Welcome to CREST Australasia

[Portfolio: Cyber Leaders’ Forum]

Chathura is a Director in Cyber and Forensic practice of KPMG Australia and a highly technical cyber security practitioner with more than 15 years’ experience. He is a CREST Certified Tester and Assessor.

Chathura has extensive experience in managing and leading complex red and purple team assessments, penetration testing and cyber incident response engagements. He has worked with clients across the state and federal government, power and energy, technology, engineering, retail, education, telecommunication and financial services sectors.

Kristofer is a Director and the Regional Lead for the Security Testing and Assurance Practice of CyberCX within South Australia and the Northern Territory.

He is an experienced security consultant with a strong passion for helping clients identify and understand the risk posed to their information assets. His deep skill set allows him to identify systematic issues as well as individual vulnerabilities, provide pragmatic and business-focussed recommendations and communicate these to all members of the business.

Kristofer’s extensive experience in the information security sector includes a wide range of clients, including health, defence, government, utilities and finance. He takes a pragmatic and holistic approach to security and is able to assess both technical and governance controls that secure information assets.  Kristofer has deep experience in SCADA and Industrial Control System (ICS) environments and has conducted many in depth security reviews for organisations in industry sectors such as water, oil, gas, electricity, transport, and manufacturing. His threat driven approach to security equips him with a unique skillset to identify security gaps governance and technical controls within highly sensitive environments.

Regional Director of Professional Services (APJ) for NCC Group

Matt is a highly skilled cybersecurity professional specializing in penetration testing and security consulting. As the Head of Security Consulting at The Missing Link, he leads a dedicated team of security consultants, delivering comprehensive security services across industries such as finance, healthcare, technology, and government.

With a strong technical background and a CREST certification, Matt has been instrumental in advancing cybersecurity practices through involvement with the CREST board, where he helps shape and refine industry standards to address the complex challenges faced by today’s cybersecurity professionals.

Matt is passionate about contributing to the InfoSec community, regularly participating in industry events, developing new tools and methodologies, and fostering continuous learning within the team. By leveraging expertise and leadership, Matt is committed to empowering organizations and professionals alike, ensuring robust security postures and a safer digital world for everyone.

Co-Optee
Ray Dussan is the CEO of Swise, a cybersecurity AI company, and AMARU, a professional cybersecurity consulting company. Swise and AMARU work together to provide comprehensive cybersecurity solutions and services.

As the CEO, Ray leads the strategic direction and operations of both Swise and AMARU. He has extensive experience in the cybersecurity industry and is passionate about helping organizations strengthen their security posture through the use of advanced AI and consulting expertise.

Under Ray’s leadership, Swise has developed a powerful cybersecurity AI assistant named Swise AI, which is designed to work alongside cybersecurity professionals to simplify security tasks and enhance protection. AMARU, on the other hand, provides specialized cybersecurity consulting services to help clients assess, implement, and maintain robust security measures – AMARU is on a mission to take down cybercrime.

Ray is committed to driving innovation in the cybersecurity space and empowering organizations to stay ahead of evolving threats. His expertise and vision have been instrumental in positioning Swise and AMARU as trusted partners in the fight against cyber-attacks.

[Portfolio: Training and Accreditation]

Edward is a security consultant with more than 12 years’ experience in information security industry and 17 years’ experience in the IT industry. As the director of Mercury, one of Australia’s few remaining independent security firms, he has conducted or overseen the delivery of 600 security assessment activities and incident responses in the past seven years. His professional highlights include lecturing at the Australian Defence Force Academy, being rated in the top 200 bug bounty hunters in 2015 and running an awesome team of security professionals.

[Co-Optee.  Portfolio: Threat Intelligence]

Dan is a Security Analyst for Google/Mandiant and a member of its Advanced Practices team. Where he researches, analyses and attributes a diverse range of threats observed from emerging events, incident-response investigations or security operations environments globally. Dan’s career spans over a decade of technical security assessment experience where he holds a Master of Arts Degree in Intelligence Analysis. And also co-hosts Google’s Threat Attribution Conference (RooCon) in Australia. Dans career highlight has been exposing adversaries in the early stages of their intrusions and notifying victims at lightning speed and reach.

[Portfolio: Intelligence-led Testing]

Ed is a senior manager at Accenture responsible for the offensive security capability in Australia and New Zealand. He has more than 15 years’ professional experience in information security spanning multiple domains and disciplines. He believes security should be realistic and pragmatic, a fine balance between risk and control, and a beautiful collaboration of people, process and technology.

