Ishmael Dube

• Leading and maturing an integrated cyber operations team encompassing Red, Blue, and Purple Team functions, embedding Zero Trust principles, driving continuous validation of security controls across hybrid environments (on-premises and cloud) and reducing undetected vulnerabilities through proactive testing and collaborative defence initiatives to improve the security posture.

• Executing Breach & Attack Simulations (BAS) and full-scale threat-informed adversary emulations to validate and enhance detection engineering & continuously assess control efficacy, leveraging automation and machine learning-driven analytics to achieve faster mean time to detect (MTTD) and mean time to respond (MTTR).

• Conducting comprehensive penetration testing, security & vulnerability assessments across web, mobile, API, SaaS ecosystems, and emerging technology stacks, identifying systemic risks and implementing mitigation strategies that have lowered critical vulnerability exposure & neutralized potential risks before exploitation.

• Enhancing enterprise zero-trust security posture by engineering and validating compliance baselines across Secure Internet Access, Secure Private Access (ZTNA), Data Protection (CASB/DLP), Privileged Access Management (PAM), and Endpoint Detection and Response (EDR) platforms.

• Embedding security into the software development lifecycle (SDLC) by overseeing secure code practices (secure by design) - including IaC security, CI/CD pipeline security, secrets management, Software Composition Analysis (SCA), and both Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) - ensuring DevSecOps alignment, zero-trust readiness and faster, safer code releases.

• Conducting threat modelling and risk assessments using structured threat modelling methodologies (MITRE ATT&CK, DREAD) to assess attack surfaces, prioritize mitigations, and influence secure architecture decisions.

• Established and led the Red Team, building operational capability from the ground up and uncovering critical vulnerabilities before exploitation through targeted vulnerability scans, penetration testing, and breach-and-attack simulations - reducing exploitable risk.

• Directed and executed red-team engagements, ensuring both internal and external tests were completed, findings effectively communicated to stakeholders, and remediation tracked to closure - resulting in faster vulnerability resolution cycle.

• Conducted advanced penetration tests across web, mobile, and enterprise network infrastructures, as well as new technologies, identifying high-impact security flaws and

validating security control effectiveness.

• Produced and delivered technical and executive-level vulnerability reports, translating complex findings into actionable recommendations that informed strategic risk mitigation decisions.

• Delivered full-spectrum adversarial simulations to test and validate the organisation's detection, response, and recovery capabilities across varying levels of complexity and operational scope.

• Collaborated closely with the Blue Team to evaluate and enhance detection mechanisms, tuning SIEM and EDR tools to improve alert accuracy and reduce false positives.

• Researched and replicated real-world threat actor tactics, techniques, and procedures (TTPs) to develop proof-of-concept exploits and playbooks, strengthening threat readiness and incident response maturity.

• Simulated adversarial threat campaigns to assess resilience, expose systemic weaknesses, and validate the effectiveness of deployed security controls, directly contributing to enhanced red-blue team synergy.

• Utilised automated scanning, testing tools, and source code review techniques to streamline vulnerability identification, achieving greater than 90% coverage across critical assets during engagements.

• Collaborated within the cybersecurity team to proactively identify and mitigate vulnerabilities before exploitation, strengthening overall enterprise resilience and reducing critical exposures.

• Conducted advanced threat modelling, hunting, and simulation activities using diverse intelligence sources and tools, enabling early detection of emerging threats and shortening response time.

• Developed and delivered actionable threat and situational intelligence by correlating proprietary enterprise data with open-source intelligence, enhancing threat visibility, and improving incident readiness across teams.

• Supported IT security leadership in maintaining and refining security policies, procedures, and technical standards through the application of frameworks such as ISO 27001 and NIST, ensuring consistent compliance and operational efficiency.

• Partnered with the Blue Team to investigate and remediate incidents, improving post-incident learning and reducing recurrence of similar threats through structured corrective actions.