Carolina Velasquez
Sydney,NSW
Summary
Dynamic professional pivoting into cybersecurity with 15+ years of expertise in customer support, leadership, compliance, and operations within healthcare and business environments. Industry experience in cyber across web application, vulnerability assessments, risk management, and incident response planning. A proven track record of problem-solving, stakeholder communication, and process improvement to strengthen security outcomes in complex organisations.
Overview
20
20
years of professional experience
Work History
Security Analyst (Project-Based)
Jenni.ai – Infrastructure Vulnerability Assessment
07.2025 - 09.2025
- Conducted an unauthenticated external vulnerability assessment of Jenni.ai’s web applications and cloud infrastructure (Vercel & Google Cloud).
- Simulated real-world attacker scenarios to identify exploitable security weaknesses.
- Tools used: Black Kite, OWASP ZAP, OpenVAS, Nessus Essentials, nMap.
- Delivered a final report with prioritised vulnerabilities and remediation recommendations to the client's CTO.
Security Analyst (Project-Based)
Wilderlands – Incident Response
05.2025 - 06.2025
- Designed an Incident Response Plan for Wilderlands, including ransomware and AWS root access playbooks.
- Applied NIST and ISO 27035 frameworks to create practical detection, containment, and recovery processes.
- Collaborated with CTO and mentors, presenting final solutions to stakeholders.
Security Analyst (Project-Based)
Wilderlands – Risk Assessment
03.2025 - 04.2025
- Conducted an evidence-based risk assessment aligned with ISO 27005 principles and threat modelling.
- Developed a risk register and treatment plan addressing vulnerabilities in Wilderlands’ digital infrastructure.
- Delivered findings directly to the CTO and industry mentors.
Security Analyst (Project-Based)
Tap4Change – Web Application Vulnerability Assessment
01.2025 - 02.2025
- Performed a web application vulnerability assessment based on the OWASP Top 10 methodology.
- Identified high-risk vulnerabilities and recommended mitigation strategies.
- Collaborated with the client CTO and presented results to stakeholders.
Practice Coordinator
Natural Dentistry
11.2022 - Current
- Led governance, risk, and compliance (GRC) functions, including successful ADA accreditation audit.
- Conducted risk assessments and WHS audits ensuring compliance with safety regulations.
- Managed sensitive patient records, billing data, and privacy controls, applying principles of data protection.
- Conducted risk assessments and WHS audits, ensuring compliance with safety regulations.ditation audit. ,
Co-Founder & Director
Kids Circle PTY LTD
03.2016 - 08.2022
- Directed operations for an after-school and holiday program, ensuring compliance with childcare regulations.
- Oversaw secure payment systems and enrolment records, maintaining data integrity and confidentiality.
- Managed recruitment, training, and staff compliance with governance standards.
- Coordinated vendor relationships and program risk management.
Practice Manager
Dentist In The Park
11.2005 - 04.2016
- Managed daily operations of a busy dental practice, ensuring compliance with healthcare and privacy regulations.
- Oversaw confidential patient data management, billing, and secure payment processing.
- Coordinated vendor procurement and compliance with health and safety standards.
Education
Harness Projects
Project-Based Cybersecurity Projects01-2025
Diploma of Business (Frontline Management) -
MEGT Institute
Sydney, NSW2006
Business Preparation Program -
Macquarie University
Sydney, NSW2005
Bachelor of Science - Dentistry
Universidad Central De Venezuela
Caracas, Venezuela 2004
Languages
English
Full Professional
Spanish
Native or Bilingual
Interests
Cybersecurity & GRC:
- Vulnerability Assessment (OWASP ZAP, Nessus, OpenVAS, nMap, Black Kite)
- Governance, Risk & Compliance (GRC)
- Risk Assessment & Threat Modelling (ISO 27005)
- Incident Response Planning (NIST CSF, ISO 27035)
- Web Application Security (OWASP Top 10)
- Cloud Security (AWS & GCP basics)
- Data Privacy & Protection
Business & Leadership:
- Governance & Compliance Management
- Risk Management
- Team Leadership & Staff Development
- Vendor & Third-Party Risk Management
- Stakeholder Engagement
- Presentation & Communication
- Adaptability & Initiative
Timeline
Security Analyst (Project-Based)
Jenni.ai – Infrastructure Vulnerability Assessment
07.2025 - 09.2025
Security Analyst (Project-Based)
Wilderlands – Incident Response
05.2025 - 06.2025
Security Analyst (Project-Based)
Wilderlands – Risk Assessment
03.2025 - 04.2025
Security Analyst (Project-Based)
Tap4Change – Web Application Vulnerability Assessment
01.2025 - 02.2025
Practice Coordinator
Natural Dentistry
11.2022 - Current
Co-Founder & Director
Kids Circle PTY LTD
03.2016 - 08.2022
Practice Manager
Dentist In The Park
11.2005 - 04.2016
Harness Projects
Diploma of Business (Frontline Management) -
MEGT Institute
Business Preparation Program -
Macquarie University
Bachelor of Science - Dentistry
Universidad Central De Venezuela
Achievements
- Delivered four cybersecurity projects for live clients in 2025, collaborating with CTOs and presenting findings to stakeholders.
- Gained hands-on cybersecurity experience through project-based work while leveraging 15+ years in governance, compliance, and operational risk management to strengthen security recommendations.
- Led ADA accreditation and WHS audits at Natural Dentistry, demonstrating strong risk and compliance management aligned with industry standards.