Harold is an information security lead with over 17 years of experience in cyber security governance - risk and compliance (GRC) in the banking and health insurance industry. Harold has worked as both internal and external cyber security advisor to companies in Australia, Qatar and India.His areas of expertise are :1. Security frameworks and standards (NIST CSF, ISO 27001, PCI DSS, ASD E8) 2. Security controls uplift and program management2. Cyber risk advisory & consulting4. Security design and review5. Audit and compliance managementHarold is also knowledgable across multiple security solutions and tooling including SIEM, IAM, DLP, EDR and more. Harold demonstrates strong stakeholder management and effective enterprise business advisory and consulting skills recognised by current and former managers, coworkers and clients.
-
Cyber Threat HunterMedibankMelbourne, Vic, Au
-
Cyber Security SpecialistMedibank Jan 2024 - PresentVictoria, Au
-
Security Advisor - Grc & ConsultingMedibank May 2020 - PresentVictoria, AuLeading multiple security assurance engagements including - 1. APRA CPS 234 compliance program and tripartite audit2. PCI DSS Compliance Program and Certification Audit3. Annual ITGC (Information Security Controls) audits3. Multiple internal audits4. Controls effectiveness testing program (CAP)Also leading :1. Development / refresh -update and maintenance of the security controls framework and management of the risk, controls, actions and obligations register.2. Security GRC engagement for multiple business initiatives including new client acquisition, M&A, business and technology solution implementation and more.3. Security governance and oversight of critical technology process and systems.4. Development of security incident response documentation framework.
-
Senior Grc Information Security AdvisorTrustwave Apr 2019 - Apr 2020Chicago, Illinois, UsDelivered multiple security advisory and consulting projects including ISO 27001 and NIST CSF aligned cyber security uplift programs,, security audits and more. -
Senior Grc Information Security AdvisorHivint, Now Part Of Trustwave Nov 2018 - Mar 2019Melbourne, Vic, AuDelivered multiple security advisory and consulting projects including ISO 27001 and NIST CSF aligned cyber security uplift programs,, security audits and more. -
Senior Information Security Risk Development AnalystQnb Group Nov 2016 - Aug 2018Doha, QaResponsible for oversight and coordination of the Information Security - Governance, Risk and Compliance program within QNB Group. Establish policies - standards - procedures and controls to assure compliance with applicable regulatory and legal requirements as well as global standards like ISO 27001 & PCI DSS. Promote and enhance enterprise IS Security awareness program. Maintain expertise on security trends through research and development in order tomitigate potential security exposures. Provide analytical support to key stakeholders regarding GRC metrics, reporting, and special projects. -
Senior Information Security SpecialistQnb Group Mar 2012 - Oct 2016Doha, QaResponsible for continuous enhancement of the QNB Group cyber risk management function. Other tasks include - development of security strategies, policies/standards, advise on embedding security and risk management in projects, development and implementation of robust data protection program, threat and vulnerability management, security product implementation, audit and compliance management, incident response, security operations, security awareness and training.
-
Project Manager & Senior Security ConsultantPaladion (Qatar National Bank) May 2008 - Feb 2012Perform risk management activities to reduce residual risks associated with IT systems and business processes . Perform security reviews and assessments to review control effectiveness and compliance to regulations and best practices. Coordinate 3rd party vulnerability scanning and penetration testing program. Lead the ISO 27001:2005 certification and the PCI DSS compliance program.
-
Senior Security ConsultantPaladion Apr 2005 - May 2008Reston, Virginia, UsExecute ISO 27001:2005 compliance and certification programs for clients in the financial services vertical. Conduct security assessment and threat - vulnerability management activities. Conduct information security audits. Deliver information security training and awareness.
Harold B Education Details
-
Pune Institute Of Computer TechnologyComputer Engineering
Frequently Asked Questions about Harold B
What company does Harold B work for?
Harold B works for Medibank
What is Harold B's role at the current company?
Harold B's current role is Cyber Threat Hunter.
What schools did Harold B attend?
Harold B attended Pune Institute Of Computer Technology.
Who are Harold B's colleagues?
Harold B's colleagues are Ben Bucknall, Natalie Holden, John Lopez, Sandy Amarasinghe, Nicholas Hoefken-Thomas, Jennifer Burgess, Amar Chamtieh.
Free Chrome Extension
Find emails, phones & company data instantly
Aero Online
Your AI prospecting assistant
Select data to include:
0 records × $0.02 per record
Download 750 million emails and 100 million phone numbers
Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.
Start your free trial