Summary
Overview
Work History
Education
Skills
Certification
References
Timeline
Generic
SADIA BANON MACKY

SADIA BANON MACKY

Beau-Bassin

Summary

Enthusiastic and detail-oriented Cybersecurity and IT Security Risk professional with over three years of hands-on experience across consulting and banking environments. Strong expertise in ISO 27001, NIST, and enterprise cybersecurity risk management frameworks, with practical exposure to security governance, control assessments, and regulatory compliance reporting.

Experienced in vulnerability management, security monitoring, and the implementation and review of technical security controls across infrastructure, applications, and cloud environments. Proven ability to develop cybersecurity policies, SOPs, and risk documentation, while leveraging security tools to identify and remediate vulnerabilities.

Adept at translating technical risks into business impact, enabling risk-based decision-making, and collaborating with cross-functional teams to strengthen overall cybersecurity posture and ensure continuous improvement of security controls.

Overview

7
7
years of professional experience
1
1
Certification

Work History

IT Security Risk

Afrasia Bank Ltd
Trianon
10.2025 - Current
  • Performed security assessments of IT systems, network infrastructure, and applications to identify control gaps and security weaknesses, providing risk-based remediation recommendations
  • Monitored and responded to security alerts and incidents across tools (SIEM, EDR, IDS/IPS, Firewall Rule Analyzer), enhancing incident detection and response effectiveness
  • Conducted vulnerability assessments and participated in VAPT for web applications, APIs, and infrastructure, identifying and addressing critical security risks
  • Implemented and supported security controls including access management, authentication mechanisms, firewall configurations, and endpoint protection solutions
  • Managed user access and permissions in line with least privilege principles and access control policies
  • Supported patch management and system hardening activities, remediating vulnerabilities and strengthening overall system security posture
  • Ensured compliance with IT security policies, procedures, and regulatory standards (ISO 27001, NIST), through regular audits, control reviews, and user access monitoring
  • Documented and maintained IT security posture, including asset inventories, system configurations, and deployed security technologies
  • Collaborated with cross-functional teams (IT, Risk, Operations) and stakeholders to ensure consistent enforcement of security policies and strengthen overall security posture
  • Contributed to the development, review, and implementation of IT security policies, procedures, and awareness programs, including conducting user trainings
  • Maintained and supported security tools and technologies (e.g., firewalls, BlackBerry UEM, cloud security), providing recommendations to enhance overall cybersecurity posture
  • Developed and reviewed Third-Party Risk Management (TPRM) security questionnaires and supported vendor risk assessments to evaluate third-party cybersecurity posture
  • Developed and maintained Standard Operating Procedures (SOPs) and security reports for various IT controls to support governance and compliance requirements
  • Continuously monitored emerging threats, CVEs, and industry trends to proactively enhance security controls and risk posture

Cybersecurity Consultant

Ernst & Young
01.2024 - 10.2025
  • Assessed compliance with ISO 27001 and NIST standards to identify security postures.
  • Conducted comprehensive IT audits to assess compliance and identify security gaps.
  • Developing cybersecurity policies and procedures in line with international standards and local regulatory authorities
  • Access control policy and procedures
  • Vulnerability Assessment & Penetration Testing (VAPT) - Black & White box
  • Web Application Security (OWASP Top 10)
  • Security Tools Utilization (Burp Suite, OWASP ZAP & Nessus)
  • Technical Reporting & Documentation
  • Creation of Security Hardening Guidelines.
  • Executed cyber footprint exercises to identify online exposure and recommend mitigation strategies.
  • Conducted social engineering exercises to evaluate employee awareness and response to security threats.
  • Development of cybersecurity reference architecture.
  • Development of Enterprise Architecture.

SAP Consultant

Ernst & Young
05.2023 - 01.2024
  • Business Technology Platform Admin - BASIS & Documentation
  • Work on Business Application Studio(BAS) & SAP Analytics Cloud
  • Tasks in the HANA Cloud database
  • Application development using python
  • Collaborated with cross-functional teams to gather requirements for system implementation.
  • Conducted user training sessions to improve understanding of SAP functionalities.
  • Supported data migration efforts ensuring accuracy in system integration.

Clerk

Nexochem Trading
01.2019 - 06.2019
  • Filing
  • Record keeping
  • Staffing service counters
  • Administrative tasks
  • Config Reviews
  • Proposals (Different scope of work).

Education

Bachelor Degree - Cyber Security and Digital Forensics

Middlesex University
01-2023

International Foundation Programme -

Middlesex University
01-2020

Higher School Certificate (HSC) -

Ebene SSS (Girls)
01-2018

School Certificate (SC) -

Kali Linux
01-2015

Skills

  • Kali Linux
  • MySQL
  • Python programming
  • Wireshark
  • Forensics tools
  • Network configuration
  • Blockchain applications
  • SAP foundation badge
  • VAPT
  • Problem resolution
  • Team collaboration
  • Leadership skills
  • Multitasking abilities
  • Communication skills
  • Analytical thinking
  • Critical thinking
  • Team management
  • Positive attitude
  • Conflict resolution strategies
  • Creative thinking
  • Effective communication techniques
  • Attention to detail
  • Incident response planning
  • Regulatory compliance knowledge
  • IT risk management practices
  • Cybersecurity policy development
  • Access management strategies
  • Security assessments

Certification

  • Microsoft Certified: Azure Fundamentals
  • Identity and Access Administrator
  • Azure Network Engineer Associate
  • SAP Foundation Badge
  • ISO 27001 Certified

References

Available on request.

Timeline

IT Security Risk

Afrasia Bank Ltd
10.2025 - Current

Cybersecurity Consultant

Ernst & Young
01.2024 - 10.2025

SAP Consultant

Ernst & Young
05.2023 - 01.2024

Clerk

Nexochem Trading
01.2019 - 06.2019

Bachelor Degree - Cyber Security and Digital Forensics

Middlesex University

International Foundation Programme -

Middlesex University

Higher School Certificate (HSC) -

Ebene SSS (Girls)

School Certificate (SC) -

Kali Linux

Similar Profiles

CREATE PROFILE
SADIA BANON MACKY