Verified Expert in Engineering
Mark has an insatiable appetite for technology and a broad range of skills and expertise, which he constantly expands. He believes the most outstanding achievement is to be able to understand how all the pieces fit together to create a system greater than the sum of its parts.
Python 3, Linux, Bash, Java, PHP, PostgreSQL
The most amazing...
...thing I've done recently is deploy SIEM monitoring using Wazuh for a client and performed hardening and monitoring services.
Jumping Bean Solutions
- Developed and delivered training courses around various topics from Java to Cyber Security. I obtained the Certified EC Council Instructor (CEI) and Certified Technical Trainer (CTT).
- Developed applications to assist with the processes at Jumping Bean. This included rolling out a mesh network to enable a flat network between on-premises and off-premises computing resources.
- Ran projects to launch successful eCommerce websites to support new business lines. This included rolling out an ERP system to support the back-end processing and financial accounting.
- Established the cybersecurity service offerings at Jumping Bean. This involved the development of services such as vulnerability assessments, penetration testing, forensic investigations, and infrastructure hardening.
- Established a SIEM and SOC for a UK-based startup financial services client launching a mobile payment system for the unbanked in South Africa. This involved advising them on secure CI/CD and coding practices and advising on application architecture.
- Implemented DevOps processes to harden servers and monitor system configuration via Ansible, which enabled clients to be more productive and make better use of their resources in a skills-depleted environment.
- Virtualized the on-premise workloads. Implemented a centralized storage system and created a robust, fault-tolerant solution. Set up secure remote access and hardened servers.
- Provided cyber security consulting services to clients, assisting them with the investigation, remediation, and recovery of compromised systems.
- Implemented a SIEM to monitor and alert system security issues to ensure the company complies with the country's privacy laws. Confirmed that due care was taken to ensure the safeguarding of company assets.
First National Bank (South Africa)
- Helped build, maintain, and troubleshoot one of the first data warehouses built by a financial institution in South Africa. Built data cubes and provided analysis services to internal customers.
- Managed a team of IT professionals to maintain and build the system.
- Interacted with business stack holders to understand their requirements and manage deliverables.
- Completed my articles and obtained the South African chartered account qualification. I was part of the then-nascent computer auditing division and performed compliance and security audits for financial statement purposes at financial institutions.
- Completed information system audits and became CISA certified.
- Led the audit team for the largest aluminum producer in South Africa.
- Performed audits on the regional processing systems for Barclays banks and carried out a forensic investigation on government departments' human resources areas for fraud and corruption.
SIEM Implementation and SoC Services
I also assessed their mobile and back-end applications and their development practices and procedures to enhance security.
As part of our SoC services, we provided comprehensive reports for hardening their servers and reports for the financial regulators in the UK regarding cyber security compliance.
UIF Form Submission Generatorhttps://github.com/jumping-bean/covidters
I wrote a web-based application to assist businesses with the generation of this form and released it as open source.
RIOT - Security Breach Consulting
Payment Gateway Integration
Media Processing Application
Linux, Ubuntu Linux, Amazon Web Services (AWS), Kubernetes, AWS Lambda, Google Cloud Platform (GCP)
PostgreSQL, Google Cloud, MySQL, Ceph, Spring Data JPA
Consulting, System Administration, Computer Security, Ethical Hacking, Web Security, CI/CD Pipelines, Dynamic Application Security Testing (DAST), Security Testing, CISSP, Certified Ethical Hacker (CEH), Software Architecture, Risk Management, Vulnerability Assessment, Risk Assessment, Threat Modeling, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Architecture, IDS/IPS, Vulnerability Identification, Authentication, APIs, Network Protocols, Networks, Application Security, OWASP Top 10, Compliance, Email, Auditing, Information System Audits, Data Warehousing, Data Warehouse Design, Firewalls, SIEM, SCAP, Computer Science, Forensic Investigation, Information Systems, Instruction & Coaching, Instructor-led Training (ILT), Amazon RDS, Cloud, IT Infrastructure, Static Application Security Testing (SAST), LDAP, IoT Security, Networking, IP Protection, Cloud Security, Identity & Access Management (IAM), Cloudflare, Bots
Ansible, Suricata, Snort, pfSense, Apache, Postfix, Git, AWS IAM, AWS ELB
Penetration Testing, DevSecOps, ETL
Security, IT Security, Cybersecurity, Network Security
Spring Boot, Spring Core
Vue, Node.js, Java Security
Associate's Degree in Computer Programming
University of South Africa - Pretoria, South Africa
Bachelor's Degree in Accounting
University of Natal - Kwa-Zulu Natal, South Africa
Ceritifed Information Security Manager Instructor
Certified Information System Manager (CISM)
Google Cloud Certified Professional Cloud Architect
AWS Certified SysOps - Associate
Amazon Web Services
AWS Certified Solutions Architect Associate
AWS Certified Developer Associate
Certified Network Defender
Certified Hacking Forensic Investigator
Certifeid Ethical Hacker
Certified EC-Council Instructor
Certified Technical Trainer