Dave Saunders
About Dave Saunders
Dave Saunders is a Cyber Security/Application Security Engineer at Investec in Johannesburg, South Africa, with over seven years of experience in the field. He has a strong background in software development and security methodologies, holding a Bachelor of Science degree in Computer Science and multiple diplomas in project management and information systems engineering.
Work at Investec
Dave Saunders has been employed at Investec since 2017, serving as a Cyber Security/Application Security Engineer. His role involves ensuring security across application layers by utilizing tools such as Splunk for alerting and reporting. He has implemented a security-focused CI/CD pipeline that incorporates Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Runtime Application Self-Protection (RASP). Prior to his current position, he held the role of Team Lead in Digital Labs from 2015 to 2017 and worked as a Senior Software Developer from 2013 to 2015.
Education and Expertise
Dave Saunders studied at Heriot-Watt University, where he earned a Bachelor of Science (BSc Hons) in Computer Science from 2012 to 2013. He also completed a Project Management Diploma at CTI Education Group in 2007 and an Information Systems Engineering diploma from 2006 to 2007. His expertise includes a deep understanding of cryptography, secure key storage, and AWS Cloud Security, which he applies in his current role.
Background in Software Development
Before joining Investec, Dave Saunders worked at Barloworld Logistics as a Senior Software Developer from 2007 to 2013. His experience in software development laid the foundation for his later roles in application security. At Investec, he transitioned from software development to focus on cyber security, demonstrating his adaptability and growth in the technology sector.
Security Methodologies and Practices
In his role, Dave Saunders has developed secure application development methodologies that align with industry standards such as OWASP, SANS, and NIST. He conducts Open Source Intelligence (OSINT) on vendors and performs background checks as part of his security measures, ensuring comprehensive security practices are in place.