ISAAC K. BOYE
https://www.linkedin.com/in/isaac-k-boye-82a9722b/
Isaac is a proven information security and cyber security consultant with over 15 years of working experience and a Tier 1 Cyber Security
Professional from the Ghana Cyber Security Authority (CSA). He has held an ISACA Gold Professional membership in good standing for several
years. He has proven ability to lead through change strategies, very tactical, business-minded, self-motivated, transformation-oriented, a
critical thinker and a problem solver. He has assisted up to seven (7) organizations (private and governmental) across a number of industries,
with Information Technology (IT) and Operational Technology (OT) assets, over his working life. He has implemented the following world class,
regulatory, legal frameworks/ standards/requirements and eventually achieve certifications such as: ISO 27001 and accreditations such as: CSA
Accreditation, Ghana Cyber Security Directive for Critical Information Infrastructure (CII), and compliance standards/ frameworks: ISO 22301,
ISO 3100, NIST Cybersecurity Security Framework (NIST CSF 2.0), Zero Trust Framework (ZTF), CIS Controls, SOC 2, PCI DSS v3.8, and guidelines). As
a professional systems analyst, he has successfully implemented software development projects at local and national levels within record
breaking levels.
He has the skills and competence to execute gap or compliance assessment of an organization against any of the above standards or
frameworks coupled with the determination of the cybersecurity and information security maturity level of the organization. He can proceed
further, by developing a short to medium term strategic roadmap, to achieve the desired maturity levels or risk acceptable level, in alignment
with the risk appetite of organization. He is eager to deliver results to meet key expectations of the board, top management, staff, and your
discerning clients. His willingness to travel is 100%—both domestically and internationally.
EDUCATION AND
CERTIFICATIONS
Kwame Nkrumah of Science & Tech (KNUST), Kumasi, 06/1999.
●
Bachelor of Science: Computer Science (Strong 2nd Class Upper)
University of Leicester, M. Sc. Criminology UK, 02/2020.
●
Post Graduate Certificate - Security and Risk
Information Systems Audit & Control Ass (ISACA), Remote Learning (Professional Course), 01/2022
●
●
Certified Information Security Manager (CISM), Certified In Risk and Information Systems Control (CRISC),
Certified In The Governance of Enterprise IT (CGEIT), Certified Data Privacy Solutions Engineer (CDPSE).
ISMS - Lead Audit/ Implementer, Accra, 02/2024 & 06/2015.
●
ISO 27001 Lead Auditor & ISO 27001:2013 Lead Implementer
Introduction To Sustainable Finance, University of Oxford
●
Online Course
iQ4 Virtual Cybersecurity Project – Cybersecurity Workforce Alliance (USA)
●
2023 October Cohort (Threat Within and NIST CSF Framework Internship at Levan Center
Led by Ian MacDonald- with the following mentors (Paul Ventrano, Sam Huckeba- and
John Linkowsky-.
SKILLS
CONFERENCES
ATTENDED
INFOSEC AND
CYBER SECURITY
CONSULTANCY
Information Security Policy Development, Policy
Awareness & Compliance Management, Data
Privacy & Security, Risk Management, Business
Continuity & Disaster Recovery Planning/ Testing,
Security Awareness Training
●
Cybersecurity: Security Operations/ Tools: Imperva,
FortiSIEM, Wireshark, Acunetix for Web Testing,
Cyberoam, nmap, Vulnerability Management,
Penetration Testing Projects
●
Threat modelling and risk management frameworks
●
Lead Incident Management assignments with
support from Digital Forensic Investigations Teams &
Reporting
●
Gap Assessment and implementation of the
following frameworks: ISO 27001, NIST CSF, CIS, ZTF
●
Drive and a track record of going above-andbeyond expectations
● Panelist at Risk Summit, 2025
● Annual ISACA Conferences (Risk & IT Governance
Summits)
●
●
●
●
●
●
●
●
●
●
●
●
●
Secure Software Development Life Cycle:
Security by Design, Application & Database
Security, Digitization & Operations Efficiency
Python Programming, Visual Basic
Problem Solver
Incident Management/ Crisis Management
Programming Skills: Python, Visual Basic,
Cloud Security
Strong Leadership: Self-Directed & Proactive,
People Management, coaching & Team
Building with Conflict Management skills and
critical thinking.
Data Analytics and Reporting
knowledge of Sustainable Finance
Project Management & Change Management
Communication, Documentation, Reporting
and Presentation skills
Panelist at NITA PKI Launch, 2025
ISACA Webinars (local and international)
Project Technical Lead, 06/2024 – to date
e-Crime Bureau, Ghana
●
Provide leadership, management and technical coordination on all designated projects.
