Vela Asia PacificChief Information Security Officer
Jul. 2022 - Dec. 2023Brisbane, Queensland, AustraliaI led the development and implementation of comprehensive security policies, standards, and procedures, transforming the security posture across 25 companies and significantly enhancing the protection of assets, intellectual property, and personally identifiable information (PII). In collaboration with legal counsel, I resolved customer data privacy concerns and streamlined storage and handling practices. I conducted extensive research to identify and procure cost-effective security equipment and materials, successfully keeping expenses within budget. Regularly communicating with the Group CEO and parent company, I presented detailed reports on risk assessment, mitigation strategies, and incident metrics, enabling real-time analytics for ROI and risk management. Additionally, I provided expert technical guidance across all departments, supporting the organisation’s overall security infrastructure and initiatives.
Below are a few of my notable contributions:
• Directed adoption of advanced identity management platform, significantly improving access control measures and eliminating password dependency through secure authentication methods.
• Developed and executed comprehensive information security strategy for a conglomerate of 35 companies, resulting in 8-12-fold reduction in attack risk over two years.
• Introduced 24/7/365 monitoring, security operations centre, managed SIEM, vulnerability and patch management, and cyber training platform, significantly lowering security spending.
• Persuaded stakeholders to centralise key IT functions and establish standard security profiles, increasing adoption by 50%.
• Implemented a unified ISO management system for ISO 27001 and 9001, streamlining policy dissemination, enhancing audit efficiency, and saving time during external and internal audits.
• Partnered with third-party providers to offer Cyber as a Service, cutting costs by 60% and reducing implementation time by 14 months compared to a centralised internal team.