Summary
Overview
Work History
Education
Skills
Industry Certifications
Professional Development
Hobbies and Interests
References
Timeline
Generic

TORNYELI KWABENA TETTEH

Accra

Summary

Accomplished Information Security Professional with iSmart International Ghana Limited, specializing in cybersecurity management and risk identification. Proven track record in aligning security strategies with business goals, enhancing compliance, and driving continuous improvement. Expert in project management and stakeholder collaboration, ensuring robust security frameworks and seamless operations.

Overview

20
20
years of professional experience

Work History

Information Security Consultant

iSmart International Ghana Limited
Accra
06.2025 - Current
Governance, Risk, & Compliance
  • Define, implement, and maintain the ISMS scope, policies, objectives, and risk appetite.
  • Develop and maintain an enterprise risk register and risk treatment plans.
  • Ensure compliance with ISO 27001 and PCI DSS requirements.
  • Advise management on security governance, regulatory obligations, and risk exposure.
  • Lead internal and external audits, ensuring timely remediation of findings.
People Alignment
  • Define and document information security roles and responsibilities.
  • Ensure segregation of duties and accountability across departments.
  • Lead security awareness and PCI DSS training programs.
  • Act as the primary advisor on information security to management and staff.
Process Alignment
  • Develop, review, and maintain policies, procedures, work instructions, and records.
  • Align organisational processes with ISO 27001 and PCI DSS standards.
  • Support secure change management, incident management, and vendor processes.
  • Ensure documentation supports audit readiness and compliance monitoring.
Technology Alignment
  • Ensure security technologies (IAM, SIEM, EDR, DLP, patching, firewalls, monitoring tools) are properly aligned with risk and compliance requirements.
  • Validate technical controls against ISO 27001 Annex A and PCI DSS requirements.
  • Oversee logging, monitoring, incident detection, and response activities.
  • Review system and network architectures to identify security gaps.
PCI DSS Implementation & Certification
  • Act as lead for PCI DSS implementation, remediation, and certification.
  • Define and maintain the PCI DSS scope.
  • Coordinate remediation of audit findings and ensure audit readiness.
  • Liaise with QSAs, internal teams, and service providers.
Incident Management & Continuous Improvement
  • Oversee security incident response processes.
  • Ensure lessons learned are captured and improvements implemented.
  • Support investigations, regulatory reporting, and compliance obligations.
  • Drive continual improvement of the ISMS and PCI DSS processes.
Strategic & Advisory
  • Advise executive management on security investment priorities, emerging threats, and regulatory changes.
  • Support business initiatives with security guidance and secure-by-design principles.
  • Ensure alignment of security programs with business objectives and risk appetite.

Project Coordinator/ Technician - Installation & Building of Integrated Electronic Security Systems (IESS) @ Bank of Ghana (Bo G) New Headquarters

Malro Security Services
South Africa
08.2024 - 04.2025
  • Coordinate with stakeholders to ensure all aspects of the project are planned, including resources, milestones, and deliverables.
  • Ensure that all necessary resources are available when needed and that they are utilized efficiently to keep the project on track.
  • Act as the main point of contact between different teams (e.g., installation crew, engineers, and IT specialists) to ensure smooth project execution.
  • Provide updates on project progress, address concerns, and ensure stakeholder expectations are managed and met.
  • Oversee testing and validation of the system components, ensuring they function correctly and meet specifications.
  • Proactively manage and resolve any issues that arise, minimizing the impact on the project timeline and budget.
  • Track financial expenditures, approve necessary purchases, and implement cost-saving measures where possible.
  • Oversee the installation process to ensure safety measures are followed and that the system complies with legal and regulatory requirements.
  • Ensure that all subsystems work together seamlessly and that the overall system performs as expected.
  • Coordinate training sessions, ensure documentation is complete, and confirm that staff are capable of operating and maintaining the system.
  • Ensure all project documentation is accurate, complete, and handed over to the client as part of the project closeout.

