Security professional with history of safeguarding critical infrastructure and sensitive information. Possesses strategic mindset and excels in team collaboration and achieving measurable results. Known for adaptability and reliability in dynamic environments, with expertise in risk assessment and compliance management.
Overview
18
18
years of professional experience
Work History
Chief Information Security Officer (CISO)
RCS Cards
02.2024 - Current
Job Overview: As a senior manager, I had the privilege to lead a team of cybersecurity specialists and engineers to deliver solutions to secure the organisation and help it be resilient against cyber attacks and cyber failures, be compliant with laws and regulations, and support our executives and board of directors.
What I Do/Did:
- Create and successfully deliver a cybersecurity strategy aligned with business and IT goals while complying with group norms and standards.
- Own the cybersecurity budget and manage the cybersecurity cost centre accordingly.
- Vendor management for key cybersecurity services and tools.
- Compliance management to align with the NIST cybersecurity framework and CIS Security Baselines
- Risk management and reporting to Group and other stakeholders
- Demonstrated strong negotiation skills by successfully reducing managed services and licensing costs while maintaining the same level of service and products.
- Proactively enhanced the Vulnerability Management process, incorporating vulnerability scanning, penetration testing, static application security testing, and security assessment reporting and remediation.
- Led the annual cybersecurity awareness program, covering general knowledge and specific topics for certain departments or task teams, demonstrating a commitment to education and awareness.
- Aligned policies and procedures to Group’s governance standards.
- Presented various topics and cybersecurity updates at the group update forums and committees.
Reason for Leaving: (None other than looking for a great opportunity)
Information Security Manager
Flash Mobile Vending
01.2021 - 01.2024
Job Overview: As primary cybersecurity and information security contact, I took the lead in standardising the information security initiatives at Flash, taking an immature security initiative to a manageable security strategy.
What I Do/Did:
- Build an information security program from scratch.
- Prioritise identified security gaps and offer mitigating solutions.
- Implement new security enhancement toolsets for both protection and visibility.
- Alignment completed with the NIST CSF and CIS Controls, performing a gap analysis across all business verticals
- Perform risk identification using reports from penetration tests, vulnerability assessments, audits and gap analyses.
- Successfully negotiated the contracts for the Managed Detect and Response service, Applications Security Testing service, User Awareness Training and Secure Development training service.
- Developed both the Vulnerability Management process and Incident Response Plan
- Create awareness and educate all staff across all levels of the business on the ongoing security risks across all departments.
- Identified and developed required policies, standards and procedures
Reason for Leaving: (None other than looking for a great opportunity)
Information Security Officer
Prudential Investment Managers
10.2014 - 12.2020
Job Overview: Lead from the front on all things security as the expert network security specialist in the team. Responsible for firewalling, routing & security management tools such as MDM, EPP & EDR.
What I Did:
- Develop the Vulnerability Management Program (VMP).
- Led the Computer Security Incident Response Team (CSIRT).
- Responsible for the Information Security Training Program.
- Perform security risk assessments.
- Coordinate pentest and vulnerability assessment and remediation.
- Successfully completed the ISEA3402 audit controls.
Reason for Leaving: (Opportunity to join Flash)
Managed Services Manager
ITBlue Solutions
04.2007 - 10.2014
Job Overview: Led a successful team of technicians who offered support on desktop, server, application & networking services to clients who varied from professionals, specialists, corporates & retail.
What I Did:
- Established an intern program.
- Technical Lead for any open-source solutions.
- Administrated security tools and applications.
- Acted as the last line of support for all networking and security incidents.
- Implemented the managed service platform and roll-out to clients.
Reason for Leaving: (Opportunity to join Prudential Investment Managers)
Education
Certified Information Systems Security Professional -
ISC2
01.2022
Master of Science Degree - Cybersecurity
EC-Council University
01.2020
Bachelor of Science Degree - Informatics
UNISA
01.2016
Skills
- Information Security Cybersecurity Business Continuity Planning Compliance
- Intrusion Prevention Systems Awareness Training Security Incident Response