Solomon Erkineh
I'm Information Security Specialist
About
I am a motivated and hardworking individual with a passion for learning and contributing. My strong technical expertise, combined with excellent communication skills, enables me to collaborate effectively and build positive relationships.
Information Security Specialist
I have demonstrated proficiency with a strong foundation in Information Security and IT Risk, complemented by hands-on experience in IT/IS audits and SOC 2 certification processes. I am proficient in leading both internal and external audits, including coordinating SOC 2 examinations.
I have led vendor security risk assessments by evaluating security controls through Due Diligence Questionnaires (DDQs) and compliance reports, identifying vulnerabilities, and implementing mitigation strategies to reduce potential risks. I ensure continuous vendor monitoring, assess compliance with organizational security standards, and collaborate with stakeholders to address security gaps. Additionally, I provide risk-based recommendations to support vendor onboarding, contract renewals, and long-term partnerships, strengthening overall third-party risk management.
I have successfully implemented security awareness training programs, led phishing campaigns, and published monthly cyber news to enhance organizational security culture. I also conduct physical and logical access recertifications, reporting directly to the Chief Information Security Officer (CISO).
Additionally, I manage asset inventory, ensuring accurate tracking and proper governance of IT assets to maintain compliance and mitigate security risks.
My previous experience as a Cyber Threat Intelligence Analyst involved collecting and analyzing cyber threat data to drive risk-based decision-making and enhance cyber defense strategies. I identified and investigated Indicators of Compromise (IOCs) from diverse sources and managed responses to credentials and password leaks published online, mitigating potential security risks.
I thrive on continuous learning and am committed to proactive measures in safeguarding information assets and managing risks. My technical expertise is complemented by certifications, including a recent Certified in Cybersecurity (CC) credential and proficiency in tools like JIRA, Confluence, and Microsoft Office.
Skills
I have developed a diverse set of skills in the field of information security, IT risk management, and cybersecurity.
Resume
Experienced Information Security Specialist with a strong foundation in IT risk management, security awareness training, and audit coordination. Proactive in safeguarding information assets and managing related risks.
Summary
Solomon Erkineh
Information Security Specialist with extensive experience in implementing comprehensive infosec controls, conducting security awareness training, and coordinating IT/IS audits. Proven ability to enhance security measures and manage IT risk effectively.
Education
Master's in System Engineering and Informatics
2019 - 2022
Czech University of Life Sciences Prague
Bachelor's in Computer Science
2013 - 2017
Wachemo University, Ethiopia
Professional Experience
Information Security Specialist
June 2021 - Present
ISS Stoxx, Prague
- Led vendor security risk assessments: Assessed vendor security controls using Due Diligence Questionnaires (DDQs) and compliance reports, identified and mitigated security gaps, ensured continuous vendor monitoring and periodic reassessments, and provided risk-based recommendations for vendor onboarding decisions.
- Conducted security awareness training programs and phishing campaigns, publishing monthly cyber news to enhance security awareness within the organization.
- Performed physical and logical access recertification quarterly, reporting results to the Chief Information Security Officer (CISO).
- Coordinated both external and internal IT/IS audits, including SOC2 examinations.
- Led the SOC 2 Certification Process, ensuring compliance with security standards.
- Performed IT asset inventory and managed the efficient use of IT resources.
- Worked collaboratively with other departments to identify and mitigate security risks.
- Developed and maintained security policies and procedures to ensure data protection and compliance with regulatory requirements.
- Implemented comprehensive infosec controls to safeguard information assets and manage IT risk effectively.
Cyber Threat Intelligence Analyst
July 2020 - May 2021
MSD (Merck Sharp & Dohme), Prague
- Collected and analyzed cyber threat data to enhance cyber defense strategies.
- Identified and investigated Indicators of Compromise (IOCs) from diverse sources.
- Managed responses to credentials and password leaks published online.
Information Technology Officer
March 2019 - May 2019
Arts TV - African Renaissance Television Service, Addis Ababa
- Provided IT support and managed social media platforms.
- Contributed to the definition and refinement of user stories using Agile Scrum methodologies.
Graphic Design and Digital Marketing
October 2017 - March 2019
Transsion Manufacturing, Addis Ababa
- Create eye-catching graphics for billboards, posters, flyers, and social media content that captivate audiences nationwide!
- Full control and management of the company's social media pages, including YouTube, Facebook, and Instagram.
Certificates
Showcasing my professional certifications, highlighting my commitment to continuous learning and expertise in various fields. Each certification represents the skills and knowledge I have gained to stay current and proficient in my industry.
Contact
Feel free to reach out with any questions, collaboration ideas, or just to say hello. Your messages are always welcome.