Charles is working as an embedded security assessor for a Defence project implementing new capability. He has also worked for a Defence Prime as a Cyber Architect on a major new Defence capability. His experience as an IRAP assessor was used to guide the development of the program and to prepare the necessary documentation ahead of an IRAP assessment of the system.

Charles managed the national practice of up to eight Governance, Risk, and Compliance (GRC) consultants; working closely with the IRAP Capability Manager. He worked with the organisation’s executive leadership team to enhance internal processes, such as the transition of sales opportunities into delivery, and implemented a resource management tool for the delivery arm of the organisation. He developed several methodologies for his team to use with clients, such as a standards-based documentation requirements tool, and a cyber gap-assessment tool. Charles also delivered IRAP assessments and guided his staff to complete engagements successfully.

Charles was the director responsible for the organisation’s cyber security consulting practices, which includes the IRAP assessment capability and the Governance, Risk, and Compliance (GRC) capability. He developed and maintained the company’s IRAP methodologies and tools and managed a team of ten consultants, while continuing to deliver IRAP assessments and advice to Defence and Australian Government entities and their suppliers.

Charles was the head of delivery of the IRAP services nationally. This program enhances Australian Government advice and assessments standards. Charles managed the virtual team of three IRAP assessors, and was responsible for the business development, methodologies, and quality of delivery of the service to DXC’s clients. He was a member of the Senior Leadership Team and was highly involved in working with other DXC divisions for risk direction. His responsibilities expanded to ensure the high quality of IRAP-related documentation delivered to clients.

Charles was the Principal Consultant responsible for the sales and delivery of information and cyber security services to DXC Saltbush’s clients in Victoria. He managed and mentored a team of seven security consultants. Security services delivered include: IRAP assessments, PCI-DSS reviews, security audits, penetration testing & vulnerability assessments, security advisory, and security consulting.
Charles turned the region into profit and expanded the team. He was the centre point for cyber security for CSC Consulting staff in the region, and expanded the portfolio delivered to existing clients by other business units to include security services. He was sought by state government departments and agencies, as well as commercial organisations to provide guidance on compliance and remediation to the Australian Government’s Information Security Manual (ISM).

Lee Douglas & Associates was an independent consulting firm that provided information security, technology risk, and information privacy services. Consulting engagements included:

• RMSEC to Monash University
• RMSEC to United Energy & Multinet Gas
• VicRoads
• Enterprise Architects to Deakin University
• Coles Supermarkets
• Stratica International
• ANZ Bank
• GE Capital
• Telstra

The Asian Advisory board is charged by the executive management of (ISC)² to provide guidance and feedback on pressing local information security policies and trends, and to make recommendations regarding (ISC)²’s professional certifications (such as CISSP) and educational programs. Members of the Asian Advisory Board include highly respected information security professionals from the Pacific Rim including China, Hong Kong, India, Japan, Korea, Malaysia, Singapore and Thailand. The board meets once a year in different cities in Asia Pacific. Charles was a judge for the Information Security Leadership Awards from 2009 to 2012.

Charles was responsible for the quality delivery of Information Security Architecture and Consulting Services to Telstra’s clients in Victoria, Tasmania, South Australia and Western Australia.