Mark Lowe

Manager ISS
Date of birth -1/2/1977
Nationality -South African
Current role and responsibilities
IRMS,ISS, with main focus on Penetration Studies and Security Architecture.
Prior KPMG roles and responsibilities
CAATs, ITRMB, ITCR, BPA.
Key areas of experience
Internal and external penetration testing; OS security reviews; Pen-lab setup
Education
Matriculated at Bedfordview High school in 1995
Professional qualifications
Hons. BSc Computer Science, CISSP, CISA, Hdip Computer Audit
Language skills
English : Primary language
Afrikaans : Basic
Country experience
South Africa,Bahrain,Portugal
Publications
Mini thesis on Penetration studies as part of Higher Diploma in Computer Audit
Presentations
Info Sec Africa 2002: Monitoring tools to support IS governance
Market segment experience
Banking-External and Internal penetration testing; ITRMB; BPA; Forensic investigation.
Food Production-External penetration testing
Power Generation-External penetration testing
Chemicals and Plastics-Internal and external Penetration testing
Automotive-CAATs
Power Generation-Internal and external Penetration testing, ITRMB
Educational Institutions-External Penetrations Testing
Professional service experience
Information Risk Management (IRM)-Presented IRMS training in SA.
Information Security Services (ISS)-Internal and external penetration studies.
Engagement experience
Major South African Bank-Security assessment (2000)
Bank
Skills used - Knowledge of CAMS II and the Credit Card industry
Role - System tester, Database Admin
Mark was responsible for setting up account life cycles, creating test scripts, validating the system, maintaining the Access database used for account life cycles and to support internal audit.
Large Motor Manufacturer-CAATs (2001)
Large Motor Manufacturer
Skills used - Microsoft Access
Role - Run CAAT’s monthly on IRCC data
Mark’s responsibilities are to obtain the data, append it to the database and run the reports. Mark is responsible for maintaining the database and creating queries at the clients request.
South African Cement Manufacturer-Penetration Test. (2000)
South African Cement Manufacturer
Skills used - Knowledge of Unix, Novell, NT environments and Network Security
Role - Perform an internal and external penetration test.
Mark was responsible for executing the IRMS methodology for penetration testing and passing on knowledge to the team.
South African Bank-Penetration Test. (2001)
South African Bank
Skills used - Knowledge of Unix, NT environments and Network Security
Role - Perform an internal and external penetration test.
Mark was responsible for performing an external penetration test
Large International Bank in Bahrain-Penetration test
Large International Bank in Bahrain
Skills used - Knowledge of Unix, NT environments and Network Security
Role - Perform an external penetration test
Mark was responsible for performing an external penetration test.
International bank in India-Penetration test (2000)
International bank in India
Skills used - Knowledge of Unix, NT environments and Network Security
Role - Perform an external penetration test
Mark was responsible for performing an external penetration test.
Large bank in Sri Lanka-Penetration test (2000)
Large bank in Sri Lanka
Skills used - Knowledge of Unix, NT environments and Network Security
Role - Perform an external penetration test
Mark was responsible for performing an external penetration test
ABSA-Web Seal (2001)
Large Bank in South Africa
Skills used - Perform an internal penetration test specific to security for a new secure online payment system
Role - Internal penetration test
Mark was responsible for performing an internal penetration test
ITRMB (2001)
Meat commision
Skills used - ITRMB experience
Role - Perform an ITRMB
Performed a Controls review.
Electronic forensic investigation (2002)
Major South African Bank
Market segment - Banking
Skills used - Collecting data to be used in court; Analysing electronic data.
This assignment involved tracing e-mails and colleting data for court
Employment history
Mark worked at Internet Solutions part time on the Help desk (Internet Dial-up) for 2 years.