ENOCH OPPONG PEPRAH

• Responsible for planning and development of an appropriate Information security operational plan.
Leading the development of information security architecture, services and systems within the university environment.
• Team Management of the cyber security analysts, planning and implementing effective training,
• Responsible for the selection, implementation and operation of cyber security services and solutions
• Stay abreast with information security issues and regulatory changes affecting higher education, participate in national policy and practice discussions, and
communicate to the university on a regular basis about those topics; engage in professional development to maintain continual growth in professional skills and
knowledge essential to the position.
• Utilizing analytical tools to determine emerging threats, vulnerabilities and implement measures, such as Intrusion detection and prevention and encryption
to find the best way (with support as necessary) to secure the IT infrastructure
• Ensure regular reviews of policy documents are conducted. Advising the relevant committees of proposed changes.
• Work with other ICT colleagues to ensure that systems are patched and adequately secured and protected, and that any changes are performed in a controlled and documented fashion
• Maintain a strategy and plan for information security work which addresses the evolving business risk and information control requirements.ISO27001,NIST & PCIDSS
• Carry out regular security audits both internal and with the assistance of external security specialists
• Regular inspections of systems and functions to ensure compliance with university policy and to ensure that any gaps are filled
• Engage directly with university projects to review new projects and initiatives, ensuring security requirements are captured and managed through to implementation
• Responsible for the process of gathering, analysing and assessing the current and future threat landscape, providing a realistic view of risks, threats and
priorities in the enterprise environment
• Lead investigations, analysis and review following breaches of security controls and manages security incidents
• Communicate well, both orally and in writing, and respond to wide-ranging and detailed questioning relating both to own areas of specialization and, at a more
general level, to the wider field of IT
• Promote the service within the University and create strong personal relationships with the full range of stakeholders.
• Liaise with HE sector, external organizations and key suppliers to share ideas, compare approaches and develop best practice.
• Co-ordinate cyber security awareness training for colleagues.

• Design the most efficient way to protect system, networks, software, data and information systems against any potential attacks, using:ISO27001/5,NIST,PCIDSS etc.
• Train client on technical and non-technical domains in cyber security.
• Select and develop a range of effective resources, including appropriate use of new and emerging technologies ensuring they are inclusive, promote equality and engage with diversity.
• Implement vulnerability testing, threat analyses, and security checks.
• Perform research on cyber security criteria, security systems, and validation procedures.
• Consult/build a SOC, and train SOC analyst.
• Advise on accurate cost estimations and categorize integration issues for IT project teams.
• Plan and design healthy security architectures for any IT project, using: TOGAF,SABSA etc.
• Investigate and provide security solutions using business standard analysis criteria. Using: SOC2 etc.
• Deliver technical reports and official papers relating to test findings.
• Provide professional supervision and guidance to security teams.
• Consult/advise on both technical and business as of cyber security and information technology in general.

• Monitored the organization’s networks for security breaches and investigate violation across the 36 affiliates using tools like M365(Azure sentinel,cloud app,MS defender) and McAfee SIEM.
• Collaborated with the digital forensics team to analyze malware samples, obtain from IOCs and implement necessary preventive measures.
• Performed systems vulnerability/risk management using Qualys.
• Conduct detailed comprehensive analysis and investigation on a wide variety of security events and implement containment and mitigation processes.
• Perform threat analysis and hunting with IOC's.
• Performed any other duties assigned by the SOC manager

• Resolved incoming help requests from end users via both telephone and e-mail in a courteous manner.
• Documented all pertinent end user identification information, including name, department, contact information, and nature of problem or issue across the 34 affiliates in the Ecobank group such as: Ghana, Nigeria, Uganda, Zambia, Senegal, Mali,Tanzania,Malawi among many others.
• Built rapport and elicit problem solving skills aimed at resolving both internal and external customer request.

• Worked as a core banking applications team lead to provide excellent 24/7 support.
• Supported in Oracle Flex cube (Host a Branch) to all affiliates in the Ecobank group across 34 African countries such as Nigeria, Ghana, Burkina Faso, Senegal, Gabon, Tanzania, and Malawi amongst many others.
• Actively participate in testing and implementation of new systems and ensure taking of daily accurate and complete backup of affiliates system (Oracle flex cube host database).
• Provided operational database support, primarily in oracle flex cube database.