Jaco Du Toit

Experience

• 

  Computer Corporation

  Dec 2004 - Feb 2005

  IT Technician

  My entry into the workforce and the start of my career. Computer Corporation was a retail IT shop with branches scattered throughout South Africa. Being in retail I learnt the unique skill of knowing when to speak, and when not to speak. I provided technical support and advice to non-technical people and listened attentively when a more technical / knowledgeable individual is speaking.Key responsibilities:- Hardware & Software sales- Hardware repairs and builds- Network installations and basic routing Show less

• 

  Dotcom South Africa

  Mar 2005 - Jun 2006

  Network Engineer / Administrator

  Upgrading from retail to business support was the next step in my career. I designed, maintained, monitored and upgraded multiple client information technology networks and systems from an operation perspective.Key responsibilities:- Establishing networking environments by designing system configuration; directing system installation; defining, documenting, and enforcing system standards- Maximizing network performance by monitoring performance; troubleshooting network problems and outages; scheduling upgrades; collaborating with network architects on network optimization- Securing network systems by establishing and enforcing policies; defining and monitoring access; and reviewing security related logs such as IP traffic and anti-virus logs- Reporting network operational status by gathering and prioritizing information Show less

• 

  Cyanre - The Computer Forensic Lab

  Jun 2006 - Dec 2014

  Manager - Digital Forensic Analysis

  Initially employed to install, configure, maintain, and monitor a secure network environment but soon proved that I have the skills and capability to excel in digital forensics. I started as an junior analyst andworked myself up through the ranks to manager. For the last 3 years I managed a team ranging between 6 and 12 digital forensic professionals and lead the team during the collection and analysis of digital evidence during multiple high profile cases.During my tenure I developed a passion to assist team members to develop and achieve their goals, as well as ensure the wellness of each member of the team is at the appropriate level to perform in this fastpaced, high demand and sometimes dangerous environment.I was involved in a number of high profile investigations and gained experience in the following areas of Forensic Technology.Key responsibilities:• Incident Response and Management• Execution of search warrants• Malware analysis and reverse engineering• Phishing• Converting physical document evidence into electronic presentable evidence• Expert witness testimony• Forensic report & affidavit writing• Recovery and investigation of material found in digital devices, often in relation to computer crime: - Computer Forensics - Network Forensics - Mobile Forensics - IoT Forensics (i.e. card skimming devices, GPS devices, etc.)Crimes often included - Cartel activity (i.e. price fixing) - Downloading/distribution of pornographic material including inappropriate child content - Misuse of company resources for personal gain - Unauthorised access to a computer or system (hacking) - Industrial espionage - Fraud & Corruption - Sexual misconduct - Criminal activity (i.e. card skimming) - Intentional destruction of data - Theft of Intellectual Property Show less

• 

  PwC New Zealand

  Jan 2015 - Apr 2017

  Manager - Forensic Services

  Part of a small team of 6 digital forensic and e-discovery professionals who provided expert professional services to PwC and its clients. Regularly got involved in complex matters were digital forensicevidence is required to support legal and other outcomes.Key responsibilities:- Incident Response & Management- Digital forensics and E-Discovery- Develop and improve processes and procedures- Execution of search warrants- Forensic report & affidavit writing- Support the team and cross develop skills Show less

• 

  Auckland Council

  May 2017 - Jun 2018

  In December 2017 I moved from the information security team to the newly developed cyber security team.Key responsibilties:- Develop and maintain the SIEM solution, Splunk- Security Operation Center development- Develop and maintain technical incident response playbooks and procedures- Lead cyber security incident response processes- Assist with vulnerability management- Threat Hunting- Threat IntelligenceA key focus point during this period was the development of our SIEM solution, Splunk, and how we can develop and improve our cyber security detection capabilities, indirectly laying the foundation for a Security Operations Center. Show less At Auckland Council I applied my forensic technology skills and experience to assist in identifying security threats that impacted Auckland Council's information systems and data.I liaised with various stakeholders within the business in order to mitigate the identified risks and put processes in place to constantly monitor and respond to security threats. Key responsibilities:- Vulnerability management- Security Information and Event Management- Incident Response- Security Consulting and Advisory services for ICT- Security Operation Center development- Threat Intelligence- Threat Hunting Show less

