John Kouroutzoglou
Brighton Le-Sands,Australia
Summary
With a proven track record at Drive Yello, I spearheaded ISO 27001 compliance and enhanced AWS security, showcasing my expertise in privacy & data protection and leadership. My strategic approach to cyber incident management and ability to lead teams through complex security enhancements underline my comprehensive skill set in safeguarding digital assets.
Overview
9
9
years of professional experience
Work History
Information Security Manager (Contractor)
Drive Yello
01.2024 - 10.2024
- Spearheading ISO 27001 compliance initiatives
- Enhancing security protocols for AWS and Google platforms
- Leading DevSecOps security enhancements
- Conducting comprehensive security awareness training
Cyber Security & Compliance Officer (Contractor)
Fat Zebra
06.2023 - 09.2023
- Directed the transition of PCI DSS from v3.2.1 to v4.0
- Streamlined vendor security questionnaire processes
- Managed and enhanced vulnerability assessments in AWS
- Overhauled third-party due diligence procedures
- Evaluated security controls for portable devices
- Provided strategic advice on SOC 2 compliance
Security Specialist
Reejig
12.2021 - 03.2023
- Established and formalized cybersecurity capabilities
- Implemented and maintained SOC 2 compliance standards
- Ensured continuous ISO 27001 compliance
- Conducted third-party security due diligence
- Oversaw AWS and G Suite security controls
- Developed and enforced security policies and architecture
- Delivered security awareness training to employees
Cyber Security Governance Lead (Contractor)
University of Sydney
05.2021 - 11.2021
- Managed NIST 800-53 compliance program for ICT services
- Developed robust security governance strategies
- Trained security analysts in advanced assessment and investigation techniques
- Conducted vendor and product due diligence
- Oversaw the pipeline of security governance projects
Senior Security Lead - Fraud (Contractor)
Service NSW
09.2020 - 03.2021
- Led a team of 15 fraud detection and investigation specialists
- Developed comprehensive fraud management strategies and policies
- Advised cybersecurity teams on risk assessments and testing
- Acted as the primary liaison between NSW Treasury and Service NSW for fraud management
- Provided expert advice on financial crime prevention and fraud detection tools
Information Security & Compliance Manager
Domain Group
05.2018 - 09.2020
- Introduced DevSecOps functions and AWS vulnerability management
- Implemented the NIST security framework across DevOps and enterprise divisions
- Developed data protection principles and an incident response playbook
- Established new security standards and policies
- Enhanced third-party due diligence processes
- Led external audits and managed cyber risks in joint ventures and acquisitions
Security Specialist Consultant (Contractor)
NSW Department of Education
08.2015 - 05.2018
- Bridged gaps in cybersecurity skills and knowledge
- Managed incident response and problem reviews
- Ensured compliance with ISO 27001 ISMS
- Conducted security awareness training for school principals
- Enhanced risk management and incident response processes
- Managed IT risk and student privacy obligations
- Reviewed architecture and design for on-premise and cloud platforms
Education
Cert IV - Security & Risk Management
Asset College
01.2017
Certificate of Cloud Security Knowledge (CCSK) -
Cloud Security Alliance
01.2014
ISO 27001 Lead Implementer -
PECB
01.2013
MBA -
University of Technology
Sydney01.2009
Certified Information Systems Security Professional (CISSP) -
ISC2
01.2005
Skills
- ISO 27001 Compliance
- SOC 2 Compliance
- Privacy & Data Protection
- Cyber Incident Management
- Fraud Detection & Prevention
- Security Testing
- Microsoft Office 365
- LogzIO
- CyberGRX
- Vanta
- ScytaleIO
- Tenable ASV
- Plerion
- Detectify
- AWS
- Kandji
- JAMF
- Google Endpoint Management
- Google Auth
- PCI DSS
- GDPR
- The Privacy Act 1988
- California Consumer Privacy Act (CCPA)
References
Available upon request
Timeline
Information Security Manager (Contractor)
Drive Yello
01.2024 - 10.2024
Cyber Security & Compliance Officer (Contractor)
Fat Zebra
06.2023 - 09.2023
Security Specialist
Reejig
12.2021 - 03.2023
Cyber Security Governance Lead (Contractor)
University of Sydney
05.2021 - 11.2021
Senior Security Lead - Fraud (Contractor)
Service NSW
09.2020 - 03.2021
Information Security & Compliance Manager
Domain Group
05.2018 - 09.2020
Security Specialist Consultant (Contractor)
NSW Department of Education
08.2015 - 05.2018
Cert IV - Security & Risk Management
Asset College
Certificate of Cloud Security Knowledge (CCSK) -
Cloud Security Alliance
ISO 27001 Lead Implementer -
PECB
MBA -
University of Technology
Certified Information Systems Security Professional (CISSP) -
ISC2
Similar Profiles
Tesha FordTesha Ford
Receptionist/Administrative Office Assistant at Yello MediaReceptionist/Administrative Office Assistant at Yello Media
Dishant ShahuDishant Shahu
Barista at Yello CafeBarista at Yello Cafe
Alexander KittelAlexander Kittel
Cook at Mello YelloCook at Mello Yello
MONIBA HABIBMONIBA HABIB
CLIENT CONNECT SPECIALIST at Get Healthy Services NSW Health- Remedy HealthCLIENT CONNECT SPECIALIST at Get Healthy Services NSW Health- Remedy Health
Alexander MeirauAlexander Meirau
Senior Salesperson at Harvey NormanSenior Salesperson at Harvey Norman