Rebecca was born of a moon-less night in an undisclosed location along the cyber ley lines. For the past three years she has been using the mystical powers handed down for generations to write Python code and consult on security arts.
She started her journey working to help manage and implement an information security management system at a Melbourne based start-up. She continued down this path to work at a MedTech company based in Melbourne doing what she refers to as "DevSecGovOps" and she will not be taking comments on this naming scheme.
After some time working in this role, Rebecca moved on to become a penetration tester and security consultant at a boutique Melbourne security company where she specialised in divination via web applications and calling upon the clouds to tell their dark secrets.
While Rebecca still holds strong opinions about client-side validation, how CSRF tokens should be handled, and just general application security, she no longer practises penetration testing, however, she can still be found consulting on cybersecurity now focusing her energy on helping businesses navigate their compliance requirements and understanding risk.
Rebecca focuses on:
- Implementing ISO27001 in a holistic way, ensuring required controls strike a balance with company culture;
- Helping businesses meet their security and governance obligations in DevSecOps teams;
- Reading clouds and helping businesses make theirs more secure; and
- Helping businesses develop practical but secure standard operating environments.