Program Lead - Cyber Hubs

• Oct 2022 - Present

Establish and implement the Victorian Government Cyber Hubs Program including the first Cyber Defence Centre. Establish and implement the Victorian Government Cyber Hubs Program including the first Cyber Defence Centre.

Emergency Services Sector CISO

• Aug 2020 - Oct 2022

Cyber Security Specialist

• Mar 2020 - Aug 2020

Assisting with the development of the Victorian Government Cyber Safety Strategy 2020.

Chief Information Security Officer

• Apr 2019 - Mar 2020

I will be setting the Cybersecurity Strategy and vision for CenITex, with learnings from the health sector. I will be setting the Cybersecurity Strategy and vision for CenITex, with learnings from the health sector.

Health Chief Information Security Officer

• Apr 2019 - Jan 2020

My role is to implement the Vic Health Cybersecurity Uplift Strategy to all public health services in Victoria. This includes deploying health sector-wide cybersecurity solutions to significantly enhance current capabilities in cyber resilience. I am also monitoring health services to ensure their adherence to industry level baseline controls, maintaining an incident management framework and assisting in cybersecurity incidents. To ensure the health sector maintains a strong cyber presence, I will be looking for innovative ways to simplify and enhance cybersecurity. Show less

Manager, Health Sector Cybersecurity

• Jul 2018 - Apr 2019

I am currently deploying health sector-wide cybersecurity solutions to significantly enhance current capabilities in cyber resilience. I am also monitoring health services to ensure their adherence to industry level baseline controls, maintaining an incident management framework and assisting in cybersecurity incidents. To ensure the health sector maintains a strong cyber presence, I will be looking for innovative ways to simplify and enhance cybersecurity.

Cyber Security Program Manager

• Jun 2017 - Jun 2018

I am currently setting the strategic cybersecurity direction for the health sector with a view to increasing the overall maturity. I am also initiating and monitoring reviews of health services to ensure their adherence to industry level baseline controls, establishing an incident management framework and assisting in cybersecurity incidents. To ensure the health sector maintains a strong cyber presence, I will be identifying emerging trends in cybersecurity for improvement such as biomedical device security. Show less

Manager

• Jul 2016 - Jun 2017

Undertook a range of IT and Cyber Security related engagements within the Victorian public sector, utilising the VPDSF and VPDSS as a compliance framework, as well as other frameworks such as NIST for private sector companies. Previous work has included the following: - Seconded to a Victorian State Department as Performance and Data Manager with IT Audit and Data Analytics responsibilities - IT Security audit for a Victorian State Department - Oracle Financials Security and Data Analytics audit for a Victorian State Department - Project Assurance review of the implementation of the VPDSS for a Victorian State Department - Data Governance advisory review at a NSW travel and tourism provider - Cyber Security and Privacy Risk Assessment at a not-for-profit organisation. - Data Governance and Stewardship Project for a Government Agency - Information Security Audit for a Healthcare Provider - Wireless Vulnerability Assessment for an Arts Centre. Show less

Senior IM&T Auditor

• Mar 2014 - Jul 2016

Promoted to Senior IM&T Auditor from Assistant Senior IM&T Auditor. Extended areas of audit into Mobile Device Management, Remote Access, IT Procurement, IT Risk Management and Electronic Document Management security reviews.I also undertook a range of Project Management reviews for large scale and complex IT system implementations such as PAS / EPR Projects, Knowledge Management Systems, Transformational Projects and Social Media Projects. We also use in-house developed automated scripts for a range of continuous testing style audits.The not-for-profit Digital Forensics service includes all stages from equipment seizure and image acquisition through to analysis and detailed reporting using the latest forensic tools.I also administered the organisational website and custom built knowledge centre "eShare" as well as write technical articles, blogs an documents for publication. Audit North is on Twitter @AuditNorth and Facebook www.facebook.co.uk/auditnorth. Show less

Assistant Senior IM&T Auditor

• Sep 2011 - Mar 2014

Assistant Senior IM&T Auditor providing specialist assurance services to a wide range of public sector clients mainly based around Northern England, following NHS, ISACA and Government Internal Audit standards.Our flagship IT audits include Firewall review, Active Directory, Wireless Networking, Server Virtualisation, Network Architecture and Web Filtering and involve deep technical inspection of systems, review of configuration and management procedures.Our non-for-profit Digital Forensics service includes all stages from equipment seizure and image acquisition through to analysis and detailed reporting using the latest forensic tools.Other common tasks involve planning & scheduling, ToR production, fieldwork, client liasion, report production, reviewing auditors work, consultancy as well as advising and managing clients on best practice.Areas covered include IT general controls, IT Strategy, IT Risk Management, ISO27001/2 assessments, COBIT based assessments, Information Governance, Project assurance, Asset Management, Software Asset Management, Service Level Management, Network Security and audit automation. Show less

IM&T Auditor

• Sep 2009 - Sep 2011

Undertook IT audits inline with NHS, ISACA and COBIT standards using a risk based methodology for NHS clients. These included IT Risk Management, Registration Authority, Information Governance, ISO 27001, Security of Wireless LAN, Disaster Recovery and Business Continuity, NIMM Assessment and IT Purchasing Arrangements. I also performed a large integration consultancy project for two large NHS Trusts in the South involving 15 different clinical systems integration. I was involved with the planning and organisation of the audits including client liasion and report reviewing. Whilst at CEAC I developed an IT Strategy for the whole organisation utilising Cloud Computing technology with an emphasis on cost savings and operational efficiencies. Show less

Senior Midshipman

• Sep 2005 - Sep 2007

One of 14 University Royal Naval Units, Oxford URNU recruits from Oxford, Reading and Oxford Brookes Universities. Members of the unit undergo shore-based training at weekly drill-nights held in Falklands House in Oxford. Sea-training takes place at weekends during term time and during Easter and Summer deployments. Students also have opportunities to spend time on larger Royal Navy warships and naval bases, to participate in adventurous training and to gain RYA qualifications. The aim of the URNU (University Royal Naval Unit) is to broaden Naval understanding and develop undergraduates who show the potential to become the leaders of tomorrow, through maritime experience and exposure to the values and ethos of the Royal Navy. Show less