James Spalding

Regional Security Manager, Mastercard Australasia

James primary focus is to drive our security objectives in Australasia region on information, cyber and physical security risk matters including providing advisories and consultation to stakeholders and overseeing smooth delivery of day-to-day security operations and programs. James and the Regional Security Team drive the engagement and promotion of public-private-partnerships across Asia Pacific to disrupt, deter and prevent criminal activity.

Sajeeb Lohani

Global Head of (Director) Cybersecurity, Bugcrowd

Sajeeb Lohani is the Global Head of (Director) Cybersecurity at Bugcrowd and a Sessional lecturer at the University of Melbourne. Sajeeb holds OSCP and OSWE. Constantly passionate about contributing to and improving open source security software, Sajeeb is a core contributor and co-developer of Interlace, a popular open-source project used for organizing and automating penetration testing workflows. Sajeeb is also ranked within the top 40 of Bugcrowd and #2 in DVuln. Sajeeb loves all things automation and enjoys solving complex cybersecurity problems with creative solutions.

Ben Christian

Security Engineer, Bugcrowd

Ben Christian is a security engineer at Bugcrowd. Simultaneously pursuing a degree in Computer Science at the University of Technology Sydney (UTS), Ben has a passion for cybersecurity that extends beyond his professional role. As the Director of Partnerships for the UTS Cyber Security Society, he is responsible for forging relationships with industry partners that facilitate networking, education, and career development opportunities for students. Prior to assuming this role, Ben served as the society’s President in 2022, during which he demonstrated outstanding leadership and significantly contributed to its expansion, including running CSECcon for the first time.

Andy Vermeulen

Andy worked a full-stack web app developer for a range of companies over a 20 year period. After getting frustrated with inefficient testing, slow release processes and fragile operating environments, he got involved with Cloud infrastructure and Dev(Sec)Ops. For the last ~6 years Security has taken the forefront and Andy now leads the Security function at Rokt, where he is responsible for Application and Cloud security.

Montii Abid

Montii Abid is an accomplished cybersecurity professional with an impressive career spanning over a decade, marked by extensive expertise and technical acumen. His commitment to knowledge and innovation is evident in his academic pursuits and practical experience.

With a diverse client portfolio encompassing pivotal sectors like banking, logistics, and healthcare, Montii’s influence resonates across multiple industries. Recognized as an authority in cybersecurity, he skillfully employs leading vendor solutions to fortify the security of Australia’s major government, financial, and healthcare institutions.

Montii’s expertise transcends conventional security solutions, as he orchestrates the entire lifecycle of cybersecurity incidents, nurturing a profound grasp of this critical domain. In addition to his technical finesse, his dedication to effective communication and collaboration underscores his pivotal role in driving synergy across diverse technical teams.

His adeptness in client management positions Montii as a trusted advisor, offering tailored solutions and strategic guidance to esteemed clients. Beyond his professional capacities, his devotion to cybersecurity education shines through. He passionately shares industry insights and practical wisdom, fostering growth and awareness within the IT community.

Montii’s ongoing contributions to the field signify his unwavering passion for excellence and innovation.

Cam La

Cam is a passionate technologist with a lifelong dedication to leveraging technology, data, and ingenuity. She thrives on collaborating with talented individuals to tackle challenging problems that create real impact.

With expertise in Digital Forensics Incident Response (DFIR), information compliance, data analytics, and product development, Cam excels at bridging the gap between physical and digital realms across various industries. As a skilled navigator during uncertain times, she is known for combining security, engineering, and curiosity to chart a path forward and lead others on the journey.

Cam’s true passion lies in mentoring and empowering individuals, teams, and organizations to reach their full potential, fostering an environment where everyone can shine.

Jenny Yang

UTS:CSEC

The UTS Cybersecurity Society will be hosting this panel.

Sharath Shamachar

Jamie McPherson

Cyber Security Consultant, Phronesis Security

Jamie McPherson is a Cyber Security consultant and alumni of UTS, with a knack for developing highly tailored incident response plans. Jamie has been the cyber guardian for numerous non-profit organizations and critical infrastructure providers across Australia.

Jamie’s expertise doesn’t just stop at creating robust security frameworks. He’s also a pro at conducting threat and risk assessments, Tabletop exercises and various other security functions, His work with a major NSW Government department and Australian tech start-ups are testaments to his skills.