Page 1 of 4
●
●
●
●
TECHNOLOGY
EXPERIENCE
Head of Technology and Digital, 08/2021 – 06/2024
Chartered Institute of Bankers, Ghana (CIB, Ghana)
●
●
●
●
●
●
●
●
●
●
●
Information
Security and
Cybersecurity
Consultancy
Ensure effective execution of respective project components, and their attendant project management
requirements and oversee the timely implementation of the project components.
Provide leadership to a team of project components leads to achieve the objective of the project owners.
Ensure effective project planning that meets client needs with organization’s goals and coordinate team leads
and technical personnel throughout the entire process and stages of projects in a timely manner.
Successfully contributed to the following projects:
o
Mining Industry ▪ Led and executed a compliance assessment project in alignment with the Ghana Cyber
Security Authority’s Cybersecurity Act, 2020 and Directives for the Protection of Critical
Information Infrastructure (CII), 2021.
▪ Ensured smooth delivery of Managed Services to achieve the Cybersecurity Operations per
the agreed Service Level Agreement (SLA) deliverables and timelines.
o
e-Crime Bureau ISO 27001:2022 Certification Project ▪ Achievements: Successfully planned, coordinated with all stakeholders and strategically
implemented the certification process within a record time.
o
International Projects ▪ Achievements: Led the planning, coordination, documentation and timely submission of
World Bank international bids and expression of interests (EOI).
o
National Revenue Authority - Deployment of Cyber Security Infrastructure
▪ Achievements: successfully executed as a team member and specific lead areas per the
following: planning, project documentation, training, technical implementations, user
acceptance tests, project validation sessions, project sign off sessions, final handover to the
client and support/ maintenance program.
o
National Energy Organisation - Deployment of a Digital Forensic Office
▪ Achievements: Planned and executed project plans and met all agreed targets i.e. office
setup, hardware and software procurement, testing and handover.
▪ Led a team to provide timely response and containment of a suspected cyber security
incident.
-
TAG International Development, UK (https://tagintdev.com/) - 2025
●
-
Executed a gap assessment of GhanaReinsurance in alignment with NIST CSF 1.1
e-Crime Bureau Cyber and Information Security Consultant (Part Time) -
●
●
-
Successfully intervened and led a team to implement a FinTech solution for national security organisation.
GhanaReinsurance Information Security Team Member & Consultant (Part Time) - 2024
●
-
The Institute saved over $200,000.00 through my initiative to use local resources and successfully implemented a
Learning Management Platform. The objective is to: optimize the cost of doing business and execute our
mandate. This is being used to date and it is currently being improved as I monitor the situation remotely with
the Technology team at zero cost.
Collaborated with business leaders to develop and deploy an approved Information and Cyber Security Policy
and strategy, in alignment with ISO 27001:2013 standards and NIST CSF standards with final approval from the
Executive Committee.
Managed cybersecurity governance, risk, and compliance processes consistent with industry standards and
regulatory requirements for a publicly traded company.
Served as a strategy advisor to the Management team on Infosec and Cybersecurity initiatives.
Documented and received approval from the Executive Committee (Ex-Co) on a 3–5-year IT Digitization
Strategy in alignment with the Institute vision and goals.
ERP Project Vendor Selection: Worked closely with all resource persons (internal and external) to arrive at the
top three (3) vendors by using innovative solutions and promoted a very transparent process.
Identified several digitization opportunities and have delivered the following: LMS, Vehicle Booking, Digital
Payments/ Reconciliation, Human Resource Management, Remote Examination Monitoring, New Website, CIS
Control Gap Assessment, …
Prepared a business case and successfully received approval to migrate from an old system to Office 365 with
minimal disruption – this has facilitated team collaborations, working from home solutions and business
continuity.
Collaborated with others to discuss new opportunities.
Achieved cost-savings by developing functional solutions to problems.
Collaborated with cross-functional team to define features and build powerful and easy-to-use products and
customer-facing workflow tools.
Ghana Revenue Authority ISO 27001:2022 Successfully executed Gap Assessment Project, Prepared and
accredited GRA Cybersecurity Infrastructure under Ghana Cybersecurity Authority as Tier-1.
Successfully executed ISO 27001:2022 Gap Assessment, Certification for the Bureau.
Crown City Technology Ghana, Information Security Consultant, 06/2021 - 12/2022
●
●
Successfully consulted for the FinTech company for two (2) certifications projects ISO 27001:2013 and PCI DSS,
throughout the year under review and received their certification in Q1, 2023.
Project managed and completed the task within 1.5 years record time.
Page 2 of 4
Information
Security
Manager
Information Security Manager (06/2011 – 6/2020) &
CISO Independent Contractor (10/2020 - 03/2021)
Ghana Community Network Services (GCNet)
●
●
●
●
●
●
●
●
●
●
●
●
●
●
●
●
●
●
IT Security
Manager
Played the role of an Information Security Manager (ISM) and played the role of a 6-month consultancy role all
within 9.5 years with great achievements.
