In my role with MyDeal, I led cybersecurity strategy, ensuring secure access for sellers and safeguarding customer data. I oversaw the implementation of security controls for major projects, including the launch of Woolworths MarketPlus, and managed MyDeal's cyber risk portfolio, conducting assessments and developing remediation roadmaps. My responsibilities included cloud security management (AWS and GCP), penetration testing, privacy compliance, and third-party risk management.

At Defence Bank, a member-owned institution serving the Australian Defence Force, I led the creation and implementation of the Information Security program from the ground up. My role encompassed strategic leadership, governance, risk management, and compliance within an APRA-regulated environment. Under my leadership, we achieved excellence, culminating in the 'APEX Team of the Year' award in 2022.Key Responsibilities and Achievements:Strategic Leadership:Developed and executed the bank's first Information Security strategy, setting a clear vision and roadmap for a strong security posture.Established and led the Information Security Governance Committee, enhancing risk oversight at the executive level.Governance & Compliance:Achieved CPS234 compliance through a comprehensive information security program, showcasing expertise in industry standards.Developed the Information Security Management Framework (ISMF) based on ISO 27001, NIST CSF, and other best practices.Cyber Risk Management:Introduced cyber risk management processes aligned with ISO 31000 and SCF-RMM, fostering a culture of proactive risk awareness.Control Development & Implementation:Designed and implemented key controls, including SIEM and MDR solutions, boosting threat detection and response capabilities.Developed and operationalised the Information Security Incident Response Plan, ensuring readiness for potential incidents.Team Building & Development:Built a high-performing team of cybersecurity analysts across technical and GRC-focused roles, cultivating a culture of excellence.Launched training programs, phishing simulations, and incident response exercises to continuously fortify the bank’s security posture.Vendor & Supply Chain Assurance:Cultivated strategic vendor relationships, ensuring supply chain security through regular assurance processes.Strategic Planning:Developed roadmaps to elevate security maturity, aligning with regulations such as APP, PCI-DSS, and CPS234.