Feb 2024 – Nov 2024 · 9 mos · Melbourne, Victoria, Australia · Remote

• Security Operations Manager | Beyond Bank (Cyber Uplift Consulting Project)
• As part of a comprehensive Cyber Uplift consulting project, I joined Beyond Bank to lead the Security Operations function and drive critical enhancements across the organization’s security posture. Leveraging my extensive expertise in Offensive Security and Penetration Testing, I provided a unique perspective on integrating offensive tactics to strengthen defensive strategies, ensuring the rationale for implementing key security measures was well-understood and impactful.
• Key Achievements:
• Successfully conducted a physical red team assessment across offices in three states.
• Reverse engineered and identified a chain of vulnerabilities to cash out an ATM kiosk.
• Led initiatives to enhance Cyber team maturity, focusing on:
• Vulnerability management processes.
• Email security (DMARC, SPF, DKIM) best practices.
• Improved SSL/TLS configurations.
• Built comprehensive team documentation to standardize processes and support knowledge sharing.
• Spearheaded training and certification programs, enabling the Cyber team to upskill and achieve certifications that aligned with uplift projects.
• Produced a creative and engaging security awareness video featuring rapping puppets to promote organizational awareness.
• Managed vendor-led security assessments and personally performed:
• Red-team-style physical/office security assessments.
• Penetration tests and security reviews of key technology assets.
• Collaborated with technology vendors to identify and mitigate vulnerabilities, enhancing overall security resilience.
• Improved vulnerability management, vastly increasing visibility of vulnerabilities.
• Improved board and c-level reporting on cyber with actionable insights to drive change.
• After a dedicated Security Operations Manager was hired, I transitioned into the SecOps Specialist role to continue supporting the uplift project and ensure the seamless implementation of critical initiatives.

Oct 2022 – Apr 2023 · 6 mos · Melbourne, Victoria, Australia · Remote

• 6 month contract for the Vulnerability Assessment project to assess SNSW's exposure to an Optus-style data breach of PII (Personally Identifiable Information).
• Designed and prototyped cloud-native API security management solution.
• Supported DevSecOps Uplift as part of Cyber Security Resilience and Uplift Program (CSRUP).
• Reported observations for transformational Cyber uplift.
• Participated in the security panel for the SNSW Leader's Day event.

Apr 2022 – Oct 2022 · 6 mos · Melbourne, Victoria, Australia

• Threat Intelligence startup. Followed CTO out of CoinPayments into Sonar.

Oct 2021 – Apr 2022 · 6 mos · Melbourne, Victoria, Australia

• CoinPayments was the world's largest cryptocurrency payments provider with over 2m customers in nearly 200 countries.
• Full-stack manager. Built out a new IT team, developed IT roadmaps, developed project management systems, developed people's skill-sets, managed projects across the entire tech-stack from UX to C code, stayed technical while managing, and looked after my team as best I could. Reported to the CTO.
• Was consulting to CoinPayments through Path before this in different roles.
• Followed CTO to Sonar

Jun 2021 – Present · 5 yrs · Melbourne, Victoria, Australia · Remote

• I'm helping Savva Kerdemelidis with this Social Enterprise that may change the world.
• Outcomes-based financing for open source medicines to prove off-patent therapies work, so we can have affordable medicine for everybody.

Sep 2020 – May 2023 · 2 yrs 8 mos · Melbourne, Victoria, Australia

• The company I use for consulting. Talk to me about offensive cyber security contracts, penetration testing, brand impersonation, and domain take-downs.

May 2019 – Jun 2020 · 1 yr 1 mo · Greater Sydney Area

Jan 2019 – Oct 2022 · 3 yrs 9 mos · Australia · Remote

• Hacktive was acquired by Deloitte.

Jan 2019 – Jul 2020 · 1 yr 6 mos · Dubai, Dubai, United Arab Emirates

• I am offering offensive security consulting services directly to clients, but the majority of my work is subcontracting for infosec consultancies that need an extra helping hand. My service offerings include external infrastructure and web-app penetration testing. I'm not currently offering mobile or social engineering pentests (despite my experience in these areas).
• HortonSec is incorporated in the UAE but I'm elsewhere traveling the world while serving the English speaking markets.

Oct 2018 – Oct 2022 · 4 yrs · United States

• Developed security consulting service-line end-to-end. Created proposal and report templates, did pre-sales, performed security testing, etc. Ensured high quality of security testing and reporting.

Jul 2017 – Jun 2020 · 2 yrs 11 mos · Europe

• Ask me about all the countries I visited as I travelled round the world with my family! This time wasn't all about climbing volcanoes on horseback in Guatemala, visiting ancient sites like Stonehenge and Chichen Itza, spending time on the beaches of Bali, or flying drones around tropical islands, I also kept up to date with infosec.
• I extended my skill with ASM and binary reverse engineering. Attended Defcon in Las Vegas, CCC in Leipzig, Crypto meetups in London, HackNYC in New York, 8.8 in Mexico City, and even small OWASP chapter groups in cities like Tbilisi.

Oct 2014 – Jun 2017 · 2 yrs 8 mos · Greater Melbourne Area

• I can't speak highly enough of my experience with HackLabs. It was a pleasure to work with such a talented team.

Jan 2012 – Oct 2014 · 2 yrs 9 mos · Greater Melbourne Area

• Technical security consulting including penetration testing.
• Started as a senior consultant.

Jun 2010 – Dec 2011 · 1 yr 6 mos · Wellington, New Zealand

• Penetration testing, developed and delivered training, source code reviews, host reviews, and more.

Aug 2009 – Jun 2010 · 10 mos · Christchurch, New Zealand

• Security consulting, penetration tests, source code reviews, training, policy development, etc.

Mar 2009 – Jul 2010 · 1 yr 4 mos · Christchurch, New Zealand

• Web design and web application development.

Jan 2003 – Jan 2009 · 6 yrs · Christchurch, New Zealand

• Co-founder. Setup business systems, IT, graphic design, bit of everything. Became the dominant digital printing provider in Christchurch, NZ. Did some of the first work in NZ with variable data printing and databases.