Strategic & Tactical Leadership | Delivering Exceptional Outcomes with Robust Offensive Security Defensive Security and GRC SolutionsAs the Director of Cyber Security at BDO Australia, I spearhead the technical streams of our cyber security practice, specialising in areas like Security Architecture, Offensive Security, and Technical Threat and Risk Assessment. I also champion operational efficiencies within the practice, setting the strategic direction and ensuring operational excellence. My role is not just about ticking boxes; it's about aligning cyber security goals with broader business objectives. What sets me apart is my keen focus on people—leading with strong emotional intelligence and a genuine passion for enabling our team to excel in what they are passionate about. I achieve this by streamlining business tactics and operations, making it easier for us to deliver top-notch services to our clients.

Driving Operational Excellence & Business Performance | Fostering High-Performance Team Culture• Spearheaded operations & business performance for Queensland's Security, Testing & Assurance (STA) practice• Navigated complex merger, streamlining strategy and operational excellence• Unified diverse team cultures, creating a cohesive business unit focused on client satisfaction• Ensured on-time, on-budget delivery of STA projects, meeting client expectations at every stage• Managed projects throughout their lifecycle, from scoping to closeout and review• Orchestrated a national security conference for internal stakeholders• Strategically handled financial management of STA unit across Queensland• Monitored performance, optimising revenue and margin growth while maintaining targets and KPIs• Utilised performance data to proactively address concerns and capitalise on opportunities• Balanced staffing, operations, and project costs, ensuring accountability and transparency• Cultivated outcome-driven partnerships with internal and external clients• Championed professional development opportunities and innovation within the team• Effectively managed conflict and negotiated for win-win outcomes• Implemented system, process, and service improvements to boost efficiency• Developed documentation, tools, methodologies, and processes to facilitate growth• Strategised resource utilisation at a national level• Presented metrics to C-Suite executives, advising on business performance• Engaged 100+ staff with presentations on progress and future developments• Collaborated with sales, HR, R&D, and other business units to drive business development

• Delivered high-quality client experience from initial engagement through to closeout and review• Partnered with business development, resource management, application development and consulting teams• Drove quality and consistency across all functions to ensure positive client outcomes delivered with integrity• Optimised team performance through strategic resource allocation and recognition of individual skills• Developed and refined daily, weekly and monthly KPIs for each department that aligned with business objectives• Reported regularly to the CEO to advise on performance metrics• Led change in the face of a resistant work culture to improve processes and systems, increasing efficiency• Encouraged open collaboration within the organisation to facilitate better understanding and decision making• Established frameworks to increase ownership, accountability, responsibility and satisfaction of individual staff• Provided direct counsel to the CEO regarding key business objectives and acted as CEO when required

• Provided strategic advice to the CEO and Service Manager to improve business efficiencies and quality outcomes• Undertook CISO responsibilities for external clients within a CISOaaS framework• Designed and delivered training program and ongoing mentorship for junior GRC security consultants• Developed and matured suite of engagement artefacts to support improved client engagement• Developed collateral and presented to external client C-Suite members on APRA Prudential Standard CPS 234• Designed and implemented training of ISO/IES 27005 risk management principles to technical audiences• Supported senior management to make informed decisions regarding cybersecurity risk and expenditure• Led Information Security Management System (ISMS) gap assessment and security threat & risk assessment

• Led Information Security Management System (ISMS) gap assessment and security threat & risk assessment• Conducted third-party assessment as a consultant to the GRC team• Led the implementation of ISO/IES 27005 risk management framework• Developed and continually improved corporate and security-specific policies and procedures

• Drew on information security expertise to empower management teams to proactively minimise risks• Consulted with senior management and executives to advise on overall organisational strategy• Aided in the development of risk registers and risk treatment plans• Reduced core business risk through implementation of administrative, managerial and technical controls• Audited performance with respect to PCI DSS standards to identify gaps and develop remedies• Facilitated workshops with senior stakeholders to understand business priorities and risk profiles• Educated senior stakeholders to secure buy-in for major IT expenditure to reduce information security risk• Led risk awareness training for staff to meet compliance and contractual obligations, and reduce risk• Managed performance of the System Administration team consisting of local and remote resources• Designed and implemented AWS cloud infrastructure to support online finance analytics application• Incorporated WAF and public/private key encryption to ensure adequate data encryption• Proactively managed technical control systems such as firewalls, antivirus and cloud security technology• Responded to technical incidents to swiftly and effectively resolve issues• Worked across range of industries including financial services, financial technology, building certification, property investment, property development, private medical practices and NFP organisations

• Effectively led team of system administrators to perform IT maintenance tasks and deliver key projects• Consulted with vendors and third parties to design and deliver effective IT solutions• Collaborated with project stakeholders to define milestones and coordinate project delivery• Sourced high-quality, fit-for-purpose vendors and service providers• Adopted agile approach to respond to changing client requirements• Met client expectations and communicated with influence to provide strategic advice and direction• Delivered variety of projects including cloud services, network security and virtualisation• Designed multi-site SOE using Hyper V virtualisation, WYSE thin clients and MPLS WAN infrastructure• Led implementation of Ubiquity and Xirrus Enterprise Wireless networks and internet infrastructure to support up to 600 end-users in various locations across regional Queensland• Implemented BI tool to visualise IT incidents and KPI metrics, contributing to better allocation of IT expenditure