EXPERT TEAM

Ajay Unni is the CEO and founder of StickmanCyber, a specialist information security firm dedicated to helping businesses mitigate their cybersecurity risk through a combination of strategy, governance, prevention, monitoring, detection, and response.

With over 30 years of IT industry experience (15 of those in cybersecurity), Ajay has worked with all levels of management across multiple corporate domains to help businesses build, implement, and drive their cybersecurity strategies and initiatives forward. Ajay’s unique and extremely dynamic approach to business, service and delivery has made him an influential figure in the cybersecurity sphere and along with his vast experience, has afforded him the respect of many highly regarded corporates, both at home and abroad, some of which include:

• - SG Fleet Group
• - Ausgrid
• - Chartered Accountants ANZ
• - Australian Financial Crimes Exchange
• - National Storage
• - 24-7 Health
• - Brisbane Airport
• - The ICONIC
• - Australian Clinical Labs
• - Cover-More
• - Australian Institute of Business

Ajay's extensive knowledge and expertise has also seen him:

• - Selected as a member of the 2020 NSW Government's Cyber Security Task Force (a carefully curated group of experts tasked with accelerating the adoption of industry standards for cybersecurity across Australia) and contributor to the 2021 NSW Government Cybersecurity Strategy.
• - Elected as a company director with CREST Australia New Zealand Ltd; a not-for-profit organisation that provides cybersecurity accreditation for companies, individuals and corporate entities and promotes the provision of high quality, best practice information security services.

Driven by strong company values that form the critical pillars of the entire StickmanCyber business – respect, integrity, care, passion, and authenticity, in the relentless pursuit of excellence and to the complete satisfaction of StickmanCyber customers – Ajay and his growing team of dedicated information security specialists have solidified StickmanCyber's reputation in the industry as a strong and consistent performer and trusted partner.

Qualifications

Bachelor of Computer Science
Masters in Information and Communications Technology

Certifications

• - Payment Card Industry Qualified Security Assessor - PCI DSS QSA
• - Certified Information Systems Auditor (CISA)
• - Lead Implementer in Information Security Management Systems, based on ISO/IEC 27001:2013
• - Certified Data Privacy Solutions Engineer (CDPSE)

Experience

30+ years of IT industry experience
15 years in cybersecurity

Projects

• - Contributor to the 2021 NSW Government
• - Cybersecurity Strategy
• - Member of the 2020 NSW Government
• - Cybersecurity Task Force
• - Program Management
• - Major Bid Management
• - Technology Leadership
• - Building Alliances
• - Secure Innovation
• - Executive Advisory
• - Crisis Management
• - Cyber Solution Architecture
• - Enterprise Architecture

Muralee Krishnan is a Senior Security Consultant with more than 10 years' experience performing cybersecurity assessments, privacy impact assessments, security solution design, architecture, and implementation. Muralee has strong knowledge on the Australian Privacy Principles (APPs), Australian Government Information Security Manual (ISM), NIST Cybersecurity Framework, PCI DSS and ISO 27001. Muralee has expertly designed and assisted in the deployment of various critical security solutions for payment gateways, payment integrators, e-commerce and mobile commerce entities, including a number of high-profile institutions across the banking and finance sector. Muralee is an engaging senior member of staff who supports both his peers and clients through thoughtful collaboration and understanding. He is a proven leader and mentor and has developed an enviable reputation which is why his expertise is frequently requested by our clients.

Qualifications

Masters in Computer Science – Computer Software Engineering

Masters in Computer Science – Management Information Systems

Certifications

• Payment Card Industry Qualified Security Assessor - PCI DSS QSA
• ISO 27001 Lead Implementer
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)

Experience

10+ years of information security experience

Projects Worked/Specialities

• Cybersecurity Assessments and Implementation
• Cybersecurity Solutions and Architecture
• PCI DSS Compliance Information Security Assessments
• ISMS Implementation (ISO 27001)
• Compliance and Business Process Analysis
• Privacy Impact Assessments (PIAs)

