Information Security Consultant
Professional Engineer - Client Service Focus - Proven Track RecordPrivate Sector Engagements
TMX Group Limited (TMX)
American International Group (AIG)
PriceWaterhouseCoopers
TC Energy (Formerly TransCanada Pipelines)
Telus Health (Formerly BCE Emergis)
Bell Canada
Firelytics Network Analyzer
Amer Networks
Certicom Corp.
TRW LLC
Waterloo Maple
Public Sector Engagements
Bank of Canada
Payments Canada (Canadian Payments Association)
Elections Canada
Office of the Superintendent for Financial Institutions (OSFI)
Natural Resources Canada (NRCan)
Environment and Climate Change Canada (ECCC)
Global Affairs Canada (Formerly DFAIT)
Public Services and Procurement Canada (PWGSC)
Canadian Blood Services
Ontario Clean Water Association (OCWA)
TV Ontario
Security Governance
Managing your organization’s overall enterprise risk and compliance with industry recognized security regulations, controls, and best practices.
Aligning security recommendations and practices with business objectives, ensuring an appropriate level of engagement with stakeholders and contributors.
Developing a solid GRC framework including all related processes and procedures to manage security risk and meet compliance requirements.
IT Security Standards
Customizing industry recognized IT Security Standards, including NIST and ISO, for specific applicability to your organization’s IT environment.
Developing and maintaining a comprehensive set of IT security policies, directives, and guidelines to support and help implement standards.
Aligning polices with objectives for the IT security program and broader IT roadmap and strategy to build a foundation that will withstand evolving threats.
Secure Development
Ensuring that security is adequately considered and built into each phase of every system development lifecycle (SDLC), particularly from initial phases.
Enabling and managing security assurance activities such as penetration testing, code review, and architecture analysis as an integral part of the development effort.
Writing security requirements and merging them with functional requirements, or performing an threat modelling and risk analysis during design phases.
Project Management
Effectively engaging executive sponsorship and formal backing for security considerations in project management, scope, objectives, and strategy.
Executing responsible oversight for application design, development, and integration and transitioning to operational management.
Completing projects by coordinating resources and timetables with stakeholders, departments, operations, and data center.
Security Operations
Developing operational procedures and standards for enterprise information security monitoring, detection, analysis, response.
Defining plans for incident response to manage malware threats, malicious attacks, network disruptions such as DDoS, and post-incident investigation and forensics.
Assessing, designing, and operationalizing complex and distributed delivery models of security operations, including cloud, SaaS, and SOC-as-a-service.
Security Audit
Identifying and assessing your organization’s critical information technology assets, data, and processes, that if compromised would have a major impact on business operations.
Identifying threats that would affect the ability of business functions to operate, cause damage to business reputation, or incur legal liability due to regulatory non-compliance.
Conducting internally managed security audits on your organization’s compliance programs to reduce the challenge of formal audits, and identify issues within existing policies and governance.
Security Architecture
Developing cloud migration strategy, addressing technical, functional, legal, procurement, security, and operational needs of the organization.
Assessing technical environments for cloud security compliance and attestation, including controls assurance for defined sets of service provider’s systems.
Integrating patterns and reference architectures with security standards, disaster recovery, continuity, DevOps, and application management.