Summary
Overview
Work History
Education
Skills
Certification
Technologies
Timeline
Generic
JACOB MASEHLA

JACOB MASEHLA

IT Audit Specialist
Pretoria

Summary

Proven IT Audit Specialist with a robust background at National Lottery Commission, adept in managing cyber security reviews and developing strategic security plans. Excelled in vulnerability assessments and penetration testing, leveraging skills in NIST, CIS, and COBIT frameworks. Demonstrated leadership in mentoring teams and exceptional communication, driving significant improvements in cyber risk management.

Overview

18
18
years of professional experience
4
4
Certifications

Work History

IT Audit Specialist

National Lottery Commission
09.2021 - Current
  • Develop cyber risks IT Audit plans, by researching the emerging risks within the cyber space.
  • Execution of the IT Audit Plan.
  • Conduct technical IT audit using, NIST, CIS, COBIT,ISO and ITIL Frameworks.
  • Conduct technical IT audits by assessing the adequacy of the configuration standards for, Databases (Oracle and MS SQL), Operating Systems (Windows and Linux), Firewall (Cisco and Fortigate), Network (Routers and Switches.
  • Test the effectiveness of the technical controls by developing scripts that extracts the configurations for AD, Windows server and databases, and nipper tool to extract firewall, routers and switches configurations.
  • Conduct vulnerability assessment, by assessing technical vulnerability programs or plans, testing how vulnerabilities are identified,classified, prioritized and remediated. Further run tools, Nessus, burpsuite, NMAP/
  • Penetration testing (validations of the discovered critical vulnerabilities) using Metasploit.
  • Provide recommendations that will assist management to resolve findings.
  • Manage the IT Audit Tracker by validating resolved findings and updating the tracker.

Cyber Security Specialist

SNG Grant Thornton
03.2020 - 08.2021
  • Mentored junior team members on technical aspects of cybersecurity reviews while fostering culture of continuous learning and improvement.
  • Manage Security Reviews from planning, executing and reporting for respective clients as per SLA's.
  • Conduct technical audits including operating systems (Linux and, databases, firewall, network security (switches, routers, incident prevention system (IDS), SIEM and log Servers).
  • Conduct cyber risks reviews by performing vulnerability assessments and penetration tests.
  • Conduct business continuity plan reviews covering BCP lifecycle (Risk analysis and impact assessment, Strategy design, implementation, testing and validation and maintenance and review.

IT Auditor

SKX
10.2019 - 02.2020
  • Conduct IT Audits including security reviews from planning to reporting.
  • Conduct IT general controls to assist respective clients in improving their control poster in line with SLA's.
  • Assist respective in improving bring your own device (BYOD), through Intune (Microsoft tool).
  • Provide recommendations to management and track resolutions thereof.
  • Conduct COBIT assessment to improve client's governance processes.

IT Auditor

Independant Consultant
04.2016 - 08.2019
  • Operated as independent IT Consultant/IT Auditor.
  • Analyzed incident response plans, refining procedures to effectively manage potential cybersecurity events and minimize damage.
  • Configured network for respective clients ( Baleti, Presda Primary School).
  • Managed windows server updates services (WSUS) and Antivirus deployment.
  • Managed exchange server and Active Directory
  • Conducted IT audits from planning to reporting and tracking findings thereof.
  • Configuration of network devices (Firewall, switches and routers).
  • Managed VPN server to ensure secured access to on-premises environment.

IT Administrator

Trans-Orange Conference (TOC)
Johannesburg
08.2009 - 03.2016
  • Optimized software performance through regular updates, patches, and maintenance tasks to ensure seamless user experience.
  • Managed vendor relationships effectively for timely procurement of IT equipment while adhering to budget constraints.
  • Managed Active Directory through group policy and Windows servers.
  • Management of Radius server to ensure to ensure that users are authenticated before access is granted
  • Managed implementation Sunplus (Infor-system) financial system.
  • Network configuration including troubleshooting thereof.
  • Deployment and maintenance of antivirus system.

Call Center Agent

Telkom
01.2007 - 08.2008
  • Helped large volume of customers every day with positive attitude and focus on customer satisfaction.
  • Analyzed and escalated complaints, issues and grievances to designated departments for investigation and response.
  • Maintained accurate records of customer interactions, documenting details for future reference and quality assurance purposes.
  • Demonstrated empathy and understanding when dealing with difficult situations, ultimately diffusing tension while finding satisfactory resolutions.

Education

Bachelor of Science - Informatics

University of South Africa
Pretoria, South Africa
04.2001 -

No Degree - Diploma in Information And Technology

PC Training College
Pretoria, South Africa
04.2001 -

Skills

  • Managing and leading cyber security and general controls IT reviews

  • Develop cyber security strategy

  • Conduct vulnerability assessment ( scanning and discovery of vulnerabilities)

  • Penetration Testing Exploitation of vulnerabilities

  • Review the configuration files for network devices (Firewall, Routers, switches and IDS)

  • Review Linux and Windows platforms

  • Assess business continuity plans to ensure continuity

  • Information security frameworks (NIST,CIS, ISO and COBIT)

  • Communication (English)

Certification

CISSP

Technologies

  • Routing and switching: Cisco
  • Firewall: Fortigate and Cisco
  • Databases: MySQL and Postgres
  • Operating Systems: Linux and Windows
  • Vulnerability assessment: Nessus, NMAP, Burpsuite and OWASP
  • Penetration Testing: Kali Linux (Metasploit)
  • Security frameworks: CIS, COBIT, ISO,NIST
  • Log management/SIEM: Spice works

Timeline

IT Audit Specialist

National Lottery Commission
09.2021 - Current

Cyber Security Specialist

SNG Grant Thornton
03.2020 - 08.2021

IT Auditor

SKX
10.2019 - 02.2020

IT Auditor

Independant Consultant
04.2016 - 08.2019

IT Administrator

Trans-Orange Conference (TOC)
08.2009 - 03.2016

Call Center Agent

Telkom
01.2007 - 08.2008

Bachelor of Science - Informatics

University of South Africa
04.2001 -

No Degree - Diploma in Information And Technology

PC Training College
04.2001 -

Similar Profiles

  • NNAOMA CHINONYEREM

    NNAOMA CHINONYEREMNNAOMA CHINONYEREM

    NA at National Lottery Regulatory CommissionNA at National Lottery Regulatory Commission

    View Profile
  • Elijah Dare Olusanu

    Elijah Dare OlusanuElijah Dare Olusanu

    Assistant Director,Finance & Accounts at National Lottery Regulatory CommissionAssistant Director,Finance & Accounts at National Lottery Regulatory Commission

    View Profile
  • Terry Charles

    Terry CharlesTerry Charles

    Cook / Baker at State of Oklahoma Lottery CommissionCook / Baker at State of Oklahoma Lottery Commission

    View Profile
JACOB MASEHLAIT Audit Specialist