Mark Clarke
Verified Expert in Engineering
Security Developer
Johannesburg, Gauteng, South Africa
Toptal member since September 28, 2022
Mark possesses an unquenchable passion for technology, coupled with a diverse skill set and a relentless pursuit of knowledge. His firm belief is that true mastery lies in deciphering how all the components intertwine to construct a system that transcends the sum of its parts.
Portfolio
Experience
Availability
Preferred Environment
Python 3, Linux, Bash, Java, PHP, PostgreSQL, Cloud
The most amazing...
...thing I've done recently was deploying SIEM monitoring using Wazuh for a client and providing essential hardening and monitoring services.
Work Experience
IT Consulting
Jumping Bean Solutions
- Developed and delivered training courses around various topics from Java to Cyber Security. I obtained the Certified EC Council Instructor (CEI) and Certified Technical Trainer (CTT).
- Developed applications to assist with the processes at Jumping Bean. This included rolling out a mesh network to enable a flat network between on-premises and off-premises computing resources.
- Ran projects to launch successful eCommerce websites to support new business lines. This included rolling out an ERP system to support the back-end processing and financial accounting.
Trainer
Jumping Bean
- Provided diverse cybersecurity training, including CEH, CISSP, CISM, and Security+.
- Provided training in cloud infrastructure for AWS and GCP, covering AWS Cloud Architect, and GCP Cloud Engineer and Data Engineer certifications.
- Conducted training in DevOps and application development, covering Python, Java, and PHP.
Technical Expert
Jumping Bean
- Established the cybersecurity service offerings at Jumping Bean. This involved the development of services such as vulnerability assessments, penetration testing, forensic investigations, and infrastructure hardening.
- Established a SIEM and SOC for a UK-based startup financial services client launching a mobile payment system for the unbanked in South Africa. This involved advising them on secure CI/CD and coding practices and advising on application architecture.
- Implemented DevOps processes to harden servers and monitor system configuration via Ansible, which enabled clients to be more productive and make better use of their resources in a skills-depleted environment.
Manager
Jumping Bean
- Virtualized the on-premise workloads. Implemented a centralized storage system and created a robust, fault-tolerant solution. Set up secure remote access and hardened servers.
- Provided cyber security consulting services to clients, assisting them with the investigation, remediation, and recovery of compromised systems.
- Implemented a SIEM to monitor and alert system security issues to ensure the company complies with the country's privacy laws. Confirmed that due care was taken to ensure the safeguarding of company assets.
IT Manager
First National Bank (South Africa)
- Helped build, maintain, and troubleshoot one of the first data warehouses built by a financial institution in South Africa. Built data cubes and provided analysis services to internal customers.
- Managed a team of IT professionals to maintain and build the system.
- Interacted with business stack holders to understand their requirements and manage deliverables.
Auditor
PwC
- Completed my articles and obtained the South African chartered account qualification. I was part of the then-nascent computer auditing division and performed compliance and security audits for financial statement purposes at financial institutions.
- Completed information system audits and became CISA certified.
- Led the audit team for the largest aluminum producer in South Africa.
- Performed audits on the regional processing systems for Barclays banks and carried out a forensic investigation on government departments' human resources areas for fraud and corruption.
Experience
SIEM Implementation and SoC Services
I also assessed their mobile and back-end applications and their development practices and procedures to enhance security.
As part of our SoC services, we provided comprehensive reports for hardening their servers and reports for the financial regulators in the UK regarding cyber security compliance.
TechNews E-Publishing
UIF Form Submission Generator
https://github.com/jumping-bean/covidtersI wrote a web-based application to assist businesses with the generation of this form and released it as open source.
RIOT - Security Breach Consulting
Payment Gateway Integration
Media Processing Application
Education
Associate's Degree in Computer Programming
University of South Africa - Pretoria, South Africa
Bachelor's Degree in Accounting
University of Natal - Kwa-Zulu Natal, South Africa
Certifications
Ceritifed Information Security Manager Instructor
ISACA
Certified Information System Manager (CISM)
ISACA
Google Cloud Certified Professional Cloud Architect
Google Cloud
AWS Certified SysOps - Associate
Amazon Web Services
AWS Certified Solutions Architect Associate
AWS
AWS Certified Developer Associate
AWS
CISSP
ISC2
Certified Network Defender
EC Council
Certified Hacking Forensic Investigator
EC-Council
Certifeid Ethical Hacker
EC-Council
Certified EC-Council Instructor
EC Council
Certified Technical Trainer
CompTIA
Skills
Libraries/APIs
Vue.js, Node.js, Java
Tools
Ansible, Suricata, System Security, pfSense, Apache, Postfix, Git, AWS IAM, AWS ELB
Languages
Java, PHP, SQL, Python, Bash, Python, VBScript, JavaScript
Platforms
Linux, Linux, AWS, Kubernetes, AWS Lambda, Cloud Engineering
Storage
PostgreSQL, Google Cloud Development, MySQL, Ceph, Spring
Paradigms
Penetration Testing, DevSecOps, ETL, DevOps
Industry Expertise
Cybersecurity, System Security
Frameworks
Spring Boot, Spring Core
Other
Design Consulting, System Administration, Computer Security, Ethical Hacking, Security, IT Security, System Security, CI/CD Pipelines, Dynamic Application Security Testing (DAST), System Security, CISSP, Ethical Hacking, Software Architecture, Risk Management, Vulnerability Assessment, Risk Assessment, Threat Modeling, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Architecture, IDS/IPS, Vulnerability Identification, Authentication, APIs, Network Protocols, Networks, Application Security, OWASP Top 10, Compliance, Email, Security Audits, GRC, Auditing, Information System Audits, Data Warehouse, Data Warehouse, System Security, SIEM, SCAP, Computer Science, Forensic Investigation, Information Systems, Instruction & Coaching, Instructor-led Training (ILT), AWS RDS, Cloud Engineering, IT Infrastructure, Static Application Security Testing (SAST), LDAP, System Security, Networking, IP Protection, Cloud Security, Identity & Access Management (IAM), Cloudflare, Bots, CISO, ICT Training, Training
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring