Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Joey Okoreh Arhin

UK

Summary

With over 10 years of IT Professional experience, including 5 dedicated to GRC, I excel at establishing and managing comprehensive Vulnerability Management Programs, leading to significant risk reduction (e.g., 30% reduction in security risks). I leverage my expertise in Data Protection, Business Analysis, Risk Assessment, Security Auditing, and frameworks like ISO 27001, NIST, GDPR SOC 2, and UK Cyber Essentials to drive strategic initiatives and ensure adherence to industry standards. I am passionate about enhancing organisational security posture through continuous monitoring and seek a challenging opportunity to leverage my skills.

Overview

11
11
years of professional experience
4
4
Certification

Work History

Cyber Vulnerability Management Analsyt

Vitality Group
05.2023 - 05.2024
  • Spearheaded comprehensive vulnerability assessments of servers, applications, infrastructure, and cloud environments, achieving a 30% reduction in security risks.
  • Established and managed the full vulnerability lifecycle, prioritising and remediating vulnerabilities to significantly decrease open issues.
  • Developed and maintained vulnerability management tools and processes in Jira and Confluence, streamlining remediation and improving efficiency.
  • Collaborated with cross-functional teams to implement the vulnerability management strategy, fostering a collaborative security environment.
  • Monitored security assessments and verified remediation efforts, ensuring effective mitigation within agreed-upon SLAs and contributing to a stronger overall security posture.

GRC Vulnerability Consultant

Cybarik Limited
08.2022 - 03.2023
  • Developed and implemented an ISO 27001-compliant Information Security Management System (ISMS), including policies, procedures, and controls, ensuring robust information security governance.
  • Conducted comprehensive risk assessments to identify and mitigate potential threats and vulnerabilities to information assets.
  • Implemented and maintained security controls aligned with ISO 27001 standards to safeguard sensitive data.
  • Performed internal audits and controls assessments to ensure ongoing compliance with ISO 27001 requirements.
  • Developed and implemented a comprehensive Vulnerability Management Program for proactive identification, assessment, and remediation of security vulnerabilities.

Business Analyst (Vulnerability Management)

Key Group
10.2021 - 07.2022
  • Created cybersecurity best practice communications to educate staff against known threats and potential vectors of attack.
  • Conducted regular vulnerability assessments and analyzed risks, providing actionable recommendations to stakeholders.
  • Collaborated with IT, security, and business teams to align vulnerability management with organizational goals.
  • Developed and implemented remediation plans, ensuring compliance with regulatory requirements and industry standards.
  • Conducted security audits to identify vulnerabilities.

IT Risk Analyst

Slater And Gordon Lawyers
01.2021 - 09.2021
  • Conducted thorough third-party risk assessments to evaluate potential risks and ensure legal/regulatory compliance in the law firm.
  • Collaborated with legal teams and vendors to assess and mitigate risks in third-party contracts and partnerships.
  • Developed and implemented risk management strategies and policies to safeguard sensitive data and intellectual property.
  • Provided risk mitigation recommendations and guidance to senior management.
  • Monitored and reported on risk management effectiveness, identifying areas for improvement and implementing corrective actions.

Business Analyst (GDPR)

Sorted Group
07.2020 - 09.2020
  • Spearheaded the development and implementation of a robust Subject Access Request (SAR) management process ensuring 100% GDPR compliance within the organization.
  • Established a comprehensive asset register to kickstart the company's security risk assessment program, facilitating 50% of effective data protection and risk mitigation.
  • Collaborated with cross-functional teams to foster a culture of privacy awareness and ensure alignment and understanding of the SAR process and data protection best practices.

Lead Business Analyst

Betfred
10.2017 - 07.2020
  • Mentored junior analysts, providing guidance on best practices, technical skills development, and career growth opportunities.
  • Led requirement gathering, scoping, and implementation of GDPR-compliant marketing preferences and data retention policy automation, ensuring 100% regulatory adherence
  • Spearheaded the development and deployment of automated solutions for managing marketing preferences and data retention policies, enhancing compliance and operational efficiency.
  • Led cross-functional teams to successfully execute complex GDPR projects within scope, budget, and timeline constraints.


Business Analyst

ABCUL
05.2017 - 10.2017
  • Led the successful adoption of a new banking software platform for 4 credit unions, facilitating process transformation and enhanced operational efficiency.
  • Partnered with credit union teams to analyse existing processes, identify gaps, and develop tailored solutions for seamless transition to a new banking software.

Business Analyst

John Lewis & Partners
11.2015 - 04.2017
  • Led the requirement gathering, product discovery, and implementation of the "My Account" and checkout features on our e-commerce platform.
  • Collaborated with cross-functional teams to ensure user-centric design and seamless integration of these critical features, enhancing customer experience and driving online sales.

Junior Business Analyst

Atos
04.2014 - 09.2015
  • Increased collaboration between departments by developing cross-functional data sharing procedures, resulting in more informed decisionmaking.
  • Created comprehensive documentation for business processes, enhancing overall organisational efficiency and knowledge sharing.
  • Enabled informed decision-making by conducting thorough competitive analyses of industry peers and emerging trends.


IT Help Desk Agent

Atos Origin Information Technology
04.2013 - 04.2014

Education

Master of Science - Cyber Security

University of Salford
Manchester, United Kingdom
2021

Bachelor of Science - B.Sc. Media And Communication

Manchester University
UK
05.2012

Skills

  • Vulnerability Assessment
  • Information Governance - Policies and Procedure
  • Security Auditing
  • Cybersecurity concepts
  • ISO27001, Cyber Essentials, SOC 2, GDPR
  • Qualys VDMR
  • Vulnerability Management and Patch Management
  • Security Audits and Security Awareness
  • Risk Assessment and Management
  • Gap Analysis/Assessment
  • BPMN Process Mapping
  • Requirements Gathering
  • Disaster Recovery Planning
  • Communication
  • Tenable
  • Analytical Thinking
  • Analysis & Evaluation
  • Attention to Detail
  • Team Collaboration

Certification

  • OneTrust GRC Pro Certified
  • ISO 27001 Lead Auditor
  • Developing and Implementing Vulnerability Management Program
  • Agile Business Analysis
  • BCS Requirement Engineering
  • Qualys VDMR Certified

Timeline

Cyber Vulnerability Management Analsyt

Vitality Group
05.2023 - 05.2024

GRC Vulnerability Consultant

Cybarik Limited
08.2022 - 03.2023

Business Analyst (Vulnerability Management)

Key Group
10.2021 - 07.2022

IT Risk Analyst

Slater And Gordon Lawyers
01.2021 - 09.2021

Business Analyst (GDPR)

Sorted Group
07.2020 - 09.2020

Lead Business Analyst

Betfred
10.2017 - 07.2020

Business Analyst

ABCUL
05.2017 - 10.2017

Business Analyst

John Lewis & Partners
11.2015 - 04.2017

Junior Business Analyst

Atos
04.2014 - 09.2015

IT Help Desk Agent

Atos Origin Information Technology
04.2013 - 04.2014

Master of Science - Cyber Security

University of Salford

Bachelor of Science - B.Sc. Media And Communication

Manchester University

Similar Profiles

CREATE PROFILE
Joey Okoreh Arhin