Open to opportunities

Eric Antwi

@ericantwi

Message

Experienced Cybersecurity Executive with expertise in GRC and cloud security.

United States

Message

What I'm looking for

Seeking a leadership role in cybersecurity to drive GRC initiatives and align security strategies with business objectives, leveraging expertise in cloud security and compliance frameworks.

As a seasoned Cybersecurity Executive with over 14 years of experience, I specialize in leading governance, risk, and compliance (GRC) programs, security operations (SOC), and IT audit initiatives across various industries. My expertise includes compliance with SOC 2 Type II, HIPAA, HITRUST, PCI DSS, and ISO 27001, ensuring robust security postures in healthcare, finance, and cloud environments.

I have a proven track record in building and scaling security programs, risk management frameworks, and application security initiatives aligned with industry standards. My strategic approach includes fostering a security-first culture, enhancing resilience through incident response, and managing vulnerabilities. I also advise executive leadership on security matters, supporting M&A and IPO readiness.

My technical proficiency spans cloud security (AWS, Azure), DevSecOps, and Zero Trust strategies. I am adept at security awareness training, threat detection, and forensic investigations, leveraging tools like Splunk, Nessus, and Qualys. My collaborative approach ensures alignment of security initiatives with business objectives, driving organizational growth and security maturity.

Experience

Work history, roles, and key accomplishments

Current

Information System Security Manager

Current

RMC-MD

Mar 2019 - Present (6 years 3 months)

Spearheaded enterprise-wide security strategy, risk management, and compliance programs, ensuring adherence to various security frameworks. Drove GRC initiatives, oversaw incident response, and collaborated with engineering teams to embed security into SDLC.

GRC Risk Frameworks Incident Response HIPAA HITRUST PCI DSS ISO 27001 AWS Azure

SOC Analyst

22nd Century Tech

Aug 2014 - Mar 2019 (4 years 7 months)

Led incident detection and response in a 24/7 SOC environment. Conducted vulnerability assessments and assisted in achieving compliance with SOC 2 Type II, PCI DSS, and HIPAA.

Vulnerability Assessment SOC II PCI DSS HIPAA

Senior Security Control Assessor

22nd Century Technologies

Apr 2012 - Jul 2014 (2 years 3 months)

Conducted security control assessments using NIST SP 800-53. Reviewed existing documents and conducted cloud system assessments within AWS GovCloud and Microsoft Azure environments.

Security Control Assessment NIST 800 53 AWS GovCloud Microsoft Azure Compliance Monitoring Risk Assessment

Information Systems Security Engineer

22nd Century

Apr 2011 - Apr 2012 (11 months)

Identified information protection needs and designed security architectures for IS and Network environments. Developed cybersecurity-enabled products and integrated security solutions.

Information Security Security Architecture Network Security Risk Assessment

Cyber Security Policy and Compliance Analyst

22nd Century Tech

Aug 2009 - Apr 2011 (1 year 8 months)

Conducted risk assessments on internal infrastructures and vendors. Developed incident response plans and maintained knowledge of cybersecurity best practices and regulatory requirements.

Risk Assessment Incident Response Regulatory Requirements Change Management

Education

Degrees, certifications, and relevant coursework

University of the Incarnate Word

Master of Science, Cyber Security and Asset Management

Completed a Master's degree focusing on Cyber Security and Asset Management, equipping with advanced knowledge in securing information systems and managing cybersecurity assets.

University of the Incarnate Word

Bachelor of Business Administration, Banking and Finance

Earned a Bachelor's degree in Business Administration with a concentration in Banking and Finance, providing a solid foundation in financial principles and business management.