Team – IronSky

The Hacker-cratic oath

As the honest hacker, I promise to use my skills for good, not evil.
To improve the lives of my fellow humans, not destroy and steal.
All my efforts will go into building a safer, securer and stronger digital world.
A world where ones and zeros are not the enemy.
A world where they [1’s & 0’s] are used to build trust and transparency between people,
companies, and countries.

I am an IronSky hacker.
your data will be protected by me.
It is my responsibility.

Management Team

Specialisation

Penetration Testing
Vulnerability Assessments
Web Application Testing
Mobile Application Testing

Qualifications

MSc Computer Science – Information Security
Offensive Security Certified Professional
Certified Penetration Testing Engineer
Cisco Certified Network Associate – Routing and Switching
Microsoft Certified Professional
Certificate in Cyber Security

Sibusiso Sishi

Sibusiso is the lead Technical Specialist at IronSky in Europe and South Africa. He is a Cyber Security Subject Matter Expert (SME) that is experienced in advising clients in technical security, understanding threats and vulnerabilities. Sibusiso has performed and led numerous Information Security engagements for IronSky at clients such as Omnia Holdings, MobeCom SA, Spoor & Fisher and South Bureau of Standards (SABS). Sibusiso has spoken at international and local conferences such as PasswordCon 2019, Bsides Las Vegas 2019 and DEFCON Johannesburg 2019.

Specialisation

Security Advisory
Security Architecture
Penetration testing

Qualifications

Master Business Administration (MBA)
Certified Information System Security Professional (CISSP)
Certified Information Systems Security Architecture Professional
(CISSP-ISSAP)
Certified Cloud Security Professional (CCSP)
Post Graduate Diploma in Information Systems

Robert Beney

Robert is a Technical Specialist at IronSky in Europe and South Africa. He’s a Cyber Security Subject Matter Expert (SME), and an experienced advisor for technical security, threats and vulnerabilities. Robert has spearheaded many Information Security and Security Governance engagements for IronSky for high profile clients in both Europe and South Africa.

Specialisation

Information technology,
Operational information security
IT risk management and performance
Audit and assessment of Cyber Security systems
Penetration testing
Vulnerability Assessments

Qualifications

Certified Information Systems Auditor – ISACA
Certified Ethical Hacker – EC-Council

Bernard Drotskie

Bernard has over 30 years experience in information technology, operational information security, IT risk management and performance, specialising in the audit and assessment of Cyber Security systems throughout all market sectors.

He is innovative and resourceful individual who has been responsible for large scale IT and IS solution development and implementation across Africa and Europe and is an accomplished expert in cyber threat management, concentrating on data contextualisation in order to transform cyber assessments into enterprise risk conversations with meaningful recommendations to all levels within the organisation for sustainable process improvement.

Bernard is a successful relationship manager during the deliverance of large scale cyber assessments and has managed services through managing and meeting client expectations, reacting to challenges and strict project management discipline.

A confident business professional, Bernard has presented many audit findings and presentations to audit committees and executive board members. Bernard performs all functions with honesty and integrity and consistently remains politically aware and displays respect for confidentiality and diversity within people, cultures and businesses

Consulting Team

Brandon Hunter

Analyst

Brandon is a recently joined team member. With a diverse background in business and web development, showing a passion for security. Brandon is already proving to be a valuable member.

Mbali Sishi

Analyst

Mbali is an experienced analyst holding an ISO27001 Internal Auditor certification aimed at assisting IronSky customers better understand their control frameworks and alignment strategies.

Tamir Tsegaye

Pentester

Tamir holds an MCom in Information Systems and an OSCP. Tamir is actively involved as pentester on IronSky customer projects.

Certifications

The CCNA Security Certification is a credential awarded to IT professionals who pass Cisco’s Certified Network Associate (CCNA) exam. The CNNA security credential demonstrates to employers that the holder is competent and qualified to handle a variety of network security tasks.

CISSP | Certified Information Systems Security Professional. The CISSP® certification is a globally recognized standard of achievement that confirms an individual’s knowledge in the field of information security.

CISSPs are information assurance professionals who define the architecture, design, management and/or controls that assure the security of business environments. This was the first certification in the field of information security to meet the stringent requirements of ISO/IEC Standard 17024.

The CISSP exam tests one’s competence in the 10 CISSP domains of the (ISC)²® common body of knowledge (CBK®), which cover critical topics in security today, including:

risk management
cloud computing
mobile security
application development security and more.

Candidates must have a minimum of 5 years of paid full-time work experience in 2 of the 10 domains. It takes a wide breadth of knowledge and extensive experience to pass the exam and this is what sets the CISSP apart across the industry.

The Mile 2 Certified Penetration Testing Engineer tests the students ability to test an information system for both physical and technical areas of weaknesses and offer recommendations for strengthening those areas. The student is tested against 5 key Penetration Testing elements:

Information Gathering
Scanning
Enumeration
Exploitation and
Reporting

Additionally the student will learn about business skills needed to identify protection opportunities, justify testing activities and optimise security controls appropriately to the business needs in order to reduce business risk.

The Offensive Security Certified Professional (OSCP) is the world’s first completely hands-on offensive information security certification.

The OSCP challenges students to prove they have a clear and practical understanding of the penetration testing process and lifecycle through an arduous twenty four (24) hour certification exam.

The OSCP exam consists of a dedicated vulnerable network, designed to be compromised within a 24-hour time period. The exam is entirely practical and to complete it, the student must submit an in-depth penetration test report of the OSCP examination network and PWK labs.

The coveted OSCP certification is awarded to students who successfully gain administrative access to systems on the vulnerable network.