  • Cyber Security Team

    Dec 2017 - Jun 2018

  • Senior Information Security Analyst - Threats

    May 2017 - Dec 2017
• 

  Vodafone

  Jun 2018 - Jan 2019

  Cyber Defence Incident Manager

  Cyber Defence Incident Manager for their global Cyber Defence Operations Center following the "Follow the Sun" operational model. I regularly leveraged my experience and knowledge to not only manage multinational cyber security incidents, but also validated results to ensure that technical teams are consistent and accurate in their findings and approach.Key responsibilities:- Responsible for the set-up, execution and maintenance of the security incident management and coordination process in conjunction with operator and customer/partner incident management capabilities- Manage the incident processes between all relevant parties (Vodafone Technology, Operating Companies, Suppliers, etc.)- Coordinate further analytical processes and incident response measures- Lead the managed incident handling as well as underlying processes and tools- Contribute to the overall performance and success of the Cyber Defense Operations Show less

• 

  Auckland Council

  Jan 2019 - Jun 2020

  Manage and lead a team of 8 highly technical team members responsible for minimising the risk to the Council’s information and systems posed by a variety of cyber threats, through leading a concerted focus on Security Policy, Standards, Tools, Controls and Monitoring, and being accountable for effectiveness and modification of these.Key responsibilities:- Implementing and ensuring delivery of the security strategies under the direction of the CISO and the Lead Security Architect- Adhere to, and ensure compliance with, the Information Security Management System and associated policies, standards and procedures- Provide information security awareness training across the Council business units- Oversee information security audits, whether by performed by organization or third-party personnel- Monitor and develop team performance, carrying out performance reviews, encouraging employee development and actioning performance issues- Effectively manage workloads and workflows through cross skilling to ensure business continuity and the team meets objectives- Incident response: planning, improvements and execution- Coaches and manages the team to achieve effective and efficient delivery of services- Evaluate department budget and costs associated with technological training- Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement- Implement and oversee technological upgrades, improvements and major changes to the information security environment- Serve as a focal point of contact for the information security team and the customer or organization- Manage the disaster recovery and business continuity plans- Communicate information security goals and new programs effectively with people leaders within the organisation Show less Part of the Cyber Security Team which protects the Council against security threats 24/7/365. Responsible for identifying emerging threats and respond to cybercrime and security breach incidents. Proactive role with process improvement, implementing tool set improvement, searching for Cyber Security threats and monitoring Councils security status. Guide and help others develop their skill sets.My two main objectives were:1. Develop an Auckland Council SOC that has the right security monitoring and tools in place to identify, protect, detect, respond, and recover from cyber security incidents. Built and managed the second largest Splunk environment in New Zealand; and2. Develop, maintain and lead the Cyber Security Incident Response processes and procedures for Auckland Council.Key responsibilities:- Proactively participate in the Cyber incident response team and any crisis management- Produce regular Cyber Security management reports as requested- Contribute to the recording and analysis of all Cyber Security risks and threats- Develop and implement security counter measures- Develop and maintain Cyber security procedures- Conduct and assist with penetration testing- Vulnerability scanning- Manage the prevention and resolution of security breaches and ensure incident and problem management processes are initiated- Evaluate and implement new security tools to monitor and protect the Council’s assets- Assist with cyber threat intelligence gathering and analysis- Proactively participate in Cyber incident response team and crisis management- Support the Cyber Security Team Leader in running the Cyber Security Team- Act as an escalation point in the Cyber Security team were necessary- Coach, mentor and motivate team members to achieve effective and efficient delivery of services- Provide leadership on projects by mentoring and directing less experienced team members- Ensure team leadership and service levels are maintained Show less

  • ICT Operations Security Team Leader

    Dec 2019 - Jun 2020

  • ICT Cyber Security Senior Analyst

    Jan 2019 - Dec 2019
• 

  Workday

  Jun 2020 - now

  - Part of Workday's global Cyber Defense organization, with a particular focus on the Security Incident Response Team- Lead the NZ SIRT team and global cybersecurity initiatives, collaborating with stakeholders across the globe- Established a threat hunting program that proactively hunts for threats and collaborates with stakeholders to identify and implement corrective actions- Established a global metrics program that provides tactical, operational, and strategic insights into the SIRT program, but also provides data to other key stakeholders to identify enhancement opportunities and drive our response program forever forward. - Leveraged our metrics program to establish and continuously evolve our SIRT battle rhythms, ensuring we focus on the things that matter, and identify when that shifts- Key stakeholder supporting our global digital forensics capability- Evolved the global team from SOC -> CSOC -> SIRT by developing strong engineering focussed skills with a deep analytical mindset- Provide tactical, operational and strategic reports on a regular cadence- Help set the mission and vision of our global SIRT program Show less

  • Senior Manager, Cybersecurity

    May 2022 - now

  • Manager, Information Security

    Jun 2020 - Apr 2022