Bayt.com

Submitting more applications increases your chances of landing a job.

Here’s how busy the average job seeker was last month:

Opportunities viewed

Applications submitted

Keep exploring and applying to maximize your chances!

Looking for employers with a proven track record of hiring women?

Click here to explore opportunities now!
We Value Your Feedback

You are invited to participate in a survey designed to help researchers understand how best to match workers to the types of jobs they are searching for

Would You Be Likely to Participate?

If selected, we will contact you via email with further instructions and details about your participation.

You will receive a $7 payout for answering the survey.


User unblocked successfully
Brian Colborne, GRC Analyst with ISMS Implementation

Brian Colborne

GRC Analyst with ISMS Implementation·Top Trust Consulting,

Bahrain

Diploma, Herbalism

Work experience

Total years of experience: 28 years, 5 months

GRC Analyst with ISMS Implementation

September 2024 - Present

Top Trust Consulting,

Al Muharraq, Bahrain

September 2024 - Present

Cybersecurity Consultant providing GRC, risk management, and AWS cloud security services to clients across various industries. Conduct risk assessments, implement ISMS (ISO 27001), and perform AWS cloud hardening. Lead incident response efforts, develop security playbooks, and deliver training for client teams. Utilize tools like AWS GuardDuty, CloudTrail, and Security Hub for threat detection.
Company industry:
Cyber & Network Security
Job role:
Information Technology

Web Security Consultant, Web Security

January 2016 - August 2024

Hostipro,

Durban, South Africa

January 2016 - August 2024

Provided web security services to clients across various industries. Performed vulnerability scans, penetration tests (OWASP Top 10), and implemented web security controls like WAF, honeypots, and bot-mitigation techniques. Automated security processes using Python and Bash and ensured compliance.
did gap analysis on clients for iso 27001 controls and implementation on their websites and mail servers
Company industry:
Data Hosting & Storage

ITSec Specialist, Web Security

January 2011 - December 2015

Steed Solutions,

Liverpool, United Kingdom

January 2011 - December 2015

Led web application security efforts and security training programs. Performed penetration testing, incident response, and developed security controls to mitigate risks. Implemented SIEM solutions, monitored logs for anomalies, and advised leadership on security enhancements.
Company industry:
Financial Services

Deployment & Qulity Assurance lead

January 2010 - December 2011

Full Tilt Poker (PocketKings),

Dublin, Ireland

January 2010 - December 2011

Conducted vulnerability testing and deployment validation for gaming platforms. Analyzed incident reports, implemented mitigation strategies, and supported QA teams with custom test frameworks.
Company industry:
Cyber & Network Security

Deployment Lead

September 2007 - December 2008

NetRefer,

Gzira, Malta

September 2007 - December 2008

Managed secure software deployments for SaaS applications. Performed penetration tests, implemented SQL injection mitigations, and enhanced deployment security processes.
Company industry:
Software Development

ITSec Deployment Specialist, Online

January 2005 - August 2007

Derivco,

Durban, South Africa

January 2005 - August 2007

Oversaw secure deployments for online gaming applications. Developed security automation scripts, performed fraud detection analysis, and supported network hardening initiatives.
Company industry:
Software Development

ITSec Deployment Engineer

January 2001 - December 2004

Derivco,

Durban, South Africa

January 2001 - December 2004

Assisted in securing client-server applications by performing security audits, regression testing, and developing training programs for QA teams.
Company industry:
Software Development

Horticulture Technician

January 2000 - December 2000

Durban City Council Municipality Parks Deparment

Durban, South Africa

January 2000 - December 2000

Horticulturist, Oversaw urban landscape management, plant care operations, and community green space development.
Company industry:
Civil Engineering

Deployment and Systems Integration Engineer

January 1997 - December 1999

SmithKline Beecham,

London, United Kingdom

January 1997 - December 1999

Supported Y2K system transitions with secure IT deployments and conducted employee training sessions on security protocols.
Company industry:
Pharmaceutical Manufacturing

Education

South African College of Herbalism and Health

July 1997

July 1997

Diploma, Herbalism

South Africa

Durban University Of Technology

January 1996

January 1996

Diploma, Horticulture

South Africa

Skills

Gap Analysis
Expert
Gap Analysis
Expert
Risk Assessment
Expert
Risk Assessment
Expert
GRC
Expert
GRC
Expert
ISO 27001
Expert
ISO 27001
Expert
ISMS
Expert
ISMS
Expert
RISK ASSESSMENT
Expert
RISK ASSESSMENT
Expert
Risk Management and Compliance (ISO 27001, NIST 800-53, PCI-DSS, GDPR)
Expert
Risk Management and Compliance (ISO 27001, NIST 800-53, PCI-DSS, GDPR)
Expert
Governance Risk and Compliance GRC
Expert
Governance Risk and Compliance GRC
Expert
ISMS 27001 Implementation and Audit
Expert
ISMS 27001 Implementation and Audit
Expert
GRC Framework Development and Implementation
Intermediate
GRC Framework Development and Implementation
Intermediate
Compliance Audits and Reporting
Intermediate
Compliance Audits and Reporting
Intermediate
Policy Development and Documentation
Expert
Policy Development and Documentation
Expert
Risk Assessment and Gap Analysis
Expert
Risk Assessment and Gap Analysis
Expert
AWS Cloud Security
Intermediate
AWS Cloud Security
Intermediate
AWS Cloud Security Foundations IAM GuardDuty
Intermediate
AWS Cloud Security Foundations IAM GuardDuty
Intermediate
CloudTrail Security Hub
Intermediate
CloudTrail Security Hub
Intermediate
AWS Identity and Access Management IAM
Intermediate
AWS Identity and Access Management IAM
Intermediate
AWS KMS and Encryption Techniques
Intermediate
AWS KMS and Encryption Techniques
Intermediate
CloudTrail and CloudWatch Log Analysis
Intermediate
CloudTrail and CloudWatch Log Analysis
Intermediate
Incident Response & Threat Detection
Intermediate
Incident Response & Threat Detection
Intermediate
Incident Response and Digital Forensic
Intermediate
Incident Response and Digital Forensic
Intermediate
Security Incident Investigation and Mitigation
Expert
Security Incident Investigation and Mitigation
Expert
Forensic Data Acquisition Memory Dumps Log Analysis
Intermediate
Forensic Data Acquisition Memory Dumps Log Analysis
Intermediate
SIEM Configuration and Log Correlation
Intermediate
SIEM Configuration and Log Correlation
Intermediate
Leadership & Strategic Skills
Expert
Leadership & Strategic Skills
Expert
Security Awareness Training and Development
Expert
Security Awareness Training and Development
Expert
Cross-Functional Team Leadership
Expert
Cross-Functional Team Leadership
Expert
Stakeholder Engagement and Communication
Expert
Stakeholder Engagement and Communication
Expert
Risk-Based Decision-Making
Expert
Risk-Based Decision-Making
Expert
Security Automation
Intermediate
Security Automation
Intermediate
CI/CD Pipeline Security
Intermediate
CI/CD Pipeline Security
Intermediate
Infrastructure as Code IaC Security Principles
Beginner
Infrastructure as Code IaC Security Principles
Beginner
Web Application Security OWASP Top 10
Expert
Web Application Security OWASP Top 10
Expert
Honeypots and Bot Mitigation
Expert
Honeypots and Bot Mitigation
Expert
Network Security IDS IPS VPC Security
Intermediate
Network Security IDS IPS VPC Security
Intermediate

Languages

English
Native Speaker

Training and Certifications

Certifications
The Definitive GRC Analyst Masterclass
Apr 2022
Show credentials

Hobbies

  • Autodidact so deep immersion into continuous education and self driven learning