Sean Howell

Experience

• 

  KPMG South Africa

  Jan 2011 - Jul 2012

  Analyst

  Worked as an analyst in IT Advisory Services, experience includes work in the following areas: general IT controls reviews based on KPMG methodologies, internal and external penetration testing on clients including major South African banks, web application, firewall, network architecture, database and multi-platform operating system security reviews and information security governance assessments based on ISO27002.

• 

  PwC

  Aug 2012 - Jun 2013

  Senior Information Security Consultant

  Worked as a senior information security consultant, responsibilities included the following:Management of security projects,Delivery of penetration testing, threat assessments and vulnerability management projects,Quality review of work,Preparation of client proposals, working papers and reports,Project planning, scoping as well as presentations and debriefs for senior management and exco; andSecurity research and development

• 

  MWR InfoSecurity

  Jul 2013 - Oct 2015

  Managing Consultant

  During his time at MWR, Sean ran the security assurance business for MWR South Africa andtaught MWR’s proactive web defense training course. This involved comprehensive riskanalysis and treatment of cyber security risk across business environments. Sean was heavilyinvolved in the recruitment and training of a variety of security specialists for the securityassurance team. Additionally, Sean maintained the testing methodologies for the varioussecurity assessment offerings within the security assurance practice and drove qualityassurance for all projects. A large part of the role was client facing, Sean worked with clients ata strategic level (board and senior management) to define their security needs and a robustroadmap to aid them in reaching the desired level of cyber security maturity. Show less

• 

  Redshift Cyber Security (Pty) Ltd

  Nov 2015 - now

  Managing Director

  Redshift Cyber Security believes that true security comes from an understanding of how a company can actually be attacked. Modern cyber security is about more than just preventing an attack, in fact, the complexities of technology and the escalating capabilities of attackers make this an impossible task. Organizations are shifting focus away from purely preventive controls to a more robust approach including attack detection, response and recovery. In today's evolving cyber security landscape a breach is inevitable, it is the organizations that are able to quickly detect and react to an attack that will achieve resilience. Redshift works with our customers to help them understand the value of their information assets through the eyes of an attacker and to prioritize security efforts based on this understanding. Show less