I am a cybersecurity architect specialising in security architecture, risk and assurance, and secure-by-design delivery across government, financial services, and regulated enterprise environments. My work is grounded in a governance-first approach, translating complex regulatory and security obligations into practical, implementable controls embedded in day-to-day operations.
I bring extensive experience across cloud and hybrid environments, including Azure and AWS, with a strong focus on designing secure, scalable, and audit-defensible solutions. I have led and contributed to large-scale cyber uplift initiatives, ensuring alignment with frameworks such as the Information Security Manual (ISM), Essential Eight, PSPF, ISO/IEC 27001, and NIST.
My core capability lies in connecting risk, control design, and operational assurance. This includes security architecture, identity and access management, vulnerability management, and secure cloud adoption, with an emphasis on establishing clear ownership, measurable outcomes, and sustainable control maturity. I focus not only on designing controls but also on ensuring they are operationalised, monitored, and aligned with business and regulatory expectations.
I have worked across complex, multi-stakeholder environments, providing architectural leadership, assurance, and advisory services to support secure program delivery. This includes engagement with technical teams, executives, and external stakeholders to drive outcomes that are both technically sound and commercially aligned.
As co-founder of Hexosys Consulting Services, I provide independent cybersecurity and cloud advisory services to enterprise and regulated sectors. My focus is on strengthening governance, uplifting security capabilities, and enabling organisations to move beyond theoretical compliance towards a resilient and defensible security posture.
I am committed to delivering high-quality, outcome-driven solutions, with a strong emphasis on clarity, accountability, and long-term operational sustainability.