Ashlee Naidoo

As a seasoned Security Consultant with the Department of Internal Affairs, my expertise encompasses identifying and mitigating vulnerabilities across diverse systems through in-depth assessments of existing security measures. I adeptly navigate both physical and cyber security landscapes, pinpointing threats and formulating robust strategies for enhanced protection. My role involves aligning with key security frameworks and standards (SASBA, NZISM, NIST) to ensure regulatory compliance and bolster security postures. I facilitate businesses in vendor onboarding in compliance with the GCDO 105 process and offer specialised consulting and advisory services, including certification and accreditation processes, vendor interactions, and security-focused architectural design reviews.

I contribute significantly to architectural planning, support Business Continuity and Disaster Recovery planning, and identify and prioritise High-Risk High-Value assets for timely certification and project delivery. My efforts are crucial in integrating log data with Security Information and Event Management (SIEM) systems for operational security enhancements, safeguarding organisational assets, data, and personnel against security threats through strategic and comprehensive measures.

In my role as a Senior Security Consultant at Grant Thornton NZ, my contributions were critical in the provision of comprehensive cybersecurity services, including penetration testing, rigorous compliance certification audits, and in-depth strategic IT health evaluations for a varied portfolio of clients, spanning both the private and public sectors. My experience facilitated the navigation of complex regulatory landscapes, employing SOC 2 Type 1 and Type 2, ISAE 3402, and PCI DSS assessments, underpinned by an understanding of NZISM and NIST standards to maintain unparalleled security integrity. I led the charge in orchestrating Certifications and Accreditations (C&A), executing meticulous security architectural reviews, and formulating bespoke in-house security training initiatives. My efforts in risk assessment and procedural refinement were instrumental in forging strategic alliances with external security vendors. Additionally, my guidance enabled clients to significantly advance their cybersecurity frameworks through the application of Forrester Maturity Frameworks, thus delivering secure, compliant, and anticipatory security solutions.

Within the dynamic IT Security Team at Silverstripe, my role as an IT Security Analyst was pivotal, collaborating directly with the Chief Information Security Officer (CISO) to architect and implement robust security measures safeguarding our organisation's IT infrastructure. This includes the protection of networks, hardware, and software against cyber threats, thereby enabling a secure, collaborative, and efficient information security environment. This role positions me at the heart of Silverstripe's security initiatives, where my expertise not only contributed to the protection and resilience of the IT environment but also empowered our teams to develop and maintain secure solutions, reinforcing our commitment to cybersecurity excellence.

In my role as a Senior Support Engineer within the Platform Support team, I provided both first and second level support to a wide range of clients, encompassing internal and external customers. Tasked with handling a high volume of work, my focus remained steadfast on achieving outstanding customer satisfaction through quality service and rapid response times. My responsibilities were multifaceted, including operational and technical support to platform clients, bespoke teams, as well as CWP and SSP support, facilitated through the proficient use of helpdesk systems such as Freshservice and Mantis. This role demanded versatility, offering 24/7 support on a scheduled roster, addressing a spectrum of client requests ranging from bug fixes, setup requests, and troubleshooting, to general maintenance, security issues, migrations, minor enhancements, and support for clients' development teams. I prioritised issue resolution in accordance with urgency and importance, actively contributed to the release activities of the Silverstripe product, and efficiently managed pull requests, ensuring rigorous testing and QA processes were followed. Additionally, I played an active role in process improvement within the wider Platform Squad, aiming to enhance platform operations, identifying automation opportunities, and supporting the integration of new team members, all towards elevating the team's performance and service excellence.

The role involves being part of the Platform Support Squad and covers most customer support interactions, as well as Application and Infrastructure support. In the role, I respond to a high volume of work with a focus on high customer support & satisfaction. This involves building key relationships with various internal and external customers, as listed below:

• Product Development Squad
• Product Owner
• Solution Architects & Service Delivery Team
• Common Web Platform clients (various New Zealand Government departments including DIA)
• Silverstripe Platform clients (Local New Zealand and International clients, including ISPs) & Silverstripe partners

In my role at Standard Bank as a Senior IT Security Operations Engineer, I was responsible for the comprehensive support and management of risk and security applications critical to the IT operations. This entailed a deep understanding of both the business processes these applications facilitated and the underlying technologies they utilised, such as server management, application software, and infrastructure.

This role allowed me to blend technical expertise with strategic foresight, contributing significantly to the bank's security posture and operational excellence.