This role was the inaugural Information Security position for the Anglican Diocese of Canberra and Goulburn's shared services unit. The ADS has existed since 2012 and in 2023 began a significant overhaul of their IT systems and architecture to bring them into line with modern standards. The environments managed by ADS supported about 1550 fulltime employees and 8000 students. • Designed and implemented a comprehensive information security program from a greenfield state across the Diocese, covering 9 schools, 52 parishes, Anglicare NSW West, South, and ACT, and the Anglican Investment and Development Fund (AIDF) with over $200 Million assets under management. • Established governance, risk, and compliance frameworks aligned to ISO 27001, CPS234, ACSC Essential 8, and NIST CSF 2.0. • Conduced the majority of the Security operational tasks such as investigations, remediating planning, vulnerability management, risk assessments, etc. • Developed enterprise - wide security strategy, policy frameworks, and training programs to uplift cyber maturity. • Managed the cybersecurity insurance process and questionnaires. • Directly accountable for security reporting to the multiple executive boards and committees, translating technical risks into strategic decisions. • Oversaw delivery of multiple significant cybersecurity projects, completely revamping operational resilience, and improving organisational security awareness.

• Led teams delivering cybersecurity governance, risk, and compliance (GRC), and technical security evaluation engagements for federal and state government clients, and defence industry including projects over $300 million in value. • Personally conducted the assessment and recommendation on a technical solution for a Federal Government customer authorising an expenditure over $8 million AUD. • Delivered key Essential 8 adoption strategic work for a government client, allowing a measurable uplift in compliance and cyber resilience to be completed faster than initially anticipated. • Advised senior executives on security risk management, compliance, and security transformation initiatives. • Coached and mentored junior consultants, strengthening capability across the practice. • Played a key role in business development activities, including contributing to bids and proposals and identifying new opportunities of values between $100,000 and $5,000,000, within client accounts to support practice growth.

• Designed validation programs ensuring compliance with maturity frameworks, reducing industry cyber exposure. • Directed an industry cyber uplift program, raising maturity across critical infrastructure providers. • Developed initial implementation guides for ACSC Essential 8 and US DoE C2M2 models to be used as part of the Critical Infrastructure Uplift Program.

• Delivered solution design and analysis for enterprise security programs. • Architected security frameworks and SIEM deployments, strengthening detection and response capability. • Supported pre - sales engagements, translating technical requirements into business proposals. • Supported customer security systems to adjust to changing threat landscapes.