I am a Senior Director specialising in AI governance, cyber security, and systems assurance within complex government and regulated-industry environments. I bring together deep technical experience, decades of leadership across public-sector digital assurance, and practical insight into operational risk, policy design, and technology-enabled transformation.

I advise clients on AI trust, safety, and assurance frameworks; systems-of-systems analysis; strategic risk approaches aligned with national security expectations; and the application of emerging regulatory frameworks such as ISO/IEC 42001 and ISO/IEC 27001. I work closely with executives, boards and program owners to design clarity-focused assurance strategies that reduce complexity, increase accountability, and enable safe adoption of advanced technologies.

Before joining MinterEllison, I held senior roles across defence, government oversight functions, and technology assurance practices. My background includes modelling complex systems, leading technology audits, and developing methodologies for risk assessment in high-assurance environments. I have worked extensively on improving authorisation pathways for government systems, driving consistency, and reducing cost by establishing reusable component-based assurance models.

Career highlights

• Leading Federal Government agencies in strengthening PSPF implementation, AI-related risk management and system authorisation, providing practical, business-aligned guidance rather than narrow compliance-driven interpretations.
• Building highly-respected assurance and cyber-risk practices — including establishing multi-million dollar System Authorisation and Pen Testing capability – and advised major agencies through complex, high-value security programs.
• Shaping national cyber-assurance policy by contributing to Australian Signals Directorate's redesign of the IRAP Policy and Procedures during the program’s suspension, helping establish the modern IRAP framework used across government.
• Auditing and advising Services Australia and other large agencies on security posture and safe adoption of emerging technologies, including assessment of Microsoft Copilot and IBM Watsonx against ASD’s ISM system-authorisation requirements.
• Guiding agencies such as AFMA, RailCorp and Services Australia through enterprise and security architecture uplift, PCI-DSS gap assessments, ISO27001 certification pathways and ISMS operationalisation using continuous-improvement methods.
• Developing the alternate System-of-Systems assurance model authorisation approach, enabling agencies to meet the PSPF requirement to “authorise all systems prior to deployment” through reusable, component-level assurance.
• Conducting strategic PCI-DSS audits across for financial institutions, delivering clear, pragmatic, and actionable yet balanced recommendations aligned to organisational business goals.
• Applying rigorous analytical and engineering expertise gained as a defence researcher at the National Institute of Defence Research, modelling helicopter structures using Finite Element Methods to support defence capability development.