Optimised the $2M department budget by controlling resources, focusing on initiatives that offer the most ROI to the business, and adopting agile methodologies to reduce administrative costs.Maximised the use of 10 staff under leadership and elevated their job satisfaction by tailoring test plans and scopes to the team's competencies and addressing skill development gaps for cyber security assessment of systems.Elevated the company's competitiveness, credibility and trustworthiness in the market by achieving the ISO 17025 Laboratory Quality accreditation and scope to perform Common Criteria assessments, enabling the business to win 4 successful hardware and software evaluations, valued at $800K.Reduced the risk of data breaches by auditing, implementing robust information protection strategies to safeguard company data and assessing ISO 27001 governance, inclusive of a hybrid on-premises/Microsoft Azure system.Enhanced the organization's cyber governance framework to meet regulatory compliance and standards by achieving ISO 27001 accreditation for Viden from SAI Global as part of a wider ISO 9001/Five Ticks program of quality assurance.Ensured robust technology governance that improved security infrastructure across the organization through standardised processes, terms of reference, key performance indicators and governance framework for technical oversight committees, ensuring clear accountability and transparency.Prevented counterfeit electronics and delivered software assurance as a unique selling point, leveraging experience with SAE International's 6171 Counterfeit Prevention & Detection Standards.Leveraged negotiation skills in discussions with software providers, resulting in significant cost savings and improved service agreements for VMWare, Azure, Fortinet and Microsoft services.Mitigated cybersecurity risks and enhanced security posture as an IRAP assessor on Defence projects.

Technical Director for Viden Labs -- a cybersecurity assurance and evaluation lab with a focus on cyberworthiness for national security for hardware, IoT, Cloud and other software systems.

Spearheaded a comprehensive team building initiative that resulted in improved collaboration and productivity across the organisation and throughput to 70 systems per year.Led implementation of comprehensive conflict resolution strategies to address interdepartmental issues, creating a common risk assessment picture for these areas and improving overall operational efficiency including forums for developers, capability managers and system owners.Acted as the lead IRAP assessor for an air domain project, effectively communicating cybersecurity risks and developing actionable plans.Ensured Defence projects met ISM, PSPF, NIST, PCI, CNSSI, and ISO 27001 standards by providing clarity regarding policy interpretation and application as a Subject Matter Expertise (SME).Managed and performed regular internal audits to enhance system security and technology efficiency using ISM guidelines to military platforms and supporting infrastructure and enhancing security and compliance.Introduced a DevSecOps and Accreditation Framework, automated processes, and integrated security practices into the development lifecycle, thereby enhancing agility and reducing the risk of vulnerabilities through continuous assessment of systems.Future-proofed defence systems as a Cloud Security Architecture Consultant by guiding the development of secure cloud infrastructures in Azure and Amazon Web Services (AWS).Identified and addressed system vulnerabilities, crucial for maintaining robust security measures using Nessus Vulnerability Scanner, SonarQube, ArcSight Kali Linux, Wireshark and other security tools.Assisted senior management in understanding the Enterprise Risk Management Framework, ISO 31000 : 2018 and NIST RMF standards to act on security risks, inform policy and formulate future plans.

Interpreted cybersecurity and information security standards and frameworks, such as NIST Cyber Security Framework, ASD Top 35 and Essential Eight, PSPF, Australian Government Information Security Manual, ISO/IEC 27001, Cloud Security Alliance Guidance, and Australian Privacy Principles.Developed cloud security proficiency in SANS SEC 545 Cloud Security Architecture and Operations to neable evaluation of Amazon Web Services (AWS) and Microsoft Azure systems.Conducted privacy principle assessments of ADF user data, aligning with Australian Privacy Principles.Utilized strong presentation skills and written skills to deliver clear and concise cybersecurity advancements and challenges to non-technical stakeholders in the ADF.Established Risk Acceptance and Plan of Action and Milestone (POAM) Frameworks to systematically manage risks, ensuring that security issues are identified, tracked, assessed, and resolved appropriately.Consistently demonstrated flexibility in adapting to new technologies, leading teams towards meeting evolving industry standards and business needs accross a range of technologies.Enhanced security assurance and compliance with relevant standards by assessing IT security risk and providing leadership on IT security and major capability projects.Advanced national security and cyber defences by engaging in inter-agency collaboration, exchanging IT security practices, and gaining mutual respect among IT Security Advisers from different agencies.Demonstrated deep expertise in Information Security Manual Controls, leading to the effective application and detailing of robust security practices.Improved defence mechanisms against cyber threats and met strict compliance with high standards and protocols, using Information Security Manual controls in sensitive government operations.