Winston Tshililo Madzena
Cybersecurity Assurance Lead and Senior Cybersecurity Specialist
Krugersdorp
Summary
I am a passionate Cybersecurity Assurance Lead and Senior Cybersecurity Specialist with over 15 years of real-world experience helping businesses protect what matters most, their data, systems and people. My work has taken me through diverse industries, from fintech and mining to IT, manufacturing and auditing, giving me a broad view of the cybersecurity landscape and what it takes to build strong defenses in any environment. I specialize in security architecture, risk management and making sense of complex compliance frameworks like ISO 27001, PCI DSS, PSD2 and SOC 1 & 2. But beyond frameworks, I focus on creating practical, effective security strategies that actually work in the real world. Over the years, I have led efforts in everything from vulnerability management and cyber threat exposure to endpoint protection, email security, patching and threat hunting using SIEM tools. I am hands on when I need to be but always think strategically, aiming to build resilient security programs that align with business goals. One of the things I enjoy most is working with people whether that’s delivering security awareness training, improving identity and access management processes or helping teams respond faster and smarter to incidents. I believe security should empower organizations, not slow them down. In short, I help businesses become more secure, more aware and more confident in handling whatever cyber threats come their way.
Overview
18
18
years of professional experience
2003
2003
years of post-secondary education
11
11
Certifications
Work History
Senior Cyber Security Specialist
Snode (Outsourced to Goldfields)
10.2023 - Current
- Facilitate security assessments, including code reviews, vulnerability scanning and penetration testing by coordinating and overseeing the process to ensure the proactive identification and mitigation of security threats
- Collaborate with development teams to integrate security best practices into the Software Development Life Cycle (SDLC) through threat modeling, secure coding and security testing.
- Design and implement application security controls, frameworks and policies to protect against evolving threats.
- Identify security risks and vulnerabilities, analyze their impact and engage stakeholders such as governance bodies and product owners to drive remediation efforts.
- Participate in application security audits, ensuring compliance and addressing security-related audit findings to enhance the organization's security posture.
- Act as an Application Security SME in IT security projects, ensuring security compliance throughout the project lifecycle.
- Stay ahead of emerging cyber threats, vulnerabilities and attack techniques, incorporating threat intelligence to improve security defenses.
- Evaluate and implement security tools and technologies, including vulnerability scanning and data confidentiality management, to enhance security posture.
- Lead major security incident response procedures, including investigation, mitigation and reporting, ensuring lessons learned are applied to improve defenses.
- Develop training materials and conduct security awareness sessions for developers, testers and business analysts to strengthen application security practices.
- Reason for leaving: Seeking stability, professional growth and new challenges.
Senior Cyber Security Specialist
CCI, South Africa
11.2021 - 10.2023
- Led the design and deployment of security architectures, performing rigorous security assessments to identify and remediate vulnerabilities.
- Partnered with GRC teams to ensure alignment with regulatory and industry standards, contributing to improved compliance and reporting.
- Orchestrated threat hunting exercises, network monitoring, and incident response, minimizing business impact from security incidents.
- Mentored SOC analysts, developed training modules and championed security awareness programs to foster a proactive, security-centric workforce.
- Reason for leaving: Relocation to Johannesburg.
Associate Consultant: Security
In2IT Tech (Outsourced to Wits University)
02.2021 - 11.2021
- Conducted security assessments focusing on vulnerability scanning, reporting and remediation tracking.
- Assisted the cyber incident response team, ensuring timely containment and resolution of identified threats.
- Reason for leaving: Contract ended.
ICT Security
EOH (Outsourced to AB-InBev)
11.2016 - 02.2021
- Implemented vulnerability management strategies and led incident response measures to minimize organizational risk.
- Oversaw Active Directory security compliance initiatives and led key security projects, improving system hardening and operational resilience.
- Reason for leaving: Contract role.
IT Specialist
KPMG
04.2012 - 11.2016
- Provided comprehensive server, application, WAN/LAN, and hardware/software support to ensure high availability and secure operations.
- Assisted in security improvement initiatives, contributing to a reduced incident rate and improved system reliability.
- Reason for leaving: Professional growth.
IT Helpdesk Support
IBM (Outsourced to MTN Help Desk)
01.2008 - 03.2012
- Resolved complex desktop, network, and software issues, ensuring seamless IT service delivery and end-user satisfaction.
- Reason for leaving: Contract ended.
Education
Diploma in Information Technology -
PC Training and Business College
Matric - undefined
P.H.L Moraka High School
Skills
Cybersecurity Assurance and Governance – Policy Development, ISO 27001, Security Audits
undefinedCertification
CASP+ (CompTIA Advanced Security Practitioner) (2023)
References
Available upon request.
Accomplishments
I have multiple success security audit in different sectors.
I have implemented multiple platforms, such as Forti edr, Tenable io, successful migration from on prem to cloud.
I have build a soc team of 8 analyst reporting to me.
I have assisted the organisation to obtain certification such as iso 27001 and pci dss
Timeline
Senior Cyber Security Specialist
Snode (Outsourced to Goldfields)
10.2023 - Current
Senior Cyber Security Specialist
CCI, South Africa
11.2021 - 10.2023
Associate Consultant: Security
In2IT Tech (Outsourced to Wits University)
02.2021 - 11.2021
ICT Security
EOH (Outsourced to AB-InBev)
11.2016 - 02.2021
IT Specialist
KPMG
04.2012 - 11.2016
IT Helpdesk Support
IBM (Outsourced to MTN Help Desk)
01.2008 - 03.2012
Matric - undefined
P.H.L Moraka High School
Diploma in Information Technology -
PC Training and Business College
Similar Profiles
Jack RentonJack Renton
Service Crew; Nipper at Goldfields AustraliaService Crew; Nipper at Goldfields Australia
Nicola ViviersNicola Viviers
Environmental Advisor at GoldFields AustraliaEnvironmental Advisor at GoldFields Australia
Christopher EdwardsChristopher Edwards
Food and Beverage Attendant at RACV Goldfields ResortFood and Beverage Attendant at RACV Goldfields Resort
Lily NyirongoLily Nyirongo
General Laborer at KP GreenpowerGeneral Laborer at KP Greenpower
Richard AshmoreRichard Ashmore
Owner at OvertatOwner at Overtat