And did we mention he’s a creative? Jamie’s digital art, especially his vintage horror and streetwear designs, are as captivating as his cybersecurity strategies. As the creative lead for Phronesis Security, he ensures that cybersecurity isn’t just safe, but also stylish!

With a Bachelor of Science in Information Technology and a Diploma of Innovation from the University of Technology Sydney, Jamie is a perfect blend of technical expertise and creative genius. Relevant Experience Development of a highly tailored incident response plan for a large Australian charity utilising a hybrid cloud environment and delivery of an education workshop for business unit heads and supporting IT staff.

Development of Incident Response plans for 5 non-profit organisations over the last 12 months - each with radically different security maturity.

Development of information security policies, standards and procedures using the ISM, ISO27001 and NIST-CSF frameworks for an Australian critical infrastructure provider.

Undertaking an incident response and business continuity assessment for a major NSW Government department using the NSW Mandatory 25 and ISO 27002:2022, and development of a subsequent crisis simulation workshop.

Threat and risk assessment and reporting for a leading Australian charity using ISO 31000 and multiple security control frameworks.
ISO 27001 and SOC 2 gap assessments and control coverage mapping for an Australian technology start-up as part of international expansion planning.
Security Clearance Nationally Coordinated Criminal History Check (3690496)
Certifications and Education CompTIA Security+
ISC2 Certificate in Cybersecurity
Bachelor of Science in Information Technology (University of Technology Sydney)
Diploma of Innovation (University of Technology Sydney)
Fun Facts

• Recipient of innovation award for designing and building stable mag-lev design.
• Competitive Mechatronics Champion - RoboCup Japan (2017), two-time Australian representative, and three-time national RoboCup champion.
• Digital artist with a speciality in vintage horror and streetwear designs, and proud lead creative for Phronesis Security’s merchandise.

Queen Aigbefo

Cyber Security Consultant, Phronesis Security

Meet Queen Aigbefo, the reigning monarch of the cybersecurity world! With a name that perfectly mirrors her regal prowess, Queen has been making waves in the realm of information security with her innovative strategies and insightful leadership.

Queen’s journey is nothing short of impressive. She holds a Doctorate in Corporate Governance and a Master’s of Research in Security Behaviour Intention and Science in IT Management. Her certifications in Cybersecurity, Project Management, ITIL V4 Foundation, and GDPR compliance further solidify her standing as an expert.

Her professional achievements are equally remarkable. From developing an ISO27001:2013 information security framework for an Ombudsman agency, to conducting simulated phishing training for an Australian Primary Health Network, Queen’s work has been instrumental in bolstering cybersecurity resilience across various sectors.

But Queen isn’t all about cyber. She’s also a fitness enthusiast who loves stationary biking, lifting weights, and boxercise. And when she’s not busy fortifying cybersecurity systems or breaking a sweat, she’s likely to be found with her headphones on, engrossed in a podcast.

Tai Tran

Cyber Security Consultant, Phronesis Security

Introducing Tai Tran, Phronesis Security’s Cyber Security Consultant extraordinaire! With a keen eye for detail and an approachable demeanour, Tai has been working on bolstering the cyber security landscape across Australia. His impressive portfolio includes the remediation of incident response capabilities for a whopping sixteen NSW Government agencies and the development of an ISO 27001-aligned Information Security Management System for an Australian critical infrastructure provider.

But Tai’s expertise doesn’t stop at cyber security. He’s also a whizz at process automation and quality assurance, having served as the Technical Operations Director for a creative logistics firm.

When he’s not busy fortifying cyber security systems or leading business continuity programs, Tai can be found on the tennis court perfecting his serve or lacing up his running shoes for a quick sprint. He’s also a high-tech planted aquarium enthusiast and has even designed and built an urban off-grid solar power generator and battery.

Knowledgeable, helpful, and always up for a laugh, Tai brings a unique blend of expertise and enthusiasm to the cyber security field. Whether he’s troubleshooting a complex issue or sharing his latest aquarium addition, Tai’s passion for his work is truly infectious.

