Profiles search
Eric Apau, CISSP,CISA, CRISC, CA(Gh)
Cybersecurity Snr Associate- Regulatory Compliance at PwC
Hartford, CT, United States
Details
Education:
Professional Accounting License
Professional Accounting
Institute of Chartered Accountants- Ghana
2010 : 2012
Bachelor of Commerce - BCom
Accounting
University of Cape Coast
2005 : 2009
Professional Accounting
Institute of Chartered Accountants- Ghana
2010 : 2012
Bachelor of Commerce - BCom
Accounting
University of Cape Coast
2005 : 2009
Experience:
- Assist clients to design and build resilient cybersecurity programs, identify gaps and make tailored recommendations to address cyber risk.
- Evaluate the maturity of clients information security program against industry best practices and frameworks such NIST -SP, FFIEC, GDPR, PCI.
2021 : Present
PwC
Senior Cybersecurity Associate-Risk and Regulatory Compliance
- Led team to perform SOC 1 and SOC2 audits for clients in the financial services industry.
- Led walkthrough meetings with clients to confirm understanding of control design and tested the operating effectiveness of controls to achieved desired Trust Services Criteria (security, availability, processing integrity, confidentiality and privacy)
- Analyzed control mappings and reviewed risk assessments to ensure appropriate controls are developed and implemented to address key risk.
- Provided periodic status updates to clients and timely communicated high risk findings for remediation.
-Coordinated internal documentation and organization of work papers for review by senior engagement executives.
- Tested IT Application controls and evaluated key reports for IPE risk in support of the financial audit as needed.
-Provided updates to clients on relevant regulatory changes and industry trends for awareness.
2019 : 2021
EY
Senior Consultant- Technology Risk
- Analyzed on weekly basis, vulnerability report and collaborated with appropriate teams to timely remediate identified vulnerabilities.
-Developed, reviewed and updated the school’s IT policies, standards and procedures to align to industry best practices and to achieve compliance goals.
- Managed external SOC audit initiatives by engaging appropriate teams to design and test ITGCs , evaluated supporting evidence, scheduled walkthrough meetings with auditors and updated risk register for identified risk.
- Participated and contributed to daily security meetings to discuss key security operations efforts.
2018 : 2019
University of Massachusetts Medical School
IT Risk and Compliace Specialist
2015 : 2017
BNY Mellon
Consultant
2011 : 2014
COCOA BOARD GHANA
Snr Integrated Auditor
- Evaluate the maturity of clients information security program against industry best practices and frameworks such NIST -SP, FFIEC, GDPR, PCI.
2021 : Present
PwC
Senior Cybersecurity Associate-Risk and Regulatory Compliance
- Led team to perform SOC 1 and SOC2 audits for clients in the financial services industry.
- Led walkthrough meetings with clients to confirm understanding of control design and tested the operating effectiveness of controls to achieved desired Trust Services Criteria (security, availability, processing integrity, confidentiality and privacy)
- Analyzed control mappings and reviewed risk assessments to ensure appropriate controls are developed and implemented to address key risk.
- Provided periodic status updates to clients and timely communicated high risk findings for remediation.
-Coordinated internal documentation and organization of work papers for review by senior engagement executives.
- Tested IT Application controls and evaluated key reports for IPE risk in support of the financial audit as needed.
-Provided updates to clients on relevant regulatory changes and industry trends for awareness.
2019 : 2021
EY
Senior Consultant- Technology Risk
- Analyzed on weekly basis, vulnerability report and collaborated with appropriate teams to timely remediate identified vulnerabilities.
-Developed, reviewed and updated the school’s IT policies, standards and procedures to align to industry best practices and to achieve compliance goals.
- Managed external SOC audit initiatives by engaging appropriate teams to design and test ITGCs , evaluated supporting evidence, scheduled walkthrough meetings with auditors and updated risk register for identified risk.
- Participated and contributed to daily security meetings to discuss key security operations efforts.
2018 : 2019
University of Massachusetts Medical School
IT Risk and Compliace Specialist
2015 : 2017
BNY Mellon
Consultant
2011 : 2014
COCOA BOARD GHANA
Snr Integrated Auditor
Company:
PwC
Years of Experience:
12
Skills
Accounting, Auditing, Cybersecurity, Information Security, IT Audit, Risk Assessment, Risk Consulting
About
Experienced IT Risk and Cybersecurity professional with a demonstrated history of assessing the information security and technology risk management programs across a spectrum of industries especially in the Insurance, Wealth and Asset Management, Pharmaceutical and Healthcare industries.
Originally trained as a Chartered Accountant, I combine a blend of experience in accounting/finance, cybersecurity and technology risk to deliver exceptional service to clients.
At my leisure time, I watch soccer and a crazy fan of FC Barcelona.
Profile Photo
