Experience

Cyber.SC

• Canada
• Information Services
• 1 - 100 Employee

• Founder & Chief Strategist

  • Aug 2015 - Present

  Vancouver, Canada Providing practical people and process oriented cyber security advisory services to startups, investors, and small/midsize businesses. Cyber.SC specializes in providing cyber security management and expertise to financial service companies and law firms. Cyber.SC provides "on-demand" cyber security services that augment an organization's current capabilities in a way that is less costly and more effective than "traditional" advisory companies. We seek to create trust and not dependency among… Show more Providing practical people and process oriented cyber security advisory services to startups, investors, and small/midsize businesses. Cyber.SC specializes in providing cyber security management and expertise to financial service companies and law firms. Cyber.SC provides "on-demand" cyber security services that augment an organization's current capabilities in a way that is less costly and more effective than "traditional" advisory companies. We seek to create trust and not dependency among our clients. Services include: • Performing cyber security maturity assessments • Completing security questionnaires on behalf of clients • Conducting security gap analysis • Developing security remediation and strategic roadmaps • Providing security leadership in the form of "CISO-as-a-service" Show less



TEC Canada

• Canada
• Professional Training and Coaching
• 100 - 200 Employee

• Cyber Security Speaker Resource

  • Apr 2019 - Present

  Canada Joining as part of TEC Canada’s speakers' group sharing cyber security and leadership expertise with executives across Canada.



Provincial Health Services Authority

• Canada
• Hospitals and Health Care
• 700 & Above Employee

• Senior Security Consultant (Contract)

  • Jun 2016 - Mar 2018

  Burnaby • Developing legacy healthcare system (WinXP) containment strategy and architecture data roadmap • Developing business case (and mitigation strategy) for protecting HealthCare applications and systems • Supported a clear strategic and cost savings roadmap of over 2.5M / Annum • Performing risk assessments (STRAs) for the following projects: • Systems deployed during Children/Women's Hospital upgrade • Cerner platform upgrade



Netcoins

• Canada
• Financial Services
• 1 - 100 Employee

• Internet Security & Operations

  • Apr 2014 - Jun 2017

  Vancouver, Canada • Provide insight and expert advice relating to cyber security and online operations. • Netcoins turns any device into a Bitcoin ATM for retail stores • Netcoins does all the heavy lifting; stores don't need to maintain any cash or Bitcoin inventory



CU Training

• Cyber Security Evangelist

  • May 2014 - Apr 2017

  Vancouver, Canada Cyber security subject matter expert. Providing content and appearing in various security training mechanisms: • Webinars • E-learning modules • Videos



TELUS

• Canada
• Telecommunications
• 700 & Above Employee

• Senior Security Contractor - Vulnerability Management

  • Aug 2015 - Jul 2016

  Vancouver Overall Responsibilities • Chairing security assessment group informing stakeholders of pertinent vulnerabilities and threats • Developing threat intelligence strategy • Developing comprehensive vulnerability management program • Creating web security reports and providing actionable advice based on expert analysis • Security operation centre (SOC) duties Strategic Initiatives • Providing actionable security advice to BC Hydro… Show more Overall Responsibilities • Chairing security assessment group informing stakeholders of pertinent vulnerabilities and threats • Developing threat intelligence strategy • Developing comprehensive vulnerability management program • Creating web security reports and providing actionable advice based on expert analysis • Security operation centre (SOC) duties Strategic Initiatives • Providing actionable security advice to BC Hydro stakeholders Accomplishments • Reducing average vulnerability remediation time by 20% • Reducing average number of unpatched systems by over 35% Show less



