Edward Berkoh

Improved compliance posture across multiple programs by aligning all project security activities with ISO 27001, NIST CSF/800-53, and CIS controls, significantly reducing audit findings.

Strengthened design assurance by integrating policy compliance checks and control validations throughout the project lifecycle, leading to early identification and resolution of non-conformities.

Increased stakeholder confidence by delivering traceable, evidence-based assurance documentation, enhancing support for critical security decisions and demonstrating due diligence.

Defined and implemented robust security requirements aligned with ISO 27001, NIST CSF/800-53, CIS controls, and GDPR, ensuring comprehensive regulatory adherence.

Consulted on new designs by performing STRIDE threat modeling, proactively identifying risks and recommending effective mitigating controls.

Led technical security risk assessments and advised on control enhancements, significantly strengthening the enterprise's defence-in-depth strategy.

Improved stakeholder visibility of risk by ensuring key risks were documented, clearly communicated, and tracked for remediation within the enterprise risk register.

Influenced system and architecture design through GRC oversight, ensuring alignment with internal security policies, ISO 27001 controls, and regulatory standards.

Conducted comprehensive risk assessments on proposed solutions and architectural changes, identifying security risks and ensuring appropriate stakeholder visibility.

Utilized STRIDE threat modeling for business-critical systems, identifying threats and ensuring comprehensive control coverage across processes and data flows.

Reduced compliance gaps by supporting Risk and Control Self-Assessments (RCSA), identifying weaknesses, and escalating unresolved control issues for timely review.

Accelerated remediation timelines by facilitating risk acceptance and mitigation planning with business stakeholders, significantly reducing open policy exceptions across key domains.

Planned and conducted assurance testing for RCSA, documenting findings and recommending effective mitigation actions.

Prioritized assurance coverage based on risk exposure, focusing efforts on high-impact areas to enhance audit readiness and regulatory alignment.

Provided security oversight and risk guidance for IT projects, evaluating technical controls and policy adherence to ensure compliance.

Contributed to a secure data center strategy by supporting the design and delivery of a new active-active data center model, enhancing resilience and secure failover capabilities.

Enabled secure business innovation by aligning modern architecture patterns (cloud, integration, access controls) with internal policies and risk frameworks.

Closed security gaps in legacy and proposed solutions by identifying design weaknesses and recommending improvements, enhancing security posture and compliance.

Delivered architectural consultancy and security design input for infrastructure and platform changes, including data center migration and network segmentation.

Identified security and operational risks across proposed designs, providing mitigation and remediation guidance as part of technical assurance functions.

Enabled data-driven governance by producing and maintaining actionable security metrics and dashboards, enhancing visibility for senior stakeholders and audit teams.

Supported successful remediation planning by assisting with the implementation of security action plans and collaborating with project and operational teams on control improvement initiatives.

Collaborated with technical specialists on data risk and security gap assessments to remediate identified vulnerabilities through enterprise-wide security enhancements.

Oversaw the implementation of best security practices and standards within networking infrastructure and systems, ensuring robust security posture.

Implemented and maintained security solutions to protect organizational assets.

Assisted in identifying and mitigating system vulnerabilities.

Contributed to security incident response activities and system hardening.

Supported client security infrastructure, ensuring operational integrity and compliance.

Assisted with security configurations and troubleshooting for various systems.

Contributed to client security projects and initiatives, adhering to project timelines.

Designed, implemented, and maintained network systems, supporting global operations and connectivity.

Resolved complex network issues, minimizing downtime and ensuring business continuity for critical systems.

Managed network security configurations and access controls, enhancing data protection.

Contributed to network upgrade and optimization projects, improving system efficiency.

Administered network infrastructure, ensuring reliable connectivity for over 100 users.

Managed network access and security policies, maintaining data integrity.

Provided technical support for network-related issues, resolving 95% of tickets within 24 hours.

Provided first-line support for network and system issues, resolving problems efficiently.

Assisted with network hardware and software installations and configurations.

Monitored network performance and identified areas for improvement, contributing to system stability.