Solutions Architect (Consultant)

Innovative Support Limited
Accra
10.2023 - 08.2024

Associate Consultant - Business Impact Assessment (BIA) Project@Consolidated Bank Ghana (CBG)

CS Consulting and Services Limited
Accra
04.2023 - 09.2023
  • Collaborate with various departments to gather information about critical business processes, systems and dependencies.
  • Analyze potential risks and threats that could impact the organization's operations, such as natural disasters, cyberattacks, supply chain disruptions, etc.
  • Evaluate the potential financial, operational, and reputational impacts of various scenarios.
  • Identify vulnerabilities and weaknesses in the organization's processes and systems that could lead to disruptions.
  • Collect relevant data on processes, dependencies, recovery times, and resource requirements.
  • Analyze data to identify trends, patterns, and potential bottlenecks in the event of a disruption.
  • Collaborate with key stakeholders across departments to ensure a comprehensive understanding of business processes and dependencies.
  • Work with CBG's continuity planning team to develop strategies for maintaining critical operations during disruptions.
  • Assist in the creation of Business Continuity Plans (BCP) that outline steps to be taken in the event of various scenarios.
  • Created detailed reports and documentation outlining the results of the business impact analysis and risk assessments.
  • Provide recommendation for improvements to processes to enhance resilience.

Cyber Security Consultant/Chief Information Security Officer (CISO)

Forms Capital Limited
Accra
01.2022 - 09.2023
  • Advise the Senior Management and Board on Cyber and Information Security Management.
  • Formulate an institutional methodology for managing cyber and information security risks.
  • Develop the institution's Cyber and Information Security policy and submit it to the Senior Management and Board for approval.
  • Develop and update specific and general work procedures for realizing the institution's cyber and information security policy.
  • Maintain an ongoing process of cyber and information security risk assessment with the relevant institutional units, in order to analyze and assess the risk levels integral to the institution's technological and business activities.
  • Integrate and coordinate all institutional cyber and information security efforts, including oversight and control of all institutional units participating in these efforts.
  • Initiate and conduct cyber and information security readiness exercises.
  • Coordinate cyber and information security activities, including joint exercises with business partners and service providers.
  • Promote cyber and information security awareness and train employees, suppliers, business partners, and customers.
  • Continuously learn and monitor cyber and information security issues.
  • Form a Cyber-Incident Response Team.
  • Analyze cyber and information security incidents.
  • Develop metrics and indicators to assess the effectiveness of cyber and information security systems and procedures.
  • Assess regular and ad-hoc institutional cyber and information security controls.
  • Draw up annual and multiannual work plans.
  • Prepare and submit annual reports to the Senior Management and Board.
  • Be responsible for collaborating with relevant institutions involved in cyber and information security issues.
  • Ensure preparation of reports on major cyber and information security incidents to the Bank of Ghana.
  • Ensure High CCTV availability, monitoring playbacks and perform backups.
  • Manage the Endpoint Security software of the organization.
  • Implementation of ISO 27001 & ISO 27032 frameworks as per BoG's requirement.

IT Security Consultant

Strong Security Technology Limited
Accra
06.2020 - 12.2021
  • Testing and analyzing assets for potential security threats.
  • Identifying possible security threats and determining the best security measures.
  • Designing, implementing, and maintaining security protocols, policies, plans, and systems.
  • Coordinating and briefing a team of security specialists.
  • Meeting with clients to discuss security measures.
  • Running risk assessment and security tests.
  • Compiling and presenting reports on the test results.
  • Suggesting improvements to existing security systems.
  • Training staff to recognize and defend against security breaches and risks.
  • Installation and management of security systems.

Senior IT Security Officer

Ghana Community Network Services Ltd (GCNet)
Accra
01.2012 - 06.2020
  • Support Information Security Manager to meet business objectives year-round.
  • Contribute and support departmental strategy to meet business functional objectives.
  • Ensure Compliance with GCNet Information Security Policies at all times.
  • Maintain standards, procedures, documentation, and guidelines to support GCNet policies.
  • Promote change management requirements.
  • Promote confidentiality, integrity, availability, and accountability requirements in the department.
  • Report issues conflicting any of the Information Security policies of GCNet.
  • Proactively ensure consistent compliance with audit requirements.
  • Periodic review of user access per system for management sign-offs.
  • Provide innovative solutions to support cost-effective management of the department.
  • Log, track, and escalate daily security incidents.
  • Ensures high CCTV availability, monitoring playbacks and backups.
  • Ensures completion of daily checklists and reporting.
  • Ensures coordination and purchase of IT related equipment in the department.
  • Promote Information Security Awareness amongst staff.
  • Work closely with representatives at all GCNet sites countrywide.
  • Contribute and support Business Continuity Objectives of GCNet.
  • Supports adequately in other support areas in Information Security Department.
  • Monthly submission of reports to the Information Security manager.
  • Manages the database security appliance.
  • Manages the End-Point Security Software of the Organization.
  • Manages the Biometric access control system.
  • Manages SIEM Network Security system of the organization.

