Rudi Coetzee

Grc cyber security for third party suppliers (rvit) One trust tooling

Security assessment advise Design reviews, zero trust, secure by design, log monitoring design reviews, cyber security advise at different projects and departments.

Assist teams with risk assessment from Cloud security implementation and providing security advise. Azure cloud security, Architecture review, AKS, Datadog, IAC, Ansible, Terraform, and Azure API Management. Improve DevSecOps (OWASP SAMM) and suggestions Azure hardening and Data encryption. Future proofing security and reaching new maturity levels around automation, zero trust architecture (zta) and active defence or cyber deceptive technology. Prep incident preparation planning and crisis management.

part of the CISO Team. Assist teams with evaluating risk from third party vendors or suppliers of their products and services. (Yubikey, IAM, MacOS, JamF Pro, JamF Protect) Assisting with threat modeling (IriusRisk platform + security frameworks) evaluating maturity of security and identification of threats and risks on various products [e.g., SAAS solutions, COTS, Cloud implementation of services in Azure, Managed Container Platform, aks.] Provide security engineering advice for new software solutions

Consulting and assisting the client remotely with cybersecurity topics and compliance gap analysis [mapping controls] (ISO 27001/27002). Establishing best practices, defense in depth and security mindset, identify solutions for controls, review cloud architecture designs, advising on their ISMS journey towards ISO27001 compliance. Gathering information related to Cyber Incident Planning and Response, Business Impact Analysis define and build BCP/DR processes, documentation aligned with ISO27001

Design tooling solution for vulnerability management (dashboard and reporting templates on infrastructure status). Gather requirements for reporting templates and dashboard deliverables (patch status). Performing vulnerability scans and CIS level 1 compliance, hardening scans with Nessus Security Center on all systems. Identify Key Performance Indicators for MSP/MSSP regarding vulnerability management requirements and reporting. Keep stakeholders informed of progress.

Direct Banking Zone (front end, API, core banking system, etc) penetration tester (Web, API) risk assessments threat modelling compliance analysis

Group Service department penetration tester risk assessments security readiness assessment compliance governance analysis

risk advisor security coordinator penetration test coordinator

penetration tester (dast sast) risk assessments security readiness assessment compliance analysis

PCI Consultant penetration tester risk assessments security readiness assessment compliance governance analysis

Compliance Coordinator (SOX, ISO 27001, internal) SIX Infra teams compliance management risk assessments security readiness assessment compliance governance analysis

Microsoft enterprise administration (Operations and Security) team lead (four months) compliance peer review

enterprise administrator of Microsoft network migrations from NT4 to Windows 2000, MS exchange 5.5 to 2000, implementation of SAN environment (Dell EMC)

CyberSecurity Law, IP and Patent law

Security