About
I am an information security specialist with over 15 years of experience delivering security governance, assurance, and technical outcomes within large, highly regulated environments.
My background spans enterprise ICT operations, security architecture, and cyber security governance across the Queensland Government and public health sector. This experience informs a pragmatic, risk-based approach that balances security obligations with service delivery needs.
Approach
My approach to information security is grounded in established standards, clear accountability, and proportional risk treatment. I focus on helping organisations operationalise security requirements rather than treating compliance as a purely documentary exercise.
- Risk-based decision making aligned with organisational context
- Clear, defensible governance and accountability models
- Security controls designed to be practical and sustainable
- Plain-language communication with technical and non-technical stakeholders
Engagements are collaborative and outcome-focused, with an emphasis on enabling delivery while maintaining appropriate security assurance.
Standards and Frameworks
I have extensive experience working within and aligning to the following:
- ISO/IEC 27001
- Australian Government Essential Eight
- Queensland Government IS18 and related policies
- Enterprise and solution architecture frameworks