Oct 2022 – Feb 2026 · 3 yrs 4 mos · Australia · Remote

• Head global security, compliance and AI Governance for Prezzee’s 500-strong digital-gifting business across Australia, NZ, Europe and North America. I set the strategy and lead a team to build and run modern security practices—from policy and vendor risk to incident response and BCP/DR. My work underpins enterprise sales, unlocks new markets, and keeps trust high as Prezzee scales.

Mar 2022 – Aug 2022 · 5 mos · Sydney, New South Wales, Australia

• Led security risk at Australia’s leading crypto exchange. Advised on operational and cyber-risk exposure, built a multi-discipline risk team (compliance, privacy, third-party, audit), and delivered ISO 27001 in three months. Ran security reviews that cleared the launch of Swyftx’s new crypto-lending platform.

Jan 2021 – Oct 2021 · 9 mos · Sydney, New South Wales, Australia

• Owned governance, risk and compliance for Deputy’s global SaaS workforce-management platform (used by hourly teams in 70 + countries). Established and ran ISO 27001, PCI DSS, GDPR, NIST and Secure Controls Framework programmes; embedded privacy-by-design and risk processes across product, engineering and operations; and guided executives on security and technology risk within appetite—all while working fully remote during Deputy’s high-growth phase.

Oct 2018 – Dec 2020 · 2 yrs 2 mos · London, United Kingdom

• Owned cyber-risk assurance for a £200 m digital-transformation portfolio covering 32 products. Built executive dashboards that unified product, process and supplier risk. Ran post-contract supplier audits across security, privacy and BC/DR, steering remediation to keep risk within appetite. Led a £30 m near-shore development review that saved £300 k and chaired the FSQS Cyber Working Group for 25 UK financial institutions, standardising supplier-security expectations.

Feb 2016 – Oct 2018 · 2 yrs 8 mos · Cupertino, California, United States

• Developed the Apple Contact Centre Security Requirements framework (CCSR) and led security assessments to protect 1 billion customer records across contact centres in AppleCare, Apple Online Store and Apple Retail Contact Centres.

Aug 2013 – Jan 2015 · 1 yr 5 mos · London, United Kingdom

• As a Pre-Sales Security Consultant at Becrypt, I worked with government, defence, and public sector clients, helping them secure their IT environments with Becrypt’s encryption, secure endpoint management, and device security solutions. My role involved conducting technical product demonstrations, delivering customised training, and supporting technical evaluations, pilots, and proof of concepts. I collaborated with account managers to respond to RFIs/RFPs, address technical challenges, and support architecture design during the sales cycle. I focused on translating complex security solutions into practical, customer-focused outcomes, ensuring alignment with high-assurance requirements.

Jan 2013 – Jul 2013 · 6 mos · Washington DC-Baltimore Area

• Partnered with investigative journalists, humanitarian NGOs, law firms, Fortune 500 boards and select government agencies to secure their communications on Silent Phone and Blackphone. Hardened iOS/Android VoIP stacks, stress-tested ZRTP key exchange, and guided clients through zero-knowledge deployments that kept voice, video and messages truly off-grid.

May 2011 – May 2012 · 1 yr · London, United Kingdom

• As a security consultant for HP Enterprise Security, I worked on the Labyrinth programme; a major IT system replacement project for the UK Ministry of Defence (MoD) under the Defence Equipment & Support (DE&S) agency. My primary focus was technical assurance, managing penetration testing and security assessments on the systems that comprised Labyrinth. I evaluated the security of classified networks (up to Top Secret level), identifying vulnerabilities and validating the effectiveness of implemented security controls. Working as part of the Atlas Consortium, I played a key role in ensuring that the secure infrastructure met stringent MoD information assurance standards.

Jan 1999 – Jan 2011 · 12 yrs · Hereford, United Kingdom

• Built the regiment’s first dedicated cyber and information-security capability within the new Advanced Force Operations squadron, leading a small team that safeguarded mission-critical networks and devices for UKSF operations worldwide.
• As the unit’s IT Security Officer, I authored and enforced security policy, performed rapid risk and vulnerability assessments, and engineered hardened, crypto-enabled networks for deployed bases and tactical teams. I oversaw accreditation to MOD standards, implemented continuous monitoring and incident response procedures, and delivered user training that ensured secure communications and data integrity under the most demanding operational conditions.