Paul is a senior information security consultant with over fifteen years’ experience in secure solution design and information security analysis, including the areas of cloud and hosted service providers, payment services, mobility, application development and identity management supported with practical experience in many vendor solution sets. Before moving to Australia Paul worked with leading European financial, manufacturing and government clients in European, Middle East, Africa and North American locations. Since his migration to Australia, eight years ago, Paul has worked with all levels of government as well as healthcare, financial and resource clients.
Paul is proficient at interpreting business and compliance requirements; analysing them, and then defining architectural recommendations that can be built into technical solutions. He does this whilst also ensuring that the organisation maintains control over their data assets, by ensuring that both the user and any device are authorised to access, that data is protected during transit and at rest, and that a regime is in place that mitigates the risks to an acceptable level aligned with the business and any Government or industry compliance requirements. He can assist a client with understanding the existing security posture, as well as help them to enhance their security framework to mitigate the risks from greater mobility and movement of resources to the cloud.
Area of Expertise
- Business Analysis
- Workshop Facilitation
- Stakeholder Management
- Information Security Standards - ISO17799, 27001, 27002; Australian Gov ISM and PSPF; Qld QGAF and IS18
- Documenting Information Security Frameworks - Security Risk Management Plan; Policies/Procedures; Incident Response
- Project Management (PRINCE2 Practitioner)
- Security Architecture
- Solution Design
- Cloud Services - Cloud Security Strategies; Security-as-a-Service; Identity and access management
- Mobile Device Management - Mobile Security Strategy; Securing mobile access; Secure mobile app design