Developed and implemented security standards, policies, and procedures for the organization in alignment of
ISO 27001:2013 standards. Maintained ISO 27001 standards for period under review.
Played an active role in advising a) Top Management and b) Member of Information Security Advisory Group
(ISAG) on information security and cyber related issues.
Increased on the security awareness culture across the organization by 50%.
Maintained ISO 27001:2013 certifications for two (2) business projects for Ghana Revenue Authority (GRA) i.e.,
GeGov and Tradenet) from 2015 to 2020.
Carried out Information Security Awareness programs year-round for all stakeholders (internal and external).
Coordinated and implemented a continuous IT Risk Management Programme in alignment with the ISO 27001
requirements with support from Top Management, Functional Heads and teams.
Coordinated and implemented the 1st BCM site for the business and ensured annual BCM and DR testing and
reporting.
Ensured change management controls are adhered to ensure stability of critical to non-critical systems.
Strategically planned and deployed a number of Cybersecurity controls and Projects including A) Prepared an
Coordinated and operated Information Security Advisory Group (ISAG) for GCNet from 2013 to 2020 b) Annually
rolled out information security awareness for all staff on emerging trends and exposures B) Implemented the 1st
SIEM project solution & SOC Analyst for the business to track all security events, incident management,
investigations and resources utilization.
C) Coordinated and tracked vulnerability management monthly to minimize our security exposure from cyberattacks D) Annually coordinated penetration tests to address gauge the business cyber security exposures E)
Ensured continuous improvement of cybersecurity related controls to address emerging cyber related threats.
F) Reported Monthly on the performance of the business cybersecurity and information security objectives and
metrics with support from system owners with countermeasures in place to secure the business G) Acted as the
business representative to the Data Protection Commission.
Assessed current network infrastructure for potential security risks and vulnerabilities.
Learned about latest security threats from blogs and online publications.
Updated computer security policies and procedures upon learning of new risks.
Coordinated security updates to avoid outages and downtime.
Analyzed key performance indicators to identify effective strategies.
Worked closely with human resources to support employee management and organization
Stanbic Bank of Ghana (06/2008 - 05/2011)
●
●
●
●
●
Consistently maintained Satisfactory Audit rating for all three (3) continuous years for both internal and external
audits.
Implemented a Minimum-Security Standard for all branches based on which sites were measured against and
ranked.
Implemented a quarterly Disaster Recovery testing exercise program and reporting for the bank to ensure the
bank can technically operate effectively from a remote site outside the primary site.
Achieved Country of the Month in Standard Bank Group of Africa, for achieving 98.7% IT Security compliance
levels for the business through monthly compliance reporting from each compliance rep at each business site.
Active team player in BlueTech newsletter (Chairperson, IT Editorial Board - an IT communication media team)
over a 2- year period. Successfully published over 20 newsletters during the period under review.
IT Infrastructure
Support Officer
ABSA, Formerly Barclays Bank of Ghana (03/2002 - 06/2008
REFERENCES
1.
2.
3.
4.
5.
Won two (2) awards i.e. Silver and Bronze for: 1) Single-handedly held the fort for a team of three (3) colleagues
to allow them to attend a Microsoft Training over a three (3) months period of training 2) Innovatively designed
software to track software license usage for the enterprise to minimize legal fines and ensure compliance
●
Effectively documented all IT procedures and processes - This effort smoothened training of new hires i.e., new
recruited staff.
●
Drafted reports outlining findings from investigations and recommending corrective action.
●
Developed strategies for improving operational efficiency while reducing costs.
●
Implemented new technologies as needed to enhance productivity levels in the workplace.
●
Resolved conflicts between employees or departments that arose due to misunderstandings or
miscommunication.
●
Maintained positive working relationship with fellow staff and management.
●
Identified needs of customers promptly and efficiently.
●
Displayed strong telephone etiquette, effective handling of difficult calls.
●
Set specific goals for projects to measure progress and evaluate end results.
●
Utilized document management system to organize company files, keeping up-to-date and easily accessible
data.
TAG International Development, UK – Mr. Chris Aston and Mr. Dan Opare
Mr. Philip Debrah Danquah (Principal Consultant) at e-Crime Bureau (Cybersecurity Company) – Accra, Ghana
Mrs Akosua Asamoah, Energy Commission (HR Manager) – Accra, Ghana
Dr. George Mensah, Consultant – Accra, Ghana.
Ian MacDonald, iQ4 Cybersecurity Mentorship Course Facilitator - USA
●
Page 3 of 4
Page 4 of 4