IT Systems Officer

Ghana Community Network Services Ltd (GCNet)
Accra
01.2009 - 01.2012

Database Officer

Ghana Community Network Services Ltd (GCNet)
Accra
01.2008 - 01.2009

National Service

Ghana Community Network Services Ltd (GCNet)
Accra
01.2007 - 01.2008

I.T Support Officer

NINGA information Technology Institute
Tema
01.2006 - 01.2007

Education

BSc. - Information Technology

University Of Cape Coast
Cape Coast, Ghana
08.2007

SSCE - General Science

Prempeh College
Kumasi, Ghana
12.2000

BECE -

Datus Complex Schools
Tema, Ghana
06.1997

Skills

  • Cybersecurity & Information Security Management
  • Risk Identification & Management
  • Vulnerability Assessment
  • Business Continuity Planning
  • IT Infrastructure Management
  • Disaster Recovery & Incident Response
  • Endpoint Security Management
  • Network Security
  • Project Management
  • Governance, Risk & Compliance
  • Network Configuration & Mgt
  • Firewall Installation & Mgt
  • Administration of various OS(Microsoft/Solaris/Unix/Linux)
  • SIEM Expertise
  • Vulnerability Assessment & Mgt
  • Endpoint Security Mgt
  • Enterprise Patch Mgt
  • Physical Security Mgt
  • Network Security Mgt
  • Oracle Database Administration
  • Application Security and Protection
  • Data Security Posture Management

Industry Certifications

  • Accredited Cybersecurity Professional (Cybersecurity Governance, Risk and Compliance Tier 1)
  • CSA's Independent Assessor
  • Certified SME Cyber Security Officer (CSCSO)
  • Certified ISO/IEC 42001 Lead Auditor (LA)
  • Certified Data Security Posture MGT (DSPM) Architect
  • Certified ISO/IEC 27001 Lead Auditor (LA)
  • Certified AI Security & Governance
  • Certified Data Security Posture MGT Fundamentals
  • Certified Gallagher Access Engineer
  • Certified Gallagher Access Technician
  • IRONSCALES Sales Professional Certified
  • IRONSCALES Technical Accreditation Certified
  • Swift Customer Security Programme v2023 - Expert
  • Certified Ethical Hacker Trained
  • FortiSIEM NSE 1 Network Security Associate
  • Certified Information Systems Security Professional Trained
  • Certified Information Systems Auditor trained
  • EC-Council Certified Security Specialist - ECSS
  • Cyberoam Certified Network & Security Professional - CCNSP
  • Oracle Database 11g Security Certified Implementation Specialist
  • Oracle Certified Associate (OCA)
  • Oracle SQL Expert
  • Oracle Certified Professional (OCP)
  • Oracle Solaris 10 System Administrator Certified Professional Part I
  • MCITP Windows Server 2008 Enterprise Administrator Certified
  • Microsoft Certified Technology Specialist
  • Microsoft Solution Associate
  • Microsoft Certified Professional
  • ITIL Foundation V3 Certified
  • Manage Engine Associate ServiceDesk Plus
  • Manage Engine Associate OpManager

