Cyber Security Professional / People Leader / Cloud Security Advocate / Internet Explorer
I want to work, for the best, with the best and help them be the best…
Melbourne
Australia
Working 100% remotely
dave@david-clarke.id.au
+61 Please reach out to me privately (email/keybase) if you require my mobile #
KeyBase - davidclarke_au
PGP - 1234 E339 C30C C855
Blog
linkedin.com/in/davidclarkeau
GitHub - davidclarke-au
GitLab - davidclarke-au
Tooling
Git Stars
@davidclarke_au
david-clarke-au.medium.com
Canary 1 Canary 2
Did a pesky recruiter send you this as a PDF? Ugh, please use this
A Little Bit About Me
I loathe writing CV’s, but I understand why it’s required, hence why it’s now in a Code Repository. Simple to update, modern, backed up and demonstrates many technical skills right off the bat.
I honestly think you should get a good picture of who I am, what I do and what might be a good future fit for me from the links above. OSINT
This CV is ordered deliberately. In my opinion, in order of importance.
Starting with me, an informal and honest introduction.
Followed by what I work on day to day and am responsible for, my skillset and what I’m passionate about.
Followed by my work history.
Followed by my training and education.
What I love doing is TALKING to people…. So please feel free to get in contact with me and setup a chat.
Anyway, all the boring stuff below…
Skillset / Passions / Areas of Interest
Passionate Servant Leader - I work for my team.
“Servant leadership seeks to involve others in decision making, is strongly based in ethical and caring behavior, and enhances the growth of workers while improving the caring and quality of organizational life,”
Cyber Security People Leadership - Hiring, building, growing and reatining top Security Talent while ensuring they are supported in career growth, interesting and fulfilling work.
“As a leader, I want to hire good people and then get out of their way…“
Blue Team operations and leadership. Leading teams that are the protectors of the business or customers.
Cyber Security Culture, Awareness & Uplift
Cyber Security Leadership - vCISO, CISOaaS, Deputy CISO etc..
Cyber Security Strategy
Cyber Security Evangelist (is there a non-religious equivalent? If so, that….)
Cloud Security, with preference to
MEDR Technologies with preference to CrowdStrike
Attack Surface Management tooling and strategy
Digital Risk Protection tooling and strategy
Working with clients to assist in Security maturity uplift and continual service improvement
BugBountys - from a client (SaaS) side though, assisting companies doing the initial discovery and beginning their journey into Bug Bounty programs via BugCrowd, HackerOne, Cobalt.IO etc…
Data Centre - have historically completed a significant amount of work and large projects in Data Centres. Always something I’ve enjoyed.
Love communicating, collaborating and generally working with teams (both internal and external) on Slack
And more broadly…
Music, Motorsport, Camping, Hiking…
Experience
2022 - Current
CrowdStrike
Manager, Falcon Complete
I am lucky enough to lead a team of the best Analysts on the globe that stop the most sophisticated hackers and adversaries targeting our many customers.
“We Stop Breaches” - The Falcon Complete MDR offering commits to outcomes, not just SLA’s.
Our Falcon Complete analysts own the full response to intrusions, including surgical remediation of threats in near real time. With Falcon Complete, intrusions are often detected and eradicated before attackers are even able to leverage their access.
The Falcon Complete team is composed of seasoned security professionals who have experience in incident handling, incident response, forensics, SOC analysis and IT administration. The team has a global footprint, allowing true 24/7 “follow the sun” coverage.
2019 - 2021
CyberCX
SOC Operations Manager - VIC - Managed Security Services
In my role as SOC Operations Manager (VIC) MSS I am responsible for overall delivery, performance and continual service improvement of Managed Security Operations Centre (SOC), Security Information and Event Management (SIEM), Vulnerability Management System (VMS), Managed Endpoint Detection & Response (MEDR) and Digital Forensics & Incident Response (DFIR) offerings.
The SOC Operations Manager (VIC) MSS is a key member of the MSS leadership team in the region. The Manager - SOC Operations (VIC) MSS leads the activities and management of the Managed Security Services operations team in the region, positioning CyberCX as Australia’s greatest force of cyber security professionals.
Senior Service Delivery Manager
In my role @ CyberCX I am responsible for
Service Delivery Management - Managed SIEM, SOC, VMS, MEDR, DFIR
Service Transition - Project -> BAU
Service Delivery Governance
Service Level Risk Management
Security Operations Management:
Lead and Owner of SecOps Process & Procedures
Lead and Owner of SecOps Governance
Continual Service Improvement
Enhancement and Innovation
Service Activation and Onboarding
Bridge between Service Delivery and Security Operations
CyberSecurity Project Management
PreSales engagements for CyberCX portfolio offerings
2019 - 2020
Enosys Solutions
Senior Service Delivery Manager
(this role folded into CyberCX in July 2020)
Please see the role above for details
2016 - 2019
PageUp
Global Head Of Security & Compliance
I was promoted into this global role to ensure PageUp’s IT Assets are secured by best of breed technology, practices and processes whilst maintaining compliance with relevant contractual and industry obligations in order to accelerate the growth of PageUp. Growing the team was also an important function in this role.
Create, maintain and operate PageUp’s cyber security strategy leveraging appropriate technology, threat information, training and operational processes in order to reduce the likelihood of business critical security breaches.
Track and communicate technology risk to the business in order to ensure the leadership team are adequately informed to make decisions on resource allocation, budgets and risk mitigation.
Support the growth of the business in all targeted markets by externally promoting PageUp’s security platform USP to clients, prospects and the wider market. Ensure PageUp gains/maintains appropriate security credentials and certifications to leverage in promotion of USP.