Paul dos Santos is a senior IT security professional who began his career in IT infrastructure operations, before moving into managed services, where he developed his skills in network and security architecture. Paul’s focus over the last 15 years has centred around cybersecurity risk and gap assessments, security architecture, operations, and cybersecurity strategy initiatives. Paul has worked closely with publicly listed organisations, government agencies, councils, large multinationals and SMBs, helping them develop and mature their business and information security controls, processes and strategies. Paul has gone on to represent such clients as their cybersecurity SME or CISO. Paul has also been involved in 'blue teams', is an experienced security incident responder and threat hunter, and has managed security operation centres. Over his career, Paul’s experience has given him an in-depth knowledge of IT architecture end-to-end, blended with security incident response and cybersecurity assessment experience, enabling him to have a deep understanding of customer environments. He also brings considerable expertise in ISO 27001, NIST and COBIT frameworks to the StickmanCyber team. Paul is meticulous in his approach, driven by customer service and is an empowering mentor to junior team members.

Qualifications

Associate - Chartered Governance Institute of Southern Africa

Certifications

• Certified Information Systems Auditor (CISA)
• Certified Data Privacy Solutions Engineer (CDPSE)
• AGIA – Associate - Governance Institute of Australia
• Comptia Security+
• Information Technology Infrastructure Library (ITIL) Framework
• Microsoft Certified Professional (MCP)
• Security Vendor Accreditations (multiple)

Experience

• 25+ years of IT industry experience
• 15 years in cybersecurity

Projects Worked/Specialities

• IT Network and Security Architecture
• Security Risk Assessments and Audits – ISO 27001, NIST, COBIT
• Security Operations Management
• Incident Response
• Threat Hunting
• Cybersecurity Strategies
• CISO as a Service

Over the last 7 years, Priyanka Raghavendra has managed numerous information security projects for StickmanCyber clients, as well as defining project management processes and best practices for internal security teams. Priyanka's move into an operations management role was based on her success managing multiple high-profile projects and various operational activities for the business. Priyanka has shown considerable expertise in vendor management and recruitment, and can effectively manage both project and business budgets. She is a responsible team leader who provides guidance and encouragement, to ensure staff achieve optimal results when meeting project goals. Priyanka's ability to excel in a cross-functional management role makes her a key member of the StickmanCyber team.

Qualifications

Masters in Business Administration

Certifications

Experience

7 years' experience in project management

Projects

• Project Management
• Business Operations

Before joining StickmanCyber in 2018, Peta spent 15 years in the banking and finance sector. Her career began on the IT Helpdesk, before moving into a joint procurement and telecommunications role within the IT Finance Department where she managed a country-wide corporate mobile plan and assisted in the rollout and training of a global procurement system. From there, Peta took a project leadership role working on annual reports and other compliance documents for another large financial institution, where she stayed for the next 6 years. Since joining StickmanCyber in 2018, Peta has been involved in a number of major projects, including the implementation of an ISMS (ISO 27001) and Cybersecurity Strategy, and Assessment against the NIST Cybersecurity Framework as well as providing InfoSec Office consultancy services and Customer Relationship Management for StickmanCyber's Managed Services clients. Peta is incredibly client-focused and prides herself on delivering to an exceptionally high standard, as is evidenced in the attention to detail she applies to her work.

Qualifications

Proofreading and Editing – CCE, University of Sydney The 7 Habits of Highly Effective People (FranklinCovey) Introduction to Project Management.

Experience

6 years' experience working on financial services projects, writing, editing, and proofreading business and compliance documents.

3 years' experience on information security projects - ISO 27001, NIST, ISMS and strategy implementation, mandated and organisational document development, InfoSec Office admin activities and Customer Relationship Management.

Projects

• ISMS Implementation (ISO 27001 Certification) Project
• ISO-Mandated Document Development
• Organisational Policy and Procedure Development
• Cybersecurity Uplift Project – NIST Cybersecurity Framework
• Cybersecurity Strategy Implementation Project
• Customer Relationship Management

Maria Hadi is a skilled information security consultant with 9 years' experience in cybersecurity. Maria specialises in information technology, privacy, project management and compliance and has built her expertise working on challenging projects that require a unique and considered approach. She is adept at planning and has a proficiency for security audits (application and firewall), assessments (network security, vulnerability, APRA and IRAP) and working with key clients to achieve compliance to internationally recognised standards and frameworks (PCI DSS and ISO 27001). Maria's technical expertise allows her to positively engage with stakeholders at all levels and effectively manage a variety of security projects.

