Nana Arezie Oduro-Asare
@nanaarezieoduro-asar
Senior Cyber GRC engineering leader transforming IT risk and cybersecurity compliance into actionable executive strategy.
What I'm looking for
I’m a transformational IT Audit, IT Risk, Information Security, and Cybersecurity Risk Management leader with 15+ years of experience, focused on translating complex risk landscapes into clear, actionable strategies for C-suite stakeholders. I lead dynamic, cross-functional teams to strengthen global financial services and technology firms’ security posture and operational resilience through practical GRC delivery.
Most recently, I lead the design and execution of global GRC strategy, aligning multi-jurisdictional compliance requirements with corporate risk appetite. I’ve driven automated compliance monitoring within GCP, championed shift-left security policy-as-code integrated into GitHub CI/CD pipelines, and run end-to-end risk assessments that turn technical vulnerabilities into investment-ready executive insights. I also deliver continuous improvement across standards such as ISO 27001:2022 and PCI DSS, while supporting readiness for frameworks including DORA and AIMS.
Experience
Work history, roles, and key accomplishments
Led technology risk advisory engagements focused on technology resilience and digital risk for financial institutions. Designed secure SDLC and led DORA readiness and compliance work, including internal audits and board-level cyber GRC reporting.
Provided strategic oversight of cybersecurity consulting teams in Ghana and West Africa and supported the IT risk team. Delivered ISO 27001 implementation, IT/OT and cybersecurity strategy, government cloud strategy, internal audits, and organization-wide cybersecurity strategy services.
Managed key cybersecurity consulting engagements and provided thought leadership to internal and external stakeholders. Led SOC implementation quality assurance, served as a cybersecurity risk training instructor, and supported technology transformation engagements.
Information Systems Audit Lead
Ecobank
Jan 2016 - Jan 2020 (4 years)
Planned and led risk-based information security audit reviews and investigations, preparing reports for board and group audit committees. Provided assurance across information security, cybersecurity, cloud operations, fraud risk, technology recovery, and enterprise systems including ISO 27001 assurance work.
QA of Core-Banking Migration
The Beige Bank
Jan 2016 - Jan 2016 (0 months)
Provided freelance quality assurance for core-banking system migration.
Forensic Investigation
The Beige Bank
Jan 2016 - Jan 2016 (0 months)
Performed a freelance forensic investigation for The Beige Bank.
IT Audit Manager
National Investment Bank
Jan 2015 - Jan 2016 (1 year)
Planned and led technology, e-banking, and information security risk-based assurance reviews, including presenting findings to the board audit committee. Reviewed information security policy and strategy, supported PCI DSS compliance recommendations, and enforced controls to reduce IT environment risk.
Network & Database Security Assessment
Hub Consult
Jan 2015 - Jan 2015 (0 months)
Performed network and database security assessment for the Midland Savings & Loans engagement.
IT Audit Team Lead
BeigeCapital Savings & Loans
Jan 2014 - Jan 2015 (1 year)
Led IT and information security risk-based assurance reviews and managed the audit team, preparing reports for the board audit committee. Conducted quality assurance for an ATM implementation project, designed an information security policy awareness approach, and implemented database monitoring to detect and curtail system fraud.
Network Vulnerability Assessment
Hub Consult
Jan 2014 - Jan 2014 (0 months)
Performed a network vulnerability assessment for the National Investment Bank engagement.
Information Systems Auditor
Access Bank Ghana
Jan 2010 - Jan 2014 (4 years)
Conducted IT and e-banking audits and investigations supporting monthly income assurance and statement verification for embassies. Assisted with automation of the income assurance process and developed database scripts to support internal audit branch reviews.
Education
Degrees, certifications, and relevant coursework
EU Cyber Academy
Certified NIS2 Compliance Practitioner (NCP), NIS2 Compliance
Earned the Certified NIS2 Compliance Practitioner (NCP) in 2025.
EU Cyber Academy
Certified DORA Compliance Practitioner (DCP), Digital Operational Resilience Act (DORA)
Earned the Certified DORA Compliance Practitioner (DCP) in 2025.
Kwame Nkrumah University of Science and Technology
Master of Science (MSc), Information Technology
Earned an MSc in Information Technology from KNUST (completed 2021).
PECB
ISO/IEC 27005 Lead Risk Manager, Information Security Risk Management
Earned the ISO/IEC 27005 Lead Risk Manager certification in 2020.
PECB
ISO/IEC 27032 Lead Cybersecurity Manager, Cybersecurity Management
Earned the ISO/IEC 27032 Lead Cybersecurity Manager certification in 2020.
PECB
ISO/IEC 27001 Lead Implementer, Information Security Management
Earned the ISO/IEC 27001 Information Security Lead Implementer certification in 2018.
APMG International
PRINCE2 Foundation, Project Management
Earned the PRINCE2 Foundation certification in 2017.
ISACA
CGEIT, Enterprise IT Governance
Earned the Certified in the Governance of Enterprise IT (CGEIT) certification in 2017.
EC-Council
Certified Ethical Hacker (CEH), Ethical Hacking
Earned the Certified Ethical Hacker (CEH) certification in 2016.
ISACA
Certified Risk and Information Systems Control (CRISC), IT Risk & Controls
Earned the Certified Risk and Information Systems Control (CRISC) certification in 2016.
ISACA
Certified Information Security Manager (CISM), Information Security Management
Earned the Certified Information Security Manager (CISM) certification in 2016.
ISACA
Certified Information Systems Auditor (CISA), IT Audit
Earned the Certified Information Systems Auditor (CISA) certification in 2014.
Kwame Nkrumah University of Science and Technology
Bachelor of Science (BSc), Computer Science
Earned a BSc in Computer Science from KNUST (completed 2010).
Tech stack
Software and tools used professionally
Availability
Location
Authorized to work in
Job categories
Interested in hiring Nana Arezie ?
You can contact Nana Arezie and 90k+ other talented remote workers on Himalayas.
Message Nana ArezieGet matched with your dream remote job
Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!