Manage and maintain a security technology budget with appropriate spend to meet the needs of the operation and implementation of the cyber security strategy
Champion and embed a culture of security awareness and practices in order to enable autonomous teams to progress unimpeded whilst ensuring security of outcomes delivered.
ISO Compliance & Security Officer
Please use LinkedIn if you’d like more information on this role.
2012 - 2016
VicSuper
Analyst IT Security & Operations
Please use LinkedIn if you’d like more information on this role.
IT Infrastructure Specialist
Please use LinkedIn if you’d like more information on this role.
Pre 2012
Previous Work History
Previous work history before 2012 can be provided on request or visible on my LinkedIn
Blogs & Articles
Dates stated on articles - Ongoing
Links: LinkedIn - Medium - Other
Tackling MFA for AWS Organization Member Accounts - -
With the recent advice published by AWS around best practice for MFA on AWS Organisations (not a typo ) management and member accounts, I thought it would be a good chance to write up how I tackled this previously and hopefully provide some guidance for others.
GDPR & PageUp Security -
The aim of this article is to talk though some key GDPR terms and the parts of the GDPR that matter to our clients and how we are addressing them.
PageUp Passwords — Housekeeping and Best Practice -
A short piece on password best proactive for SaaS and the options that PageUp provided for clients. SSO vs Non-SSO.
AusPost Parcel Lockers — Hardening Required -
I wanted to call this piece AusPost Parcel Lockers - Insecure by Design but we agreed to change it. A write up on a discovered Security weakness and the follow ups, disclosures etc.
PageUp Disabling TLS 1.0
A blog discussing the reason for the disablement of TLS 1.0, who, what, when, why etc…
Deleted your Yahoo! Account? Check again… -
A write up of the mess that was deleting a Yahoo account post their Security Incident.
G Suite + SPF, why bother?
A piece on the very frustrating shortcomings and insecurities of GSuite SPF and DKIM implementation, which was thankfully fixed.
Stevie Ray Vaughan — Cast of Thousands
Eh, not tech related, but a passion piece.
Training
Ongoing
My preferred way of learning is on the job, with smart, driven and passionate people!
2022
CCFA - CrowdStrike Certified Falcon Administrator - CrowdStrike University
CrowdStrike Certified Falcon Administrators effectively manage the Falcon platform based on the risk profile of your business, including:
- Effective user management
- Deploying and managing the Falcon sensor
- Configuring deployment and prevention policies based on business risk
- Configuring allowlists, blocklists, and file-path exclusions
- Conducting administrative reporting
2016
AWS Security Fundamentals
This self-paced course is designed to introduce you to fundamental cloud computing and AWS security concepts including AWS access control and management, governance, logging, and encryption methods. It also covers security-related compliance protocols and risk management strategies, as well as procedures related to auditing your AWS security infrastructure.
Nessus Deployment — Tenable University
Nessus Scanning — Tenable University
Nessus Analysis and Reporting — Tenable University
2011
ITIL-F HDAA, Melbourne
This certification verifies that support center professionals possess the knowledge of the ITIL® framework necessary to support an ITIL initiative. ITIL Foundation certified individuals have demonstrated their awareness of the ITIL processes and terms and satisfied the prerequisite requirement for pursuing additional ITIL certifications.
Education
2005-2006
Customised Course, EXCOM Education, Melbourne, VIC, AUS.
Given my previous credits earned in my diploma, I sat a customised course at EXCOM Education which consisted of the CompTIA A+ Hardware and Software Course and the Career Builder Course. Once completed I was hired by EXCOM.
2004-2006
Diploma of eBusiness Support, Computer Power Training Institute, Melbourne, VIC, AUS.
The course provides the comprehensive training needed in today’s business world to develop and support electronic business solutions. Completion of the course includes the attainment of two of the industry’s highly sought, globally recognised vendor certifications:Microsoft Certified Professional and either a CompTIA i-Net+ or Red Hat Linux Certified Technician certification.
2003
VCE, Successfully completed Year 12 and achieved my VCE, State School FTW.
Conference activity
2024
CrowdStrike CrowdTour 2024
Speaker, Falcon Complete MDR response to SCATTERED SPIDER.
I spoke @ both the Sydney and Melbourne CrowdTour events on how Falcon Complete is protecting our customers from Scattered Spider. The talk focused on a ‘behind the scenes’ look at how we work with our platfrom and friends in Counter Adversary Operations to proactively and reactively thwart this agressive Threat Actor.
I also provided guidance, both Falcon specific and genrally to assist customers/prospects etc to strenghten their Security posture against the most common TTPs that we see this TA abuse.
2019
BSides Melbourne 2019
Speaker, Strengthening Security in a Post-Incident World.
I spoke @ the inaugural BSides Melbourne 2019 on “Strengthening security in a post-incident world”
The structure of my talk was to talk about the incident, who we are, the legislative landscape that we faced, the challenges we saw and how to strengthen security from the lessons we learnt, both technical and non technical.
The goal of the talk was to share with the wider Security community what happened, share knowledge and leanings, and give attendees easy to implement suggestions for potential uplift at their own companies.
Interests
Come on, we covered this above… OSINT. Hit up my then we can talk or or or
Languages
Native: English
Basic: None, yet, hopefully Italian soon :)
Personal
Birth date: I’m likely applying for a Security role, so adding this should fail me instantly. Plus you don’t need this information at this stage of the recruitment process anyway.
Citizenship: Australian Citizen
Clearances: None currently, eligible and willing to obtain
Family: Married, Dad to two
References
Available on request only..
Source
Clone away, help yourself..