Professional Development

  • Certified SME Cyber Security Officer course, 10/1/2026-15/1/2026
  • ISO/IEC 42001:2023 Lead Auditor course, 15/12/2025-20/12/2025
  • Data Security Posture MGT (DSPM) Architect course, 20/10/2025- 4/11/2025
  • AI Security & Governance Course, 01/10/25 - 07/10/25
  • Data Security Posture MGT Fundamentals, 05/09/25 - 08/09/25
  • ISO/IEC 27001 Lead Auditor Course, 07/29/25 - 08/28/25
  • Gallagher Security Access Engineer Course, 03/14/25 - 04/14/25
  • Gallagher Security Access Technician Course, 10/14/24 - 11/14/24
  • IRONSCALES Technical Accreditation Course, 12/12/23 - 12/20/23
  • IRONSCALES Sales Professional Course, 11/13/23 - 11/23/23
  • Swift Customer Security Programme V 2023 - Expert, 06/02/23 - 09/05/23
  • EC-Council In the Trenches: Security Operations Center, 11/09/21 - 11/12/21
  • EC-Council Getting Started with Vulnerability Analysis and Management, 11/05/21 - 11/08/21
  • EC-Council End to End Mobile Security, 11/01/21 - 11/04/21
  • QA LTD Certified Ethical Hacker (CEH) V10, 11/09/20 - 11/13/20
  • Fortinet FortiSIEM Training (FortiSIEM Basic Training and NSE 1 the Threat Landscape), 07/10/17 - 07/14/17
  • Firebrand Certified Information System Security Professional (CISSP), 08/24/15 - 08/30/15
  • Scala West Africa Certified Information Systems Auditor, 06/23/14 - 06/27/14
  • Imperva Training Imperva Database Security and Compliance, 12/16/13 - 12/20/13
  • Net Security Training Center Cisco ASA Firewall Solutions, 05/28/13 - 06/01/13
  • Net Security Training Center Cyberoam Certified Network & Security Professional - CCNSP, 05/06/13 - 05/07/13
  • GIMPA EC-Council Security Specialist, 04/29/13 - 05/03/13
  • Koenig Solutions Oracle Database 11g Security Ed 2, 08/13/12 - 08/17/12
  • GIMPA Cisco Certified Network Associate (CCNA), 10/2011 - 02/2012
  • Pultorak & Associate ITIL Intermediate Lifecycle: Service Strategy (SS), 11/21/11 - 11/24/11
  • Bickenhall College of Computing MCITP Windows Server 2008 Enterprise Administrator, 07/2011 - 08/2011
  • ZOHO Corporation Manage Engine ServiceDesk Plus, 07/2011
  • ZOHO Corporation Manage Engine OpManager, 07/2011
  • GIMPA ITIL Foundation V3, 06/2011
  • Oracle University ORACLE RAC, 05/2011

Hobbies and Interests

  • Reading
  • Research
  • Soccer
  • Swimming

References

  • Mr. Carl Sackey, Chief Executive Officer, CS Consulting and Services Limited, + (233) 244 325 986
  • Kwame Sam Biney, Manager, Digital Technology, AngloGold Ashanti Limited, + (233) 207744724

Timeline

Information Security Consultant

iSmart International Ghana Limited
06.2025 - Current

Project Coordinator/ Technician - Installation & Building of Integrated Electronic Security Systems (IESS) @ Bank of Ghana (Bo G) New Headquarters

Malro Security Services
08.2024 - 04.2025

Solutions Architect (Consultant)

Innovative Support Limited
10.2023 - 08.2024

Associate Consultant - Business Impact Assessment (BIA) Project@Consolidated Bank Ghana (CBG)

CS Consulting and Services Limited
04.2023 - 09.2023

Cyber Security Consultant/Chief Information Security Officer (CISO)

Forms Capital Limited
01.2022 - 09.2023

IT Security Consultant

Strong Security Technology Limited
06.2020 - 12.2021

Senior IT Security Officer

Ghana Community Network Services Ltd (GCNet)
01.2012 - 06.2020

IT Systems Officer

Ghana Community Network Services Ltd (GCNet)
01.2009 - 01.2012

Database Officer

Ghana Community Network Services Ltd (GCNet)
01.2008 - 01.2009

National Service

Ghana Community Network Services Ltd (GCNet)
01.2007 - 01.2008

I.T Support Officer

NINGA information Technology Institute
01.2006 - 01.2007

BSc. - Information Technology

University Of Cape Coast

SSCE - General Science

Prempeh College

BECE -

Datus Complex Schools

Similar Profiles

  • James RobertsJames Roberts

    Information Security Consultant at Cyberstone SecurityInformation Security Consultant at Cyberstone Security

  • ARJUN JARJUN J

    Information Security Consultant at IBMInformation Security Consultant at IBM

  • Gavin WheelerGavin Wheeler

    Information Security Consultant at Morning ConsultInformation Security Consultant at Morning Consult

  • Christopher OguduChristopher Ogudu

    Information Security Consultant at Office IT Services, VerizonInformation Security Consultant at Office IT Services, Verizon

CREATE PROFILE
TORNYELI KWABENA TETTEH