Paul D.

Primary responsibilities: Established overall information security strategy. Established and now lead a comprehensive information security program as part of the overall information security strategy. Ensuring alignment with industry best practices, compliance to ISO27001 and other regulatory requirements, all while working with other departments within the organisation to succeed. Built, implemented and continuously improve a robust incident response strategy, preparing for the successful resolution of security incidents while minimizing business disruption. Drive ongoing improvement initiatives in the blue team, red team and the infosec technical team. Manage a strong data governance framework by continuously ensuring the integrity, confidentiality, and availability of data. This includes establishing data classification processes, ensuring robust data access controls, and ensuring compliance with data protection regulations. Review and verify secure network infrastructure, including firewalls, intrusion detection/prevention systems, attack surface management, threat intelligence and data encryption solutions.

Primary responsibilities included: Acting as the virtual CISO for various ASX and other key customers. Considered the Subject Matter Expert, providing guidance and leadership to MDR and GRC teams. Providing Cyber strategy and resilience advice to customers. Principle risk and compliance consultant and advisor for internal teams. Considered the Subject Matter Expert for ISO27001 and NIST assessments and other internal audits. Providing Data Privacy consultation for customers. Part of the StickmanCyber Incident Response Team. Ensuring quality delivery across all GRC, Defensive and Offensive Test team projects.

Tasked with driving Cybersecurity innovation and consultation to existing and new customers. Drove SOC managed services operation and management, development and integration of cybersecurity and risk assessment tool sets into current cloud operations, and strategic direction for cyber operations to customers. Other tasks include: Pre-Sales activities. White Hat testing. Technical account management. Cybersecurity professional services and support.

Appointed to drive pre-sales technical tasks for opportunities such as providing proof of concept for vendor solutions, RFI's, technical enablement and presentations. Responsibilities also included: S.W.O.T Vendor Analysis, identifying cutting edge security technologies to add to the solutions portfolio. Providing leadership to the professional services arm, including technical deployments on all vendor offerings, including SIEM, PAM and IDAM deployments as well as system analysis and deployment reviews. Provided network security architectural expertise and knowledge to the entire internal business, as well as partners to leverage.

Initially arrived at Rayan as a contracted ISO27001 security systems auditor and architect. Was later requested by the RIA board to lead the IT team, be responsible for all related technology projects, and provide direction to align IT with business needs and goals. IT functions included an enterprise wide cybersecurity upgrade and integration, managing a Sage Evolution ERP project, introducing a virtualised infrastructure, introducing certain cloud solutions, improving network management and introducing security compliance.

Led the VSS Technologies security subsidiary (Aalto) as a whole and led a small team of on-site security consultants. Managed various virtual infrastructure projects, drove cloud solutions, and delivered all operational security specialisation to clients using Cyberoam, Juniper, and other solutions. Used the ISO27001 standard as a base for all client audit assessment projects. Delivered all pre sales security engineering and architectural designs.

On-site technical level 1 consultation and support. Hardware installation and support. Novell support. Network infrastructure installation and support. Goldreef Accounting technical support.

Desktop support. Specialised digitizing software support.