You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
Dennis Sitso KwameDS

Dennis Sitso Kwame

Internal/IT/IS Auditor/Compliance/InfoSec

€650/day
Darmstadt, DE
8-15 years
ISO 27001
Information Security
Business analysis
Internal Audits
Audit

Average response time: 1 hour

About Dennis Sitso

Senior IT Audit, Internal Audit, and Information Security Consultant with 14+ years of experience in highly regulated environments (financial services, healthcare, energy, public sector). I support organisations in strengthening their control environment, improving audit maturity, and meeting regulatory expectations (BaFin, ECB, GDPR, SOX).

My expertise covers ITGC audits, cybersecurity and infrastructure reviews, IAM/PAM, Active Directory, network architecture, ISMS uplift, and ISO 27001 readiness. I also deliver full internal audit services, including operational and financial audits, governance reviews, fraud investigations, and control design/remediation.

I work independently, reliably, and with a structured, analytical approach. Complex technical issues are translated into clear, actionable recommendations for both technical and non‑technical stakeholders. I also mentor junior and non‑IT auditors to build internal capability.

Certified: CISA, CISM, CEH, ISO 27001 Lead Auditor.

Available for freelance and interim engagements across IT Audit, Internal Audit, Information Security, and Governance.

  • English

    Native or bilingual

  • German

    Basic

Can work on-site
Darmstadt (up to 50km)

Experience

  • Allianz Global Investors DE
    Information Security Specialist
    BANKING AND INSURANCE
    March 2024 - February 2026 (1 year and 11 months)
    Frankfurt am Main, Germany
    • Maintained and strengthened the ISO 27001 aligned ISMS, improving global audit readiness and ensuring compliance with DORA, GDPR, BaFin, and internal governance requirements.
    • Conducted IT and IS control assessments across cloud, IAM/PAM, network security, and operational resilience, identifying gaps and recommending targeted improvements.
    • Designed and executed detailed control test procedures, evaluating both control design and operating effectiveness.
    • Performed process reviews and control evaluations to ensure alignment with regulatory expectations and internal policies.
    • Collaborated across engineering, IT, risk, and TPRM teams to uplift cybersecurity and infrastructure posture, enhancing resilience and control maturity.
    • Provided senior leadership with evidence-based audit insights, strengthening IT governance, risk posture, and strategic decision-making.
    Risk Management Management Control User Testing Communication Change Management
  • Ghana National Petroleum Corporation
    Senior Internal Auditor (IT Audit)
    October 2018 - September 2023 (5 years)
    Tema, AA, Ghana
    • Prepare risk assessment based annual audit plan for the division.
    • Led and supervised audit of SAP Basis and Security implementation.
    • Led and supervise the audit of Information Security Management System (ISMS) according to the ISO/IEC 27001 standard.
    • Performed information system audits and penetration testing to manage internal controls and assess risks.
    • Implemented audit programs and procedures that could identify risks and assess compliance requirements.
    • Review IT policies and procedures in line with best practices and regulatory requirements.
    • Lead and perform financial and other operational audits.
    • Lead and supervise the execution of follow-up of audits and audit recommendations.
    • Prepare audit reports for management and other stakeholders.
    • Managed and coached teams on audit projects.
  • National Health Insurance Authority
    IT Audit Manager
    October 2015 - October 2018 (3 years)
    Accra, Ghana
    • Performed review of internal control procedures and security for systems under development and implementation.
    • Performed penetration testing on the Organization's network.
    • Reviewed ICT policies and procedures in line with best practices and regulatory requirements.
    • Lead and supervise the follow-up of audits and audit recommendations.
    • Prepare audit reports and audit procedures for the department.
    • Designed ICT and assurance audit program to cover all ICT Processes.
    • Conducted a review of Oracle ERP Suite used by the Authority.
    • Performed Financial and operational audits in 73 District offices and 6 regional offices.
    • Reviewed the nationwide implementation of NHIS Biometric Membership System across 147 district offices.
    • Prepare audit reports
Check out Dennis Sitso's experience

Recommendations

Be the first to recommend Dennis Sitso

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Associate Degree in Digital Media
    University of Nicosia
    2019
    Master's degree, Digital Currency
  • Bachelor of Science in Computer Science
    University of Ghana
    2007
    BSc, Computer Science, Psychology

Certifications

  • CISA
    ISACA
  • CISM
    ISACA
Dennis Sitso's certifications are only visible to Malt Community members

Skill set

Cybersecurity
Management Control
Compliance
IT-Security
GRC (Governance, Risk and Compliance)
Risk and Vulnerability Assessment
Security Awareness Training
Software Architecture
Front End Interface Development

Categories