Qualifications

Masters in Information Technology – Information Security

Bachelor of Computer Software Engineering

Certifications

• PCI DSS V3 Foundation
• Auditor/Lead Auditor – ISMS, ISO/IEC 27001:2005
• fied Information System Auditor (CISA)
• Associate Qualified Security Assessor (AQSA)
• Certified Information Security Manager (CISM)
• Certified Data Privacy Solutions Engineer (CDPSE)

Experience

9 years of information security experience

Projects

• Cybersecurity Assessment and Implementation
• PCI DSS Compliance and Assessment
• Security Risk Assessments and Audits – ISO 27001, NIST
• ISMS Implementation (ISO 27001)

Ananthu Shaji is an Associate Quality Security Assessor (PCI DSS AQSA) with 7 years' experience in information security consultancy, both at home (Sydney, Australia) and abroad. Ananthu specialises in PCI DSS, ISO 27001 and 27002, NIST Cybersecurity Framework, and IT security consulting and works closely with the Security Operations Centre (SOC) on vulnerability assessments and sensitive data discovery scans. He is a well-respected team member whose expertise allows him to apply a flexible, yet measured approach to meet individual client requirements, regardless of the project size or nature.

Qualifications

Bachelor of Computer Science and Technology

Masters in Information and Communications Technology (Advanced)

Certifications

• PCI DSS Associate Qualified Security Assessor (AQSA)
• ISMS Lead Auditor
• AlienVault Certified Security Engineer
• Certified Information Security Manager (CISM)
• Certified Data Privacy Solutions Engineer (CDPSE)

Experience

7 years of information security experience

Projects Worked/Specialities

• PCI DSS Assessments
• ISO 27001 Audits
• ISO 27002 Implementation
• NIST Cybersecurity Framework
• Risk Management
• Security Operations Centre (SOC): AlienVault
• Sensitive Data Discovery Scans
• Vulnerability Assessments

Abartan Dhakal is a highly talented penetration tester, who has established himself in the industry as a top tier pen tester. He is adept at both vulnerability assessments and penetration testing (VAPT). Abartan is currently listed on over 40 ‘Hall of Fames’, some of the most notable being Google, Intel, Twitter and the US Department of Defence. More recently, he was honoured as one of only two ambassadors in the AU region (one of 19 ambassadors worldwide) for Bugcrowd – one of the top bugbounty platforms linking ethical hackers and businesses. Abartan is a consistently strong performer and 'outside the box' thinker who sets the bar high to not only challenge himself but to deliver beyond client expectations.

Qualifications

Bachelor of Information Technology

Certifications

• Certified Ethical Hacker (CEH) Practical

Experience

4 years' experience in offensive security

Projects Worked/Specialities

• Vulnerability Assessment and Penetration Testing (VAPT): 
  • - Web Application 
  • - Mobile Application 
  • - API 
  • - Red Teaming and Social       Engineering
  • - Network
• Burp Suite Mastery
• WordPress
• Agile Development and SCRUM
• HTML and CSS
• Bash and Python

Madhan Kumar is a Level 2 Security Analyst in StickmanCyber's Security Operations Centre (SOC) who for the past three years, has been honing his skills in Security Operations Management, Threat Hunting, Vulnerability Assessment and Security Incident Management. As a Level 2 Analyst, Madhan works across multiple customer environments monitoring log ingestion, security events, and analysing and reporting on threats and vulnerabilities. He has expertise in multiple SIEM tools, endpoint security, Windows and network administration and is always working to expand his technical knowledge.

Qualifications

Electronics and Communications Engineering

Security Information and Event Management

Certifications

• Qualys Certified Specialist
• Network+

Experience

4 years of IT industry experience

Projects Worked/Specialities

• Security Operations
• Security Incident Management
• Threat Hunting
• Information Security
• Awareness
• IT/Network Administration
• Log Ingestion
• Vulnerability Assessments