Greater Perth Area
As Head of Cyber Architecture & Advisory, I lead the strategic direction and execution of Bunnings’ enterprise cyber architecture and advisory functions. In this role, I oversee a management team responsible for: • Cyber Security Architecture & Advisory – embedding secure-by-design practices into business and technology decision-making. • Offensive Security Engineering (Penetration Testing) – proactively identifying and remediating vulnerabilities through advanced red-teaming and penetration testing. • Application Security – driving secure software development practices and embedding security across the SDLC. Operating at an executive-influencing level, I partner with senior technology and business stakeholders to align cyber strategy with enterprise objectives, ensuring that security enables innovation and resilience. Key accountabilities include: • Shaping the strategic cyber security roadmap for architecture and advisory domains. • Leading and mentoring managers to uplift leadership capability and delivery outcomes. • Providing executive-level guidance on cyber risks, controls, and emerging threats. • Influencing technology and business decisions to ensure security is embedded in strategic initiatives. • Driving a proactive, risk-based security culture across architecture and engineering practices. This role builds on my previous leadership in Cyber Architecture & Advisory, with an expanded mandate to operate at the strategic level, ensuring cyber resilience remains a core pillar of Bunnings’ technology and business transformation.
Managing and responsible for the following Cyber Security teams/areas within Bunnings: • Cyber Security Architecture & Advisory, • Offensive Engineering (Penetration Testing), • Application Security, and • Cyber Safety, Culture and Awareness
Managing and responsible for the following Cyber Security teams/areas within Bunnings: • Cyber Security Architecture & Advisory, • Offensive Engineering (Penetration Testing), • Application Security, and • Cyber Safety, Culture and Awareness Being still part of the Cyber Security leadership group, I am continuing to help build the strategic direction of our Cyber capabilities.
Responsibilities: • Provided security design and produced security architecture artefacts for required Bank initiatives including threat modelling and recommended countermeasures / mitigation controls to reduce risk. • Provide the Bank’s agile tribes and platforms with the best security practices/guidance and help ensure that they met the minimum-security requirements including the group’s security non-negotiable list. • Present to key stakeholders on various security related topics. • Provide solution architects with regular consultancy to promote a “safe, sound & secure” solution. • Help teams understand vunerability scans and penetration test findings/results. • Automate common tasks in the security space. Highlights: • Strategically involved in the secure implementation of Apple Pay, Halo Ring, and the New Payment platform.
Brought in specifically to the Cyber Response Threat team in Bankwest for the purpose to up lift their security posture by developing new standard operating procedures and building bespoke applications to help automate these new procedures. Responsibilities: • Create new standard operating procedures for the team. • Create new or improved monitoring applications such as mobile app store monitoring, vulnerability report generation, and phishing detection systems. • Mentoring of Cyber Response colleagues. • One of the lead responders on major security incidents. • Bankwest applications Subject Matter Expert for the team and wider Bankwest Cyber Security colleagues. • Automated common security tasks for other security areas when requested.
Multiple application security roles in CBA Digital Assurance West including: *Application Security Architecture *Consultancy in Application Security and the Security Development Lifecycle *Implementing Automated Application Security Testing into the SDLC pipeline *Application Security Development *Provide Developer Security Training *Penetration Testing to provide software development sprints security feedback & assurance. *Microsoft Security Development Lifecycle (SDL) subject matter expert. One of my main responsibilities has been to develop a customised version of the Microsoft SDL framework that integrates into the Bank's agile development lifecycle.
Responsible for providing best security practices and security architectural designs for new projects along with educating our development community in the latest security threats and coding preventions. Also was designing and developing internal security projects using the MEAN stack, c#.net, asp.net mvc and python.
As part of the Threat Management Team I was responsible for: * Monitor systems for potential threats including phishing, DDOS, malware, and internal incidents using our bespoke systems. * Respond to security (and sometimes non security) incidents and was one of the key players in application related incidents. * Creating Incident management procedures and input into our standard operating models. * Building bespoke monitoring systems (including anomaly detection / Phishing / Mobile App store / ATM) to help discover threats targeting the bank using Python, NodesJS, ruby on rails and c#. * Build detection rules * Evidence gathering using Forensic toolkit (FTK) and Kali/Backtrack. * Small Pen testing engagements. * Reverse Engineering Malware to improve monitoring and detection capabilities. * Liaise with our Fraud teams and law enforcement to prevent fraud. * Present to key stakeholders detailing our current threat landscape. * Help developers be security aware. Researched, designed and presented paper on automated security testing in an Enterprise Environment. * Building Web applications to help the greater security area with common tasks.
Senior application architect ensuring that all new development work was designed and developed to meet current deadlines. Was the lead designer in providing 2 Factor Authentication for customers of our Internet Banking Platform. Coded the bank's first IOS application using Objective C / Xcode.
Was responsible in designing/developing our first business "smart client" application which provided our business colleague's with a central application to deal with their day to day job. Using C# / WPF / WCF / Microsoft CAB / Oracle technologies.
Back in eCommerce to help with the design and development of the new Internet Banking Platform. Using C#/ASP.Net to build our web application. This application is still used today.
Helped rewrite the bank's teller application to support the branch network. Using ASP and VB 5