Specialising in GRC & Third Party Risk Management (TPRM)
👤 Professional Summary
I am a cybersecurity professional with over 11 years of experience specializing in Governance, Risk, and Compliance (GRC) and Third Party Risk Management (TPRM), currently based in Canberra. I hold a strong foundation in information security management, backed by CISSP, CCSP, CISM, ISO/IEC 27001 (ISMS), and ISO/IEC 42001 (AIMS) certifications. My core experience lies in conducting compliance audits, managing third party risk, and translating complex security requirements into clear strategies for business teams. Being a self-starter, I focus on delivering practical security assurance that protects organizational assets while supporting day-to-day business operations.
What sets me apart is my balanced expertise across both the technical and GRC sides of security. I have practical experience in penetration testing, application security, and vulnerability management engagements, which gives me a strong technical foundation. Alongside this, I am highly adept at managing compliance and vendor risk. I am also keen to explore how artificial intelligence can be leveraged to accelerate and optimize audit and assurance engagements. While my core strength lies in these hands-on IT and GRC domains, I also maintain a strong interest in Operational Technology (OT) and have studied frameworks like IEC 62443 and NIST SP 800-82 to understand how to govern critical infrastructure risks. I am highly adaptable and open to a variety of roles within the broader cybersecurity domain, where I can bring a continuous learning approach and add immediate value to the team.
🎯 Core Pillars of Interest
GRC
Helping clients understand their cyber risk landscape, identify gaps in their controls, and meet regulatory and stakeholder expectations
TPRM
Assisting organizations in evaluating vendor security postures to prevent third-party breaches and data leaks.
OT Security
Actively exploring OT Security, as operational security incidents are on the rise and require more attention to protect critical environments.
Unlock Interactive Portfolio
To view my professional employment history, complete set of skills, watch my video-narrated portfolio, or download offline PDF resume, please authenticate at the passcode window.
Proceed to Verification →