UTS Programmers' Society

An ActivateUTS student-run society

ProgSoc is a club for all programmers who want to find fellow coders and learn more about programming. Join us to showcase your skills and get help from other programmers, or just hang out and have fun, even if you’re a beginner. We’re welcome to all beginners, and are happy to help you learn more about the field, as well as helping out with different programming subjects, or just generally talking about the industry! We host regular events such as workshops, and occasional competitions and hackathons, as well as having an active Discord community where members can share anything interesting they find as well as asking for help.

"Alex"

Alex works on the Red Team at Atlassian, committing cybercrimes and then writing very, very detailed confession letters. They’re known for one time using Inspect Element to find the passport number of former Australian Prime Minister, Tony Abbott, inadvertently entering into the Do Not Get Arrested Challenge. You can read about that story at https://mango.pdf.zone

Santiago

Santiago is a founding member of Canva’s Detection & Response team. Since late 2021, he has been bolstering Canva’s defenses. Santiago was a security incident responder who kicked baddies out of the network and set up alarms to catch them before they could do any harm. Nowadays he’s solving different kinds of security problems like ensuring users are safe when using their endpoints.

Alexei Doudkine

Lover of hacking, car mods, dogs, climbing and trance! Alexei is the Co-Founder and Offensive Director of Volkis, who has been doing some form of hacking for over 10 years. He’s passionate about teaching and helping those close to him stay safe in the worldz of the cyberz.

Dan Conway

Dan Conway is a researcher and consultant in human cognition and behaviour. His major focus is on cyber security and information technology and specifically understanding and predicting the ‘human in the loop’ of our global data networks. His approaches are based on an extensive work history in cognitive psychology research, User Experience (UX) practice, product development, design and management. An engaging public speaker, he delves deep into the minds of the ‘every-day’ user and, drawing on cutting edge research, extends our understanding on why people so often make poor decisions - and how we can make them make better ones. Since traditional awareness approaches to staff mitigation efforts are increasingly being seen to be ‘not sufficient’ to change behaviour and develop a truly actively secure and resilient workforce, Dan is a champion of the ‘Beyond Awareness’ approach to cyber security. His work with major Australian financial institutions, the NGO sector, and small businesses means that he has a wealth of real-world, situated experiences to share. The mind is truly the final battleground for cyber security.

Max Caminer + DUCTF Crew

Max Caminer is the Founder/President of DownUnderCTF and a Senior Penetration Tester at Trustwave. Max was also a former member of the UTS CSEC Leadership team in 2020 where he held the position of President. Max is also incredibly passionate about CTFs as that is how he was first interested into the Cyber Security industry.

DownUnderCTF is an international CTF competition that is focused on upskilling Australian Tertiary and Secondary school students and is currently the largest CTF in the southern hemisphere with over 4000 registered users (2021). The CTF provides a range of different challenge categories and for all difficulty levels.

Kris Hunt

Kris Hunt is a senior staff security engineering manager at Google. Over the past 18 years he has focused on the defensive side of cyber security and enjoys nothing more than hunting for advanced persistent threat actors. Keeping him busy these days is his role leading teams of security engineers who innovate and evolve Alphabet’s detection systems to match the ever increasing sophistication of attackers.

Ian Szklinski

Ian is a Cyber Security Engineer with experience in building and operationalizing capability within the startup/scaleup space. TBH can’t think of something and want to make sure I submit before the deadline.

Alex Hill

Learn how organisations keep messing up CI/CD pipeline runners (what even is a runner…?) and a practical walkthrough of how red teams abuse these mistakes. You will come away fully weaponised to identify and break the most commonly used runner platforms; lookin’ at you GitHub.

George Dan

George is a Senior Technical Specialist at Trustwave. Based in Canberra, he focuses on federal government clients and leading the penetration testing effort there. In his spare time, he spends a bit too much time playing video games (PC master race btw).

Pedram Hayati

Dr. Pedram Hayati is a security researcher who strives to close the knowledge gap among security and software practitioners. He has performed hundreds of security audits for Fortune 500, published over 25 zero-days, reported thousands of security vulnerabilities and led a global penetration testing team. His experience is backed by his strong academic qualification and PhD in Information Security. Currently, Pedram has put his passion in building SecDim, a boutique AppSec academy, where he and his team build the most accessible, comprehensive and open training content for addressing security vulnerabilities in modern apps/dApps. Aside from SecDim, he