Eric Antwi
@ericantwi
Experienced Cybersecurity Executive with expertise in GRC and cloud security.
What I'm looking for
As a seasoned Cybersecurity Executive with over 14 years of experience, I specialize in leading governance, risk, and compliance (GRC) programs, security operations (SOC), and IT audit initiatives across various industries. My expertise includes compliance with SOC 2 Type II, HIPAA, HITRUST, PCI DSS, and ISO 27001, ensuring robust security postures in healthcare, finance, and cloud environments.
I have a proven track record in building and scaling security programs, risk management frameworks, and application security initiatives aligned with industry standards. My strategic approach includes fostering a security-first culture, enhancing resilience through incident response, and managing vulnerabilities. I also advise executive leadership on security matters, supporting M&A and IPO readiness.
My technical proficiency spans cloud security (AWS, Azure), DevSecOps, and Zero Trust strategies. I am adept at security awareness training, threat detection, and forensic investigations, leveraging tools like Splunk, Nessus, and Qualys. My collaborative approach ensures alignment of security initiatives with business objectives, driving organizational growth and security maturity.
Experience
Work history, roles, and key accomplishments
Information System Security Manager
RMC-MD
Mar 2019 - Present (6 years 3 months)
Spearheaded enterprise-wide security strategy, risk management, and compliance programs, ensuring adherence to various security frameworks. Drove GRC initiatives, oversaw incident response, and collaborated with engineering teams to embed security into SDLC.
SOC Analyst
22nd Century Tech
Aug 2014 - Mar 2019 (4 years 7 months)
Led incident detection and response in a 24/7 SOC environment. Conducted vulnerability assessments and assisted in achieving compliance with SOC 2 Type II, PCI DSS, and HIPAA.
Senior Security Control Assessor
22nd Century Technologies
Apr 2012 - Jul 2014 (2 years 3 months)
Conducted security control assessments using NIST SP 800-53. Reviewed existing documents and conducted cloud system assessments within AWS GovCloud and Microsoft Azure environments.
Information Systems Security Engineer
22nd Century
Apr 2011 - Apr 2012 (11 months)
Identified information protection needs and designed security architectures for IS and Network environments. Developed cybersecurity-enabled products and integrated security solutions.
Cyber Security Policy and Compliance Analyst
22nd Century Tech
Aug 2009 - Apr 2011 (1 year 8 months)
Conducted risk assessments on internal infrastructures and vendors. Developed incident response plans and maintained knowledge of cybersecurity best practices and regulatory requirements.
Education
Degrees, certifications, and relevant coursework
University of the Incarnate Word
Master of Science, Cyber Security and Asset Management
Completed a Master's degree focusing on Cyber Security and Asset Management, equipping with advanced knowledge in securing information systems and managing cybersecurity assets.
University of the Incarnate Word
Bachelor of Business Administration, Banking and Finance
Earned a Bachelor's degree in Business Administration with a concentration in Banking and Finance, providing a solid foundation in financial principles and business management.
Availability
Location
Authorized to work in
Job categories
Interested in hiring Eric?
You can contact Eric and 90k+ other talented remote workers on Himalayas.
Message EricFind your dream job
Sign up now and join over 85,000 remote workers who receive personalized job alerts, curated job matches, and more for free!
