Open to New Opportunities

Solomon
Erkineh

_

Dedicated Information Security & IT Risk professional with deep expertise in infosec controls, audit coordination, and enterprise risk reporting. Currently driving security visibility at Commerzbank, Prague.

Solomon Erkineh
🔐 ISO 27001
✓ SOC 2 Lead
📊 Risk Analyst
SCROLL
About Me

Securing Systems,
Managing Risk

With over 4 years of hands-on experience across banking, financial data, and pharma sectors, I specialise in building resilient security frameworks that protect enterprise assets and satisfy regulatory requirements.

My work spans vendor risk assessment, security awareness programs, access recertification, and executive-level risk reporting — giving boards and CISOs the clarity they need for confident, risk-informed decisions.

Holding an MSc in Systems Engineering & Informatics and an (ISC)² CC credential, I combine academic rigour with real-world delivery — most notably leading a full SOC 2 certification from the ground up.

0
Years of
Experience
0
Enterprise
Companies
0
SOC 2
Led End-to-End
0
Active
Certifications
Work History

Professional
Experience

Information Security Report Analyst Feb 2025 — Present
Commerzbank
📍 Prague, Czech Republic
  • Collaborate with Regional CISOs across four regions to define and continuously improve information security reporting and risk visibility at enterprise level.
  • Collect and analyse security incidents, vulnerabilities, and threat trends to produce actionable executive intelligence.
  • Develop concise dashboards and executive reports supporting risk-based decision-making for senior management and the Group CISO function.
  • Standardise reporting practices enterprise-wide in alignment with the Group CISO office.
Information Security Analyst Jun 2021 — Jan 2025
ISS Stoxx
📍 Prague, Czech Republic
  • Assessed vendor security controls via Due Diligence Questionnaires (DDQs) and compliance reports; identified and mitigated supply-chain security gaps.
  • Led end-to-end SOC 2 certification — achieved compliance within the projected timeline; received positive feedback from external auditors.
  • Conducted quarterly physical and logical access recertification programmes, reporting results directly to the CISO.
  • Coordinated internal and external IT/IS audits across the organisation.
  • Designed and delivered security awareness training and monthly phishing simulation campaigns.
  • Developed KRI/KPP metrics and board-level reports to surface key risk indicators.
  • Created and continuously improved the Information Security Framework (policies, standards, processes) aligned to ISO 27001.
Cyber Threat Intelligence Analyst Oct 2020 — May 2021
Merck — Internship
📍 Prague, Czech Republic
  • Collected and analysed cyber threat data to drive risk-based decision-making and enhance cyber defence posture.
  • Contributed structured threat intelligence reports that shaped proactive defence strategies across the organisation.
Competencies

Skills & Expertise

Information Security
ISO 27001 / ISMS95%
SOC 2 Compliance92%
Security Awareness & Phishing90%
Third-Party Risk (DDQ)88%
Access Recertification95%
0
Years in
InfoSec
0
Enterprise
Clients
0
SOC 2
Led
0
Active
Certs
Signature Achievement
SOC 2
Certification Led End-to-End
Collaborated with IT, security, and compliance teams to implement controls and monitoring mechanisms. Achieved compliance within the projected timeline — positive external auditor feedback received.
📬
Open to Opportunities
Prague · Remote friendly
Let's Talk
Tools
JIRAConfluence MS ExcelSAP MS OfficeGRC
Risk & Audit
IT Risk Management90%
KRI / KPP Reporting88%
Audit Coordination92%
Languages
EnglishProfessional
AmharicNative
Academic Background

Education

MSc. System Engineering & Informatics
Czech University of Life Sciences Prague
Oct 2019 – Feb 2022  ·  Prague, Czech Republic
🏆 Full Academic Scholarship
Bachelor of Science in Computer Science
Wachemo University
Sep 2013 – Jun 2017  ·  Hossana, Ethiopia
Credentials

Certifications

🔐
Certified in Cybersecurity (CC)
(ISC)²
Active since Jan 2024
📊
Microsoft Excel for Business
Microsoft
Active since 2020
Let's Connect

Let's Build Something
Secure Together

Open to new opportunities, collaborations, and conversations in the information security space. Based in Prague — available internationally.

SE
Hi 👋 I'm Solomon — an InfoSec & IT Risk Analyst based in Prague. I'd love to hear about your security challenges.
Ready to strengthen your security posture and risk management framework?
Send a message...
solomon@solomonerkineh.com +420 774 397 611 Prague, Czech Republic