Coming from a technical background, Ed has extensive hands-on experience, blended with exceptional client consulting and team leadership skills. In previous roles, Ed has led security teams in major finance and government institutions, providing security advice and consultancy services to some of the highest profile and most complex IT projects across Australia.

Yuri leads the Advanced Security Centre (ASC) at EY, the largest attack and penetration testing team in Australia spread across multiple geographies, focusing primarily on the financial services industry in Sydney. He is passionate about offensive security and the cyber security challenges faced by clients.

With more than 15 years’ experience in the field and managing high performing teams, Yuri’s purpose and drive is to build the careers of cyber security professionals eager to solve the most challenging problems, and to have fun doing it. He is committed to building sustainable teams. As a strong advocate for diversity and inclusion, Yuri is committed to driving change in the cyber security industry and creating a safe and welcoming environment for everyone in the workplace.

Jamieson (Jamie) is the founder and offensive security lead at Sydney-based security company Dvuln. Holding multiple high-level security clearances, over the last decade he has collaborated with international enterprise and government organisations including Adobe, Riot Games, Firefox, General Motors and more to evolve the way these organisations approach cybersecurity.

A leader in the OWASP community, Jamie leads key initiatives such as the OWASP DevSecOps Verification Standard (DSOVS) and the OWASP Penetration Test Report Standard (PTRS), which are used by organisations around the world to improve their cybersecurity practices.

In addition to his industry contributions, Jamie is dedicated to shaping the future of cybersecurity. He has lectured at various institutes, including Macquarie University Sydney, the University of Technology Sydney, and the Korean Internet & Security Agency, as part of the ASEAN Cyber Shield Project, sharing his expertise and guiding the next generation of cybersecurity professionals.

Nigel is Director, UNSW Canberra Cyber. He is an influential analyst on the intersection of technology, crime and society. Nigel has published three acclaimed books on the international impact of cybercrime, is a regular media commentator and provides executive and board advice on strategy, risk and governance of technology.

In a 21-year career with the Australian Federal Police, he achieved the rank of Detective Superintendent and headed up investigations at the Australian High Tech Crime Centre for four years. He is founder and managing director of a technology start-up company and has chaired a number of not-for-profit organisations.

[Portfolio: Research]

Joshua is an experienced technical director, working with organisations across a range of industries, including critical infrastructure, health, finance, energy, government, tertiary education, and more. He is passionate about the security community, business operations, technical leadership, and process improvement. He has served as a board member for non-for-profit organisations and helped enable business transformation through cyber security.

Joshua has established and actively runs the IoT and SCADA Hackers Australia group, as well as the BSides Brisbane conference. Through these avenues he actively fosters the cyber security industry and helps break down barriers to new entrants. Joshua has extensive experience in operational technology and critical infrastructure, penetration testing, IoT, red teaming, and more.

[Portfolio: Incident Response]

Jack is the Principal Security Consultant at Triskele Labs Global Pty Ltd. He has a wealth of experience in the cyber security industry in Australia, coming from a background in both the public and private sectors. Before committing his expertise to Triskele Labs, he worked in the Vulnerability Management and Research team at the Australian Taxation Office, as well as the Security Engineering and Development team at the Department of Defence.

Since joining Triskele Labs, Jack has led the offensive team and grown this capability from the ground up, starting from just a few people to one of the largest boutique teams in Australia. This has included growth, diversification and maturity of penetration testing, red teaming, intelligence-led testing and adversary simulation. He has also assisted in standing up the Triskele Labs Security Operations Centre capability within Australia.

Jack now looks to measurably contribute to CREST activities in the Australasian region, to assist us in continuing to supply high quality security accreditation and certification programs.

Co-Optee
Renae is an Offensive and Application Security Specialist with over 10 years experience. Currently, she is the Offensive Security Managing Consultant at Tesserent, where she performs, manages and leads the suite of offensive security services. Renae’s experience spans many industries, including banking, financial services, education, technology, retail and health amongst others.

Renae is committed to great outcomes for all stakeholders, believing that a technical report is only as good as the communication is clear for all. Her leadership approach prioritises team empowerment and professional growth through empathy and resiliency.

Renae is particularly committed to building diverse and inclusive teams within cyber security, actively mentoring and teaching essential cyber skills to women and other underrepresented groups.