Zaid Abrahams

Experience

• 

  InfoGuardian

  Dec 2014 - Jun 2017

  • Interfacing with multiple types of security solutions especially Security incident and Event Management Systems (SIEM) and Intrusion Prevention/Detection Systems (IPS/IDS)• Support in the implementation of SIEM and IPS/IDS systems, specifically IBM products• Interfacing with multiple security solutions that are used to assess the security posture of clients and their environments• Designing and building security posture assessment reports for client that enable clients to gain an overview of their current security posture and infrastructure• Interfacing and engaging with clients to understand what kind of vulnerabilities that are present within their environment Show less • Planning, design, implementation and operationalisation of projects within a DevOps environment• Project managing and developing projects within the security environment• Interfacing with multiple types of security solutions especially Security Information and Event Management Systems (SIEM) and Intrusion Prevention/Detection Systems (IPS/IDS)• Support in the implementation of SIEM and IPS/IDS systems, specifically IBM products• Improvement of existing DevOps Methodology with in a security environment Show less

  • IT Security Analyst/Architect

    Sept 2015 - Jun 2017

  • DevOps Development

    Feb 2015 - Sept 2015

  • Web Developer

    Dec 2014 - Feb 2015
• 

  Puleng Technologies (PTY) Ltd

  Jul 2017 - Nov 2019

  Technical Security Consultant

  • General Technical Cyber Security consulting services• Project requirements scoping and costing• IBM QRadar architecture design, implementation and maintenance services• Threat hunting and CSIRT processing from a planning and strategic perspective • Attack Path Mapping (APM) and Threat Use Casing services • PCI DSS Strategy and Planning (Requirement 10)• Vulnerability Management scoping and planning• Threat analytics and root cause analysis, including remediation processes • IBM Resilient technical consultation services, including architecture design, implementation, customization and maintenance services• Incident response processes, including playbook design and corrective action design• Log validation and verification e.g. logging levels, log formatting such as LEEF• Fraud and anomalous security behavior detection use casing for specific payment systems e.g. Swift environment• Zero Trust Assessment, design and road mapping Show less

• 

  Dimension Data

  Nov 2019 - Dec 2020

  Technical Solutions Architect

  • Evaluate each opportunity for alignment with Dimension Data capabilities and business policy.• Prepare the executive summary that outlines all of the information gathered from the client in regards to their needs, as we understand them• Document the proposed security technology solution• Document the statement of work along with all labour requirements• Work with the Client Manager/Sales Specialist to prepare the pricing format that will be supplied to the customer.• Perform the actual solution design and prepare a parts list outlining equipment to be provided.• Develop and manage a proof-of-concept as such may be required• Engage all technical resources required for an accurate solution design.• Prepare a network diagram outlining the proposed solution• Document all deliverables and what constitutes a successful completion.• Review the final parts list as supplied by the Client Manager and submit all information to the applicable bid team for final assembly.• Verify the proposal’s accuracy and sign off on the final documents to be presented to the client• Assist the Client Manager during the final presentation to the customer as appropriate Show less

• 

  MTN

  Dec 2020 - now

  • Define and manage information and cyber security strategic requirements, maturity, delivery and execution in line with the defined MTN Group business, technology and information security strategies.• Provide input into the group strategic plans represents the needs of the MANCO division to ensure that any new/emerging people, process and technology controls are leverage upon in order to protect the organisation and mitigate against the emerging and evolving threat landscape.• Guide, educate and facilitate awareness regarding Information Security policies and procedures to protect the MTN Group and its client’s data in a manner that is compliant with legislation, regulations and professional standards.• Communicate security best practices and risks to all parts of the MANCO business divisions and contribute to the driving of the devsecops capability.• Provide training and mentoring of the information security direct reports.• Serve as a point of contact on all security matters relating to MANCO (internally as well as to external stakeholders).• Ensure that GRC, Cyber Defence, Security Operations, Security Architecture disciplines are driven and managed in order to improve / mature the control environment as well as meeting the defined KPI’s.• Initiate information security awareness and training initiatives among MTN Manco users.• Contibute and deliver on projects as information security subject expert and resource.• Facilitate the engagements between MANCO Risk Management and GIS GRC, regarding information security risk assessments and internal audits to ensure systems are protected and to ensure that any identified threats are mitigated / have an appropriate treatment plan.• Lead the Manco Security incident response team to contain, investigate and prevent future information security breaches.• Participate and contribute to MANCO crisis simulation initiatives• Group Mergers and Acquisitions project management and operations onboarding/offboarding Show less • Draft 24/7 Monitoring & Triage input into the MTN cybersecurity strategy • Draft, integrate and monitor detailed business plans for 24/7 Monitoring & Triage in accordance with the frameworks, goals and targets agreed for the holistic Group GSOCfunction.• Actively contribute to the delivery of the holistic cybersecurity mandate and commitment.• Assist to drive strategic alignment of the Group 24/7 Monitoring & Triage operations and in-country 24/7 Monitoring & Triage services performed by Operating Companies.• Responsible for the provision’s of 24/7 operations and management of all alerts generated by the SIEM/SOAR/EDR/Digital Footprint platforms• Responsible for the project management, deployment and operationalisation of SIEM/SOAR/EDR/Digital Footprint/Digital Forensics platforms• Network Security Analytics• CSIRT Deployment and Management • Executive and Senior Management Incident Communications and Reporting• Adhere to the required procedures to ensure that the necessary, accessible and usable data is available at the necessary time to support the activities of the rest of the MTN areas (particularly Incident Response).• Perform advanced investigation for level two and three incidents, following the incident management methodology.• Develop and update the classification schema for MTN Information Security Incidents.• Oversee the examination and analysis of information gathered to verify real incidents and ensure security incidents are classified according to the classification schema for MTN Information Security Incidents.• Determine the severity of the security incident case based on the severity of the alert or the request and assign the security incident to the incident response team.• Multi-vendor engagements on the implementation of various projects• Lead process optimisation, enhancement, efficiency and continuous improvement on initiatives and programmes within 24/7 Monitoring & Triage Show less

  • Senior Manager - MANCO Information Security and Awareness South Africa and Dubai

    Jul 2023 - now

  • Senior Security Specialist: 24/7 Monitoring & Triage

    Dec 2020 - Jun 2023