I'm an IT Security Specialist with over 20 years of experience focused on keeping tech environments safe, including work on AWS Cloud, and ensuring both applications and infrastructure are secure. My background includes managing application support, overseeing system administration, planning for disaster recovery, and taking proactive steps to prevent outages, all to keep systems running smoothly. I'm adept at approving secure app designs, minimising technical risks, and upgrading systems securely. I also create secure application guides, analyze technical incidents in detail, and assess risks to make sure new technologies are safely introduced. Beyond technical skills, I have lead security teams, handle executive meetings, mentor junior staff, and deliver projects on time, prioritizing security and risk management at every step.
As a seasoned Security Consultant with the Department of Internal Affairs, my expertise encompasses identifying and mitigating vulnerabilities across diverse systems through in-depth assessments of existing security measures. I adeptly navigate both physical and cyber security landscapes, pinpointing threats and formulating robust strategies for enhanced protection. My role involves aligning with key security frameworks and standards (SASBA, NZISM, NIST) to ensure regulatory compliance and bolster security postures. I facilitate businesses in vendor onboarding in compliance with the GCDO 105 process and offer specialised consulting and advisory services, including certification and accreditation processes, vendor interactions, and security-focused architectural design reviews.
I contribute significantly to architectural planning, support Business Continuity and Disaster Recovery planning, and identify and prioritise High-Risk High-Value assets for timely certification and project delivery. My efforts are crucial in integrating log data with Security Information and Event Management (SIEM) systems for operational security enhancements, safeguarding organisational assets, data, and personnel against security threats through strategic and comprehensive measures.
In my role as a Senior Security Consultant at Grant Thornton NZ, my contributions were critical in the provision of comprehensive cybersecurity services, including penetration testing, rigorous compliance certification audits, and in-depth strategic IT health evaluations for a varied portfolio of clients, spanning both the private and public sectors. My experience facilitated the navigation of complex regulatory landscapes, employing SOC 2 Type 1 and Type 2, ISAE 3402, and PCI DSS assessments, underpinned by an understanding of NZISM and NIST standards to maintain unparalleled security integrity. I led the charge in orchestrating Certifications and Accreditations (C&A), executing meticulous security architectural reviews, and formulating bespoke in-house security training initiatives. My efforts in risk assessment and procedural refinement were instrumental in forging strategic alliances with external security vendors. Additionally, my guidance enabled clients to significantly advance their cybersecurity frameworks through the application of Forrester Maturity Frameworks, thus delivering secure, compliant, and anticipatory security solutions.
Within the dynamic IT Security Team at Silverstripe, my role as an IT Security Analyst was pivotal, collaborating directly with the Chief Information Security Officer (CISO) to architect and implement robust security measures safeguarding our organisation's IT infrastructure. This includes the protection of networks, hardware, and software against cyber threats, thereby enabling a secure, collaborative, and efficient information security environment. This role positions me at the heart of Silverstripe's security initiatives, where my expertise not only contributed to the protection and resilience of the IT environment but also empowered our teams to develop and maintain secure solutions, reinforcing our commitment to cybersecurity excellence.
In my role as a Senior Support Engineer within the Platform Support team, I provided both first and second level support to a wide range of clients, encompassing internal and external customers. Tasked with handling a high volume of work, my focus remained steadfast on achieving outstanding customer satisfaction through quality service and rapid response times. My responsibilities were multifaceted, including operational and technical support to platform clients, bespoke teams, as well as CWP and SSP support, facilitated through the proficient use of helpdesk systems such as Freshservice and Mantis. This role demanded versatility, offering 24/7 support on a scheduled roster, addressing a spectrum of client requests ranging from bug fixes, setup requests, and troubleshooting, to general maintenance, security issues, migrations, minor enhancements, and support for clients' development teams. I prioritised issue resolution in accordance with urgency and importance, actively contributed to the release activities of the Silverstripe product, and efficiently managed pull requests, ensuring rigorous testing and QA processes were followed. Additionally, I played an active role in process improvement within the wider Platform Squad, aiming to enhance platform operations, identifying automation opportunities, and supporting the integration of new team members, all towards elevating the team's performance and service excellence.
The role involves being part of the Platform Support Squad and covers most customer support interactions, as well as Application and Infrastructure support. In the role, I respond to a high volume of work with a focus on high customer support & satisfaction. This involves building key relationships with various internal and external customers, as listed below:
In my role at Standard Bank as a Senior IT Security Operations Engineer, I was responsible for the comprehensive support and management of risk and security applications critical to the IT operations. This entailed a deep understanding of both the business processes these applications facilitated and the underlying technologies they utilised, such as server management, application software, and infrastructure.
This role allowed me to blend technical expertise with strategic foresight, contributing significantly to the bank's security posture and operational excellence.
Secured over NZ$ 5 354 000 by maintaining systems and ensuring availability to avoid customer fraud taking place on security applications for internet banking and mobile banking and resolved a new application problem with one of the major retailers and retained to the client with high monetary/transaction value.