Hello
I'm Ashly
an information security professional with a strong IT background and a passion for governance, risk, and compliance (GRC). With experience working with companies in South Africa and beyond, I specialize in managing cybersecurity risks, ensuring compliance with global standards like ISO 27001, GDPR, and POPIA, and implementing practical security measures.
I’m driven by the opportunity to enhance business resilience through secure processes and proactive risk management. I thrive on collaborating with diverse teams to conduct threat assessments, respond to incidents, and align security strategies with organizational goals. For me, GRC is about building trust, enabling growth, and ensuring businesses thrive in a secure and compliant way.
I’d love to bring my expertise and mindset to help your organization navigate the evolving global GRC landscape.
My Skills
My Experience
The Cimplicity Institute
Cybersecurity Consultant
Nov 2023 - Present
Designed and implemented cybersecurity frameworks aligned with ISO 27001, PCI DSS, POPIA, GDPR, and FSCA. Reviewed code for vulnerabilities, responded to incidents, and delivered security awareness training to reduce insider risks. Prepared organizations for audits by creating compliance documentation and audit readiness checklists.
Mimosa Mining Company
Information Security Analyst
Aug -- Nov 2023
Collaborated in implementing ISMS (ISO 27001) and BCMS (ISO 22301), ensuring compliance and business alignment. Developed security policies and controls for audits, promoted a culture of security through training, and analyzed logs using tools like SolarWinds and Darktrace to prevent breaches. Communicated risks, implemented controls, and managed email security rules to enhance network protection.
West Prop Holdings
IT Tech Support
Mar 2022 - Jan 2023
Managed user accounts and permissions, ensuring secure access to resources. Monitored access logs to identify and mitigate breaches, collaborated with third-party providers to resolve vulnerabilities, and maintained client databases with data protection best practices. Provided technical support, implemented MFA for enhanced security, and performed front-office tasks while maintaining system security.
My Education
Women's University in Africa
BCs Information Systems
2018-2021
Obatined from the Women’s University in Africa. Developed a strong foundation in IT systems, data management, and cybersecurity principles, which laid the groundwork for my career in information security.
Professional Evaluation and Certification Board
ISO 27001 / 22301
2023 - 2026
Certified in implementing and managing ISMS frameworks to protect sensitive data and ensure compliance with international standards, while also skilled in developing BCMS frameworks to maintain organizational resilience during disruptions.
ISC2
Certified in Cybersecurity
2023 - 2026
Demonstrated foundational knowledge in cybersecurity principles, including risk management, network security, and incident response.
SANCS
Certified in Cybersecurity
Dec 2024
Attended the Southern Africa-Netherlands Cybersecurity School, organized by leading institutions, where I gained hands-on expertise in GRC, threat analysis, and incident response, equipping me with practical skills to address modern security challenges.