ABOUT US

CISSP - Certified Information Systems Security Professoinal CERTIFIED INFORMATION SYSTEM AUDITORS CERTIFIED INFORMATION SECURITY MANAGERS CERTIFIED ETHICAL HACKERS IT Infrastructure Library Practitioners Ethical Ninja II

InfoAssuraX is a information security and risk management consultancy firmed founded in 2008 with practitioners  who have experience in Information Technology Governance, Information security, Risk management, Network Security and Computer Forensics. InfoAssuraX aimed at providing quality services in the field of information security and risk management for private and non-private organisations.

Our line of services range from technical to managerial and focused on effective and effiecient management of people, processes and technology risks.

Experts Profile

Abdul Nyoka, SABSA Architect, CREST Technical Security Architect, PCI QSA, CISM, ISO 27001 LA, AWS CCP, PCIP, OpenFAIR, M.Sc

A certified business-driven cybersecurity professional with experience in consulting, financial services, Telco, retail, hospitality, broadcasting, insurance, software development, publishing, transportation, branding and advertising industries with focus on ISO 27001 standard Information Security Management System (ISMS) implementation, SABSA Business-driven Security Architecture Review, vCISO services, Development of Security Strategy, Third Party Assessments, virtual CISO service, Cybersecurity Capability and Maturity Review, NIST CSF assessment, and PCI DSS compliance assessment and management. A proven leader in building and managing teams of highly qualified security consultants (Principal and Senior level) and responsible for defining new services and helping clients to meet their business objectives securely.

A postgraduate degree holder in Information Security Management (M.Sc.), Certified Information Security Manager (CISM), SABSA Security Architect, CREST Registered Penetration Tester, CREST Technical Security Architect, ISO 27001 Lead Auditor (LA), AWS Certified Cloud Practitioner, and member of ISACA. Demonstrated to be a reliable, trustworthy, and meticulous person; working in a control-focused environment, multinational, and multicultural organisations over 15 years of pure information, cybersecurity experience, and gained a good understanding of what is required of the Business-driven cybersecurity professional.

Sector Experience: Telecommunication, Broadcasting, Expenses Management, Card Issuers, Hospitality, Healthcare, Housing Management, Retail, Banking, Finance, Insurance, Software Development House, Health, Insurance, Branding, Advertising, Publishing, Call Centre, Public / Government Sectors, Construction, Manufacturing, Real Estate, Oil and Gas.

Regional Experience: Europe, UK, APAC (New Zealand and Australia), India, Africa, and North America (USA & Canada).

Dennis KiwiaCISSP-ISSAP, CCSP, CIS LI, CRISC, CISSP, M.Sc.INFOSEC, PRINCE2P

A certified security professional in implementing security programs across multiple regions in the world for organisations with complex and non-complex structures. Certified in CISSP-ISSAP, CCSP, CISSP, CRISC, ISO27001 LI, PRINCE II Practitioner and MSc. InfoSec. A member of (ISC)2 and ISACA with good understanding of multiple international security frameworks, standards and guidelines including but not limited to: ISO/IEC 27000 series, SABSA, TOGAF, PCI DSS, CAS(T), NIST, SANS Top 20, OWASP and regulations such as GDPR, DPA, LGPD and APRA (CPS 234).

Over 10 years’ experience in the field of Technology and Information Security. Clear understanding of Enterprise Security Architecture top-down implementation that allows clear alignment of business requirements/strategies and security to support secure delivery of business goals. Reputable record in implementation, managing and leading successful IT and information security projects/programs in challenging environments including banking, financial and telecommunication industries. Experienced in conducting gap analysis, merger and acquisition security assessments, risk assessments qualitatively and quantitatively and produce reports with both tactical and strategic solution recommendations for remediation that can be used in different organisational levels.

Capable of creating relationships with senior management and presenting the progress of security program and different aspects of Information Security up to board level. Confident, positively minded, friendly, reliable, cooperative, work effectively in a team or alone.