 - 05.2024
  • Delivered reliable solutions by overseeing software design, development, testing, implementation, and support phases of IT projects.
  • Streamlined project delivery by implementing Agile methodologies and improving collaboration among team members.
  • Facilitated communication among team members to solve complex technical challenges efficiently and effectively.
  • Managed cross-functional teams to ensure efficient allocation of resources and successful project completion.

Appointed ISMS Audit Manager

Consolidated Bank Ghana Ltd
07.2020 - 12.2020
  • Proven experience in auditing the implementation and configuration of Microsoft Windows core server technologies.
  • Actively Perform Information Security Management System (ISMS) Implementation and Assurance Audit covering the following areas during and before the banks Official ISMS Certifications.
  • Information Security Policies and Strategy;
    ➢ Information Security Risk Management
    ➢ Information Security Controls and Mitigation Strategies
    ➢ Information Security Standards Compliance
  • Endpoint Security;
    ➢ Information Assets Inventory (to determine all authorized, unknown, and transient systems/BYOD and applications)
    ➢ Secure System Configuration
    ➢ Access Controls
    ➢ Host-based Anti-virus, Anti-malware, and Firewall
    ➢ Host-based Vulnerability Management
  • Network Security;
    ➢ Gateway IDS, IPS and Firewall (either as separate or NGFW/UTM devices)
    ➢ Continuous Network Monitoring (SIEM) incorporating Log/Event Analysis and Correlation, Threat Analysis (Intrusion Detection and Prevention, and Threat Intelligence), File Integrity Monitoring, DLP, Content Filtering, Compliance Reporting, Real Time Alerting, and Network Forensic Analysis (to facilitate Threat Incident Response/Handling).
    ➢ Digital Forensics Readiness and E-Discovery Capabilities Building.

Audit Manager, Information Systems

UniBank Ghana Limited
03.2018 - 08.2018
  • Conducting assessment of the effectiveness of the Bank’s IT control environment using ISMS controls: assessing compliance with laws, regulations, and best practices
  • Worked with the business and IT management to identify commercial and practical solutions to mitigate identified risks
  • Performing ISMS Audit, participate in risk-based audits and ISO 27001 review focused on raising awareness of Information Security and critical business risk, collect, organize and analyze data in order to establish an effective trend.

Group Audit Manager, Information Systems

HODA Holdings Ghana Limited
07.2016 - 03.2018
  • Planning ISMS Audit using ISO 27001 standards and reporting conformity and non-conformity for the following subsidiary organizations within the HODA Group of Companies.
    uniBank Ghana Ltd, uniCredit Ghana Ltd, uniSecurities Ghana, Topp Holdings (Logistics, Securities, Recruitment) EIB (Excellence in Broadcasting) Group (Kasapa Radio, Heritage Newspaper, Agoo TV, Starr FM, GH One TV, Empire FM, Ultimate Radio, Abusua FM and Agoo FM ), LHS Energy Ghana, Star Assurance, Star Micro Insurance, Star Life Assurance, Prime Insurance, Crown Insurance, Telemedia, uniPrecissions, Alban Logistics Ghana Ltd, Star Gold Fields, and Finnet Solutions.
  • Performing risk-based IT audits that review security and controls of IT processes, applications, networks, databases and various operating systems using the ISO27001 Standards.
  • Gathering and interpreting audit evidence, preparing clear and concise work papers, and supporting findings with effective documentation.
  • Preparing Conformity and Non-conformity reports on audit results and creatively generating and developing practical recommendations to management for review and implementation.

Internal Audit Officer

uniBank Ghana Ltd
12.2014 - 12.2016
  • Planning ISMS Audit scope with Head, Internal Audit and Manager, IT Audit including preparing risk assessments, researching relevant technical information, and creating audit programs.
  • Performing risk-based IT audits that review security and controls of IT processes, applications, networks, databases and various operating systems using the ISO27001 Standards.
  • Gathering and interpreting audit evidence, preparing clear and concise work papers, and supporting findings with effective documentation.
  • Preparing Conformity and Non-conformity reports on audit results and creatively generating and developing practical recommendations to management for review and implementation.

Information Technology Risk Officer

uniBank Ghana Limited
10.2012 - 12.2014
  • Conduct monthly review of voucher assigned devices on Portnox against an approved list from IT Department.
  • Effectively manage the Information Security Incident Response process.
  • Perform regular security reviews of Server Configuration Changes, Active Directory changes, firewall configuration changes, and changes related to any other systems and network devices considered critical
  • Develop a Risk Register and ensure the implementation of a Risk Mitigation Plan
  • Participate in the development and update of Business Continuity (BC) and Disaster Recovery (DR) Plans
  • Facilitate the performance of IT DR test and simulation activities
  • Oversee vulnerability remediation exercise for applications.
  • Review of infrastructure requirements for new deployments and ensure adherence to established security standards.
  • Ensure compliance of networks devices, servers and other infrastructure to established system hardening and control standards.
  • Compliance with all applicable Information Security standards and regulatory requirements.

Senior Desktop Support Technician

Vodafone (TeleTech) Ghana
11.2010 - 10.2012
  • Operating Systems Deployment and Imaging, Network design and implementation, Domain configuration.
  • Configuring Windows Server 2008 Active directory and Domain Controllers management, setting up host files’ for Applications, Fileserver management, workstation rollout and support including IP Phone and softphone configuration management.
  • Exchange Server 2008 Active Directory, Systems Center Configuration Manager SCCM 2007. Cisco IP Call Manager configuration and Management.
  • Job Aid Trouble Ticketing, Managing Users and Groups, and SCCM 2007 Application Deployment.

Customer Care Support Representative

MTN Ghana, Scancom Limited
05.2007 - 10.2010
  • Sell and enlighten customers on the company’s wireless office issues, GPRS, EDGE Modems and 3G product and services by using APN, WAP etc.… for wireless internet connectivity, which handled most challenging complaints.
  • Pick and answer customer call for all Phones for GPRs Configurations

Network and Systems Administrator

Master Computer and Software Ghana Ltd
01.2004 - 12.2007
  • Installing and configuring computer networks and systems.
  • Identifying and solving any problems that arise with computer networks and systems, consulting with clients to specify system requirements and design solutions.
  • Budgeting for equipment and assembly costs.
  • Maintaining existing software and hardware and upgrading any that have become obsolete.
  • Monitoring computer networks and systems to identify how performance can be improved, working with IT support personnel.

Education

Bachelor of Science - Business Information Technology

University of Greenwich

International Diploma And Advanced Diploma - Computing And Information System

National Computing Center (NCC Education)

Certificate in Microcomputer Technology Part I and II - Computer Technology

City And Guilds of London
City And Guilds London Institute
02.2005

Master of Science - Information Security And Digital Forensics

University of East London
University Of East London
07.2024

Skills

  • IT Governance
  • IT Risk Management
  • Security and Operations Center
  • Information Security
  • Information Security Compliance
  • ISMS ISO-IEC 27001
  • PCIDSS
  • Digital Channels
  • Customer Service
  • Electronic Banking Operations
  • Team Leadership
  • Complex Problem-Solving

Certification

  • PECB Certified IPC Management Systems Auditor (CIMSA)
  • EC Council Certified SOC Analyst
  • ISO/IEC27001 Senior Lead Auditor
  • ISO/IEC 27032 Senior Lead Cyber Security Manager
  • Certified ISO/IEC 27001 Senior Lead Implementer
  • Certified Information Systems Auditor (CISA)
  • Check Point Certified Security Expert (CCSE)
  • Check Point Certified Security Administrator (CCSA)
  • Microsoft Certified Technology Specialist
  • System Center Configuration Manager Administrator
  • Microsoft Certified IT Professional (MCITP) Database
  • Microsoft Certified IT Professionals Enterprise Administrator
  • MCITP Server Administrator
  • Microsoft Certified Solution Associate (MCSA)
  • Microsoft Certified Solution Expert (MCSE)
  • Cisco Certified Network Associate (CCNA)
  • ITIL Version v3 Foundation Certified

Affiliations

  • Information Systems Audit and Control Association (ISACA)
  • Professional Evaluation and Certification Board (PECB)
  • Association of Certified Compliance in Africa (ACCPA)

Timeline

IT Project Manager

Imperial General Assurance Ltd
03.2023 - 05.2024

Group IT Project Consultant

Cymain Group of Companies
01.2023 - Current

IT Project Manager

Imperial General Assurance Ltd
01.2023 - 05.2024

Appointed ISMS Audit Manager

Consolidated Bank Ghana Ltd
07.2020 - 12.2020

Manager, IT Systems and Cyber Security Audit

Consolidated Bank Ghana Ltd
08.2018 - 07.2024

Audit Manager, Information Systems

UniBank Ghana Limited
03.2018 - 08.2018

Group Audit Manager, Information Systems

HODA Holdings Ghana Limited
07.2016 - 03.2018

Internal Audit Officer

uniBank Ghana Ltd
12.2014 - 12.2016

Information Technology Risk Officer

uniBank Ghana Limited
10.2012 - 12.2014

Senior Desktop Support Technician

Vodafone (TeleTech) Ghana
11.2010 - 10.2012

Customer Care Support Representative

MTN Ghana, Scancom Limited
05.2007 - 10.2010

Network and Systems Administrator

Master Computer and Software Ghana Ltd
01.2004 - 12.2007

Bachelor of Science - Business Information Technology

University of Greenwich

International Diploma And Advanced Diploma - Computing And Information System

National Computing Center (NCC Education)

Certificate in Microcomputer Technology Part I and II - Computer Technology

City And Guilds of London

Master of Science - Information Security And Digital Forensics

University of East London

Similar Profiles

CREATE PROFILE
Frank Owusu