SKILLS AND EXPERIENCE:
Jason has assisted numerous clients in the development and certification of ISO-27001 Information Security Management Systems. Additional framework implementations have focused upon meeting compliance requirements for government regulatory frameworks (CPS 234, VPDSF). He also frequently conducts internal audits of ISO 27001 implementations to ensure the effectiveness of client implementations.
He previously worked in IT project management for multi-national security firms and led international teams on large-scale projects delivering resources for security services and customer engagement. In addition, Jason has enjoyed an extensive career in Web and Digital development, affording him a strong technical knowledge of IT platforms and processes.
His strengths in team leadership, stakeholder management and technical analysis regularly delivered large-scale mission-critical projects. These skills have been carried over to his present ISMS implementation work.
Jason holds a Masters degree in Information Security and Assurance. His qualifications and career experience afford him depth in the areas of information security, risk management and IT strategy. He holds a Certificate IV of Project Management Practice.
- Developed and implemented ISO-27001 Information Security Management Systems for various organisations
- Implemented Information Security Frameworks supporting CPS 234 for large banking and superannuation organisations
- Developed and implemented VPDSF-compliant Information Security Frameworks for various Victorian government agencies
- Developed risk management policy and guidance for numerous organisations
- Executive research briefings on Cloud Security, Cloud Governance, Cloud Key Management, secure development lifecycle processes and Blockchain technology at a major banking group
- Led IT strategy project examining IT governance and technology changes relating to a significant government institution
- Delivered a risk management research project examining the operations and IT security risks of a major pharmaceutical firm.
- Research minor thesis on the theoretical underpinnings of anomaly detection and its use in Intrusion Detection Systems for network security.
- Research paper on the state of IPv6 implementation and its merits in combating network-based IT security risks.