Experience & Background

Profile

Senior cybersecurity and cloud security leader with over 25 years’ experience across incident response, security architecture, and risk management in financial services, government, and large-scale cloud environments. Most recently led a regional customer incident response team for a global cloud provider, managing critical security events for enterprise and public sector customers across the Asia–Pacific and Japan region. Proven record building high-performing teams, designing security programs aligned to business objectives, and communicating complex technical risk to executives and boards. Regular conference speaker and workshop facilitator in the incident response and cloud security community.

Career Highlights

  • Built and led a regional cloud incident response team of nine, delivering 24/7 coverage for enterprise customers across more than 30 countries.
  • Managed high-severity security incidents for large enterprise and government customers, including APT, ransomware, and large-scale cloud account compromises.
  • Founded and grew a boutique cybersecurity consultancy delivering security architecture, incident response, and governance services to enterprise and critical infrastructure clients.
  • Designed enterprise security architectures using recognised frameworks, improving risk posture and compliance for defence, healthcare, mining, and financial services organisations.
  • Regularly present at national and international cybersecurity conferences on cloud incident response, threat intelligence, and security architecture.

Focus Areas

  • Cloud and infrastructure security (AWS-centric architectures, landing zones, Zero Trust, hybrid environments).
  • Incident response and digital forensics for cloud and enterprise environments, including threat hunting and malware analysis.
  • Enterprise security architecture using frameworks such as SABSA, NIST CSF, ISO 27001, and Australian Government ISM/Essential Eight.
  • Security operations design (SOC capabilities, SIEM, SOAR, EDR, vulnerability management, security metrics and KPIs).
  • Identity and access management at scale, including privileged access management and Zero Trust identity patterns.
  • Risk management and governance, including board-level reporting and security program development.

Recent Roles

Regional Incident Response Leader – Cloud Provider

  • Led a regional customer incident response team covering a broad geography and multiple time zones.
  • Directed incident handling for major enterprise and government customers during active breaches, coordinating engineering, legal, communications, and executive stakeholders.
  • Contained and investigated sophisticated threat actors across multi-account, multi-region cloud environments, including APT and ransomware campaigns.
  • Developed and refined cloud-native incident response playbooks and runbooks, significantly reducing mean time to respond for common incident types.
  • Delivered 50+ security incident response workshops and readiness exercises for enterprise customers, improving preparedness and response capability.
  • Provided concise executive briefings during high-impact incidents and contributed field insights into future cloud security service roadmaps.

Principal Consultant & Founder – Cybersecurity Consultancy

  • Established and ran a boutique consultancy delivering security architecture, incident response, and security strategy services to enterprise and critical infrastructure clients.
  • Designed and implemented enterprise security architectures for healthcare, mining, and defence-related customers using structured methodologies.
  • Conducted rapid incident response engagements, including forensic investigations and remediation planning for significant security events.
  • Advised boards and executive teams on security strategy, risk, and investment priorities, aligning technical programs with organisational objectives.

Technical & Pre-Sales Leadership – Security Vendor

  • Led a regional pre-sales engineering team for an application and data security vendor while maintaining an individual sales quota.
  • Designed complex security solutions for major financial services, government, and telecommunications organisations, including large insider-threat and data protection deployments.
  • Delivered technical workshops, proofs of concept, and executive presentations, and supported customers through deployment and adoption.

Selected Expertise

Cloud & Infrastructure Security

  • Cloud security architecture (landing zones, network segmentation, logging and monitoring, security services integration).
  • Cloud security posture management, container and Kubernetes security, and serverless application protection.
  • Infrastructure as Code security for common stacks (e.g. Terraform, CloudFormation) and DevSecOps integration in CI/CD pipelines.

Incident Response & Threat Management

  • Cloud-focused incident response and forensics, including large-scale log analysis and evidence collection.
  • Threat intelligence analysis and alignment to frameworks such as MITRE ATT&CK.
  • Threat hunting, malware analysis, and proactive defence in complex enterprise environments.

Security Architecture & Governance

  • Enterprise security architecture using SABSA and other structured approaches for defence, financial services, and critical infrastructure.
  • Zero Trust architecture design for cloud and hybrid environments.
  • Security governance, design review boards, security standards, and architecture guardrails.

Identity, Risk & Compliance

  • Enterprise identity and access management, including federation, SSO, MFA, and privileged access patterns.
  • Risk assessment and management aligned to ISO 31000 and NIST risk frameworks.
  • Experience with control frameworks and standards including NIST CSF, ISO 27001, Australian Government ISM/PSPF, Essential Eight, PCI-DSS, and SOC 2.

Education & Professional Development

  • Postgraduate degree in Information Technology with a focus on business process management.
  • Multiple advanced security and cloud certifications (architecture, security management, and cloud security specialisations).
  • Graduate of a recognised company director / governance program, with experience reporting to and advising boards and executive risk committees.

Community & Thought Leadership

  • Regular speaker and panelist at regional and international cybersecurity conferences on topics such as cloud incident response, threat intelligence, and security architecture.
  • Facilitator of hands-on incident response workshops and tabletop exercises for enterprise teams across the Asia–Pacific region.
  • Active participant in professional security associations and industry forums.

For speaking, advisory, or consulting enquiries, please use the contact form on this site. A detailed CV with references and additional background is available on request.

securitycloudincident-responsearchitecture