First West Credit Union

• Canada
• Financial Services
• 400 - 500 Employee

• Information Security Business Leader

  • Jul 2014 - Aug 2015

  Langley, British Columbia Overall Responsibilities • Leading and developing the strategic and tactical information security plans • Providing security thought leadership to CIO • Managing staff resources in security projects • Developing performance indicators relating to PCI & ISO 27001 • Delivering timely reports and metrics to executive management • Serving as representative on Credit Unions of Canada Security Group Strategic Initiatives • Forging key business relationships as IT… Show more Overall Responsibilities • Leading and developing the strategic and tactical information security plans • Providing security thought leadership to CIO • Managing staff resources in security projects • Developing performance indicators relating to PCI & ISO 27001 • Delivering timely reports and metrics to executive management • Serving as representative on Credit Unions of Canada Security Group Strategic Initiatives • Forging key business relationships as IT security business partner • Creating and overseeing security incident response framework • Delivering integrated SIEM solution Accomplishments • Forming a positive organizational security culture • Serving as a brand ambassador within the community • Appearing as “rising star” in 2014 annual company report • Reducing staff phishing click rate from 40% to 3% resulting in $25,000 in indirect yearly savings Show less



Grant Thornton LLP (US)

• United States
• Accounting
• 700 & Above Employee

• Senior Associate, Business Risk Services

  • Jan 2014 - Jul 2014

  Vancouver, Canada Area Overall Responsibilities • Performing compliance audits and gap assessments for clients • Providing proactive mitigation recommendation reports • Perform risk and threat assessment using industrial leading standards and frameworks Strategic Initiatives • Providing actionable advice to clients pertaining to data privacy practices, frameworks such as NIST, COBIT, ITIL, and ISO and compliance requirements like PCI, SOX, PIPEDA, SB-1386 • Conducting business impact… Show more Overall Responsibilities • Performing compliance audits and gap assessments for clients • Providing proactive mitigation recommendation reports • Perform risk and threat assessment using industrial leading standards and frameworks Strategic Initiatives • Providing actionable advice to clients pertaining to data privacy practices, frameworks such as NIST, COBIT, ITIL, and ISO and compliance requirements like PCI, SOX, PIPEDA, SB-1386 • Conducting business impact assessments Accomplishments • Security audit lead on major provincial security program review Show less



First West Credit Union

• Canada
• Financial Services
• 400 - 500 Employee

• Security Analyst

  • May 2012 - Jan 2014

  Langley Overall Responsibilities • Performing risk assessments on new business initiatives • Scouring the landscape for new threats to information security • Reporting on security metrics and quarterly information risks • Updating and maintaining documentation for all security controls and processes • Developing policies, processes, and procedures as it relates to IT security • Performing regular audits to ensure security controls operating as intended Strategic… Show more Overall Responsibilities • Performing risk assessments on new business initiatives • Scouring the landscape for new threats to information security • Reporting on security metrics and quarterly information risks • Updating and maintaining documentation for all security controls and processes • Developing policies, processes, and procedures as it relates to IT security • Performing regular audits to ensure security controls operating as intended Strategic Initiatives • Performing vulnerability assessments reducing risk exposure • Developing information risk assessment framework for all business projects • Recommending controls to security infrastructure to address threat landscape • Establishing mechanism for detecting and investigating breaches in security • Establishing effective security awareness program for employees and members Accomplishments • Transforming IT security function into trusted advisor role • Speaking throughout the community and engaging the public by raising security awareness Show less



TechRepublic

• Security Blogger

  • Aug 2011 - Jan 2014

  Security blogging for popular IT website TechRepublic. Writing monthly blogs on a variety of information security topics



CHC Helicopter

• United States
• Airlines and Aviation
• 700 & Above Employee

• IT Security Administrator

  • Jun 2009 - May 2012

  Richmond, British Columbia Overall Responsibilities • Developing security documentation, processes and procedures • Monitoring global security data for security incidents • Engaging Sarbanes-Oxley (SOX) auditing for system access reviews • Leading staff security awareness program Strategic Initiatives • Leading endpoint protection & web/email gateway refresh project Accomplishments • Reducing annual renewal costs by 33% as a result of global endpoint protection refresh project



BC Transmission

• Junior Security Analyst

  • May 2008 - Sep 2008

  Vancouver, Canada Assisted in preparing project plans, timelines and budget for approval Analyzed and documented business and technical requirements Developed wireless network scanning tool