8/6/2019 SENIOR INFORMATION SYSTEMS SECURITY ENGINEER

1/3

~ INFORMATION SYSTEMS SECURITY ENGINEER ~

SUMMARY PROFILE

Highly accomplished and outcome driven Information Security Professional empowered with more than 25 years of management experience spanning all aspects of Information Security, that includes security architecture, security management, IT risk, analysis, and compliance. Background includes in providing vulnerability analysis and assessment support during operation readiness validations and reviews, as well as, support for regularly scheduled vulnerability scans and analysis.Exemplify out-of-the-box thinking approach in formulating scalable solutions toimprove organizations efficiency and productivity. Immensely enjoy navigating all aspects of complex projects. Bilingual in Afrikaans.

CORE COMPETENCIES

~ Security Architecture & Design~ Compliance & Governance~ IT Security and Risk Management~ Standards and Best Practices~ Forensics~ Identity Management~ Intrusion Detection and Analysis~ Team and Project Management

~ Develop and Implement Policies

TECHNICAL EXPERIENCE

PLATFORMS: Novell, UNIX, Windows, Linux, OS2, VMware and VAX VMS.NETWORKING: TCP/IP, Novell Netware, Windows, SNA, VPN, Firewalls, Switches,IPS/IDS.LANGUAGES: C++, Basic, UNIX shell scripts, Perl, SQL.TOOLS: Juniper, McAfee, Clear swift, Unity-One Tipping Point, Cisco, Norton, Trend, Tripwire, Snort, Postfix, CA Unicenter, Microsoft Back Office, Small Business, Office, PCI, ITIL, ISO 27001/2, HIPAA, COBIT, Sarbanes-Oxley, NIST 800 and FIPS.

CAREER OVERVIEW

BEARWOLF INC ~ Johannesburg, South AfricaFreelance Information Security Consultant 2009-Present

Conceptualize a variety of strategic plans to support the development of business operations as well as facilitate team to achieve company mission. Devise and maintain framework to align information security policies, processes and technologies with organization business, and to ensure consistency with applicable lawsand regulations. Determine requirements and utilize best practices in security to maintain streamlined operations of the organizations risk management and client-facing personnel. Execute risk assessments as well as define strategies championrisks as well as prioritize options to mitigate risk to levels acceptable to the

institution.

HOLLARD INSURANCE ~ ParkTown, Johannesburg, South AfricaInformation Security Manager 2002-2009

Oversaw Information Security and Risk throughout the board, with full responsibility for developing and implementing Information Security standards and practices. Expertly used customized risk management tools to effectively analyze and record all IT risks, outlining strategies and implementing various controls in mitigation thereof. Built awareness programs to correspond with a multitude of threa

8/6/2019 SENIOR INFORMATION SYSTEMS SECURITY ENGINEER

2/3

ts that could affect organizations efficiency and staff productivity.

~ Played an integral role on the creation of companys first and only information security program in compliance with PCI DSS, ISO 17799:2005, 27001, COBIT and the Code of best practice~ Assume full responsibility for maintaining integrity of Network-based Security safeguards, such as Tipping Point IPS, Juniper VPN and CISCO PIX Firewall.~ Performed various duties, such as administration, management and generalhousekeeping of Microsoft Active Directory in Windows 2003 in virtual and highavailability clustered data centre environment.~ Accurately handled Operational and Security management, such as end point control, access controls, management and maintenance of the various email security technologies in use in the organization.~ Conducted research and development functions on Open source products andsystems.~ Instrumental for web-based hosting, capacity and security requirements of Internet-based applications.

DEMBE NETWORKING SERVICES ~ Roodepoort, Johannesburg, South AfricaConsulting Network Engineer (Contract with HOLLARD Insurance) 1998-2002

Actively involved in the design of Network Architecture; provided counseling services to ensure compliance with clients requirement. Oversaw and supported various

network topologies and architectures through CA Network Management Suite. Administered and provided proactive support to multifaceted end-user support challenges.

~ Maintained network integrity and communicated recurring anomalies to management.~ Coordinated host interoperability / integration functions that standardized and integrated heterogeneous environment into 3rd party Mainframe, AS400 andUNIX environments.~ Facilitated and maintained dependability of LAN, WAN and wireless technologies; led the implementation of LAN / WAN product optimization, which includedperimeter protection in the form of firewalls and other access control initiatives.

~ Resolved complex application and network issues; formulated corrective actions to alleviate various tangible causes.

EARLIER CAREER

DEMBE NETWORKING SERVICES ~ Roodepoort, Johannesburg, South AfricaConsulting Network Engineer 1997-1998

ENHANCED SYSTEMS ~ Sandton, Johannesburg, RSARegional Network Engineer 1996-1996

HOLLARD INSURANCE ~ Marshalltown, JohannesburgNetwork Manager 1994-1996

SAPPI KRAFT (PTY) LTD ~ Ngodwana, NelspruitSystems Technician 1989-1994

TRAN SYSTEMS [AMDAHL] ~ Reuven, Booysens, JohannesburgTests Engineer Technician 1987-1989

SOUTH AFRICAN BROADCASTING CORPORATION ~ SABC, JohannesburgTechnical Assistant / Videotape Technician 1985-1987

8/6/2019 SENIOR INFORMATION SYSTEMS SECURITY ENGINEER

3/3

EDUCATION AND CREDENTIALS

National Diploma in Electrical Engineering-Light Current (Electronics)University of Johannesburg, Johannesburg, South Africa

Microsoft Certified Systems Engineer (Eligible)ISC2 - CISSP -in progress of completing ISSAP concentration ExamsMatriculated with an N3 National Technical Certificate

PROFESSIONAL DEVELOPMENT

~ 2009: Hollard Academy, Fearless Conversations~ 2008: CISSP CBK Boot Camp, Security Audit and Control Solutions (SACS)~ 2007: Trend Micro Security Education Program TCSE. Secure Data~ 2002: Secure IT, Marcus Evans~ 1998: 936B Internet Information Server 4, Windows Academy~ 1996: TAG II Development Workshop TAG Training, Dave Wyllie~ 1996: Six Thinking Hats, Advanced Practical Thinking Training Inc~ 1995: Internetworking with Bridges, Routers and Switches, IIR Training~ 1995: Supporting Microsoft Windows NT Workstation 3.5, ISU Campus~ 1995: Supporting Microsoft Windows 95 - ISU Campus

~ 1995: Supporting Microsoft Systems Management Server - ISU Campus~ 1995: Internetworking with TCP/IP on NT 3.5 - ISU Campus~ 1995: Implementing Microsoft Mail 3.2 - ISU Campus~ 1995: Microsoft Windows 3.1 & DOS 6.2 for Support Professionals. ISU Campus~ 1995: Supporting Microsoft Windows for Workgroups 3.11, ISU Campus~ 1995: Advanced TCP/IP, The Digital Institute~ 1995: Introduction to TCP/IP, The Digital Institute~ 1994: MS-Windows for Workgroups I, Cheshire Associated Training Services~ 1993: Lightning Protection for Electronic Systems, CSIR~ 1992: Oracle SQL * Forms V3, KSI Training~ 1992: Oracle Database Administration V6, KSI Training~ 1992: Oracle PL/SQL, KSI Training

~ 1992: Oracle SQL/SQL *Plus V3, KSI Training

PROFESSIONAL AFFILIATIONS

Member, ISC2 | Member, Information Security Group of Africa

AWARDS AND HONORS

Hollard Insurance~ Won the company values for both divisional and entire organization for Useof Initiative in June 2004~ Nominated by management and peers for company values award for Customer Focus in June 2002

~ Garnered numerous company awards, including outstanding performance, reliability and delivery