Skip to main content
Godfrey KutumelaGK
Open to opportunities

Godfrey Kutumela

@godfreykutumela

I bridge executive cybersecurity governance and hands-on engineering execution for measurable resilience.

South Africa
Message

What I'm looking for

I’m looking to serve as a Fractional CISO/executive advisor, building measurable, evidence-based cybersecurity operating models that bridge board governance with engineering execution—especially in regulated, high-growth environments where cyber risk and AI trust are managed end-to-end.

I bring over 27 years of experience leading cybersecurity governance, risk management, and technical security transformation across financial services, SaaS, and digital infrastructure. I’m known for integrating executive-level cyber risk clarity with engineering-level implementation, building coherent cybersecurity operating models that are measurable, defensible, and continuously improving.

I’ve led governance and assurance programmes in rapidly scaling, multi-jurisdictional environments, and I’ve helped organisations transition from ad hoc or compliance-driven security to structured, risk-based management. As CEO and Lead Practitioner at Nucleus Systems and co-founder/CEO of Paxley Software, I use practitioner-led frameworks (evidence-based maturity, code trust assurance, and AI governance assurance) to align board decision-making with practical security controls embedded into cloud and DevSecOps delivery.

Experience

Work history, roles, and key accomplishments

West Monroe logoWM
Current

Cybersecurity Due Diligence Advisor

Jan 2024 - Present (2 years 6 months)

Provided ad hoc support to West Monroe on cybersecurity and compliance due diligence engagements. Assessed cybersecurity maturity and risk exposure, advised on risk prioritisation and remediation strategies, and contributed senior-level technical insight for investment committees.

Sedex logoSE
Current

Virtual CISO Advisor

Sedex

Jan 2024 - Present (2 years 6 months)

Built an enterprise-wide cybersecurity governance program for a global SaaS supply chain transparency platform. Established structured risk management and reporting for executive and board visibility and aligned security posture and controls with customer security expectations and regulatory obligations.

The Mifos Initiative logoTI
Current

Fractional CISO and DevSecOps Champion

The Mifos Initiative

Jan 2019 - Present (7 years 6 months)

Established and led cybersecurity governance, DevSecOps, and software assurance initiatives for the open-source fintech ecosystem. Strengthened secure software delivery practices, code security assurance, cloud security governance, and risk management for community-led engineering teams.

NS
Current

Independent Global Cybersecurity Firm

Nucleus Systems

Jan 2014 - Present (12 years 6 months)

Founded and leads Nucleus Systems as an independent cybersecurity consulting practice delivering cybersecurity governance, digital trust, and technology risk advisory globally. Industrialises cybersecurity maturity assessment, code trust assurance, and AI governance into repeatable, evidence-driven delivery programmes.

NS
Current

CEO & Lead Cybersecurity Practitioner

Nucleus Systems

Jan 2013 - Present (13 years 6 months)

Leads Nucleus Systems as a cybersecurity advisory firm focused on governance, risk, compliance, and digital trust. Provides enterprise program design and implementation, maturity assessments and transformation roadmaps, DevSecOps/secure SDLC advisory, and board-level risk reporting using proprietary delivery frameworks.

Zenobe logoZE

Fractional CISO Advisor

Zenobe

Jan 2024 - Mar 2024 (2 months)

Built and established an enterprise-wide cybersecurity and risk management program aligned to ISO 27001. Designed an electrical grid security program aligned to NIST CSF and NIST industrial control system guidance, including technical security implementation blueprints for OT and related infrastructure environments.

TS

Fractional CISO Advisor

Training The Street

Jan 2021 - Jan 2024 (3 years)

Delivered cybersecurity governance for a global cloud-based SaaS learning management platform across financial services and professional services sectors. Implemented a data privacy and protection program for student PII and guided the organization through supplier security and assurance certification processes.

CT

Cybersecurity & Compliance SME

Crosslake Technologies

Jan 2019 - Jan 2024 (5 years)

Led cybersecurity and technology risk assessments supporting investment transactions. Performed technical assessments of software architecture, cloud environments, DevOps maturity, engineering practices, and operational resilience, translating findings into investment-committee-ready risk insights and remediation priorities.

AL

Fractional CISO Advisor

Jan 2022 - Jan 2023 (1 year)

Strengthened cyber risk management and governance structures for a highly regulated digital banking and fintech SaaS environment. Improved cloud security posture and control frameworks to support secure scaling and regulatory readiness across US banking jurisdictions.

MF

Fractional CISO and DevSecOps Champion

Mojaloop Foundation

Jan 2018 - Jan 2022 (4 years)

Established global cybersecurity governance for a distributed open-source payments platform operating across multiple countries and jurisdictions. Integrated security, compliance, and privacy into DevOps delivery pipelines and defined risk frameworks covering platform architecture, API security, and cryptographic controls.

DD

Chief Architect

Dimension Data

Jan 2001 - Jan 2011 (10 years)

Delivered complex enterprise architecture and security transformation programs across banking, telecommunications, and government sectors. Led mission-critical architecture and delivery programs, defined security architecture frameworks and standards, and mentored technical teams.

EP

CyberNet Expert Pool Member

EU CyberNet Expert Pool

Served as an EU CyberNet expert and advisor assigned to the LAC4 initiative. Advised the EU Hungarian Presidency on cybersecurity policy, including submarine cable infrastructure security.

BP

G20 Digital Transformation Advisor

Brazil G20 Presidency

Provided high-level cybersecurity and digital transformation advisory to Brazil's G20 Presidency to shape digital inclusion and cybersecurity policy. Worked with the Secretary of Information and Innovation Ministry on global policy advisory.

Digital Public Goods Alliance (DPGA) logoDD

Privacy Expert Group Member

Digital Public Goods Alliance (DPGA)

Advised DPGA on privacy requirements of the DPGA Standard as part of the Privacy Expert Group. Developed a privacy compliance evaluation framework for prospective digital public goods.

PS

Co-founder & CEO

Paxley Software

Co-founded and leads Paxley Software, an enterprise application security SaaS platform providing integrated code security capabilities. Includes SAST, SCA, SBOM, IaC scanning, and remediation.

Education

Degrees, certifications, and relevant coursework

University of Stellenbosch Business School logoUS

University of Stellenbosch Business School

Management Development Programme (MDP), Business Management

2010 - 2010

Completed a Management Development Programme (MDP) for executive leadership and business management.

University of Limpopo logoUL

University of Limpopo

BSc Computer Science, Computer Science and Artificial Intelligence

1997 - 1999

Studied Computer Science and Artificial Intelligence as part of a BSc program; studies were interrupted before final examinations due to prolonged illness.

Tech stack

Software and tools used professionally

Get matched with your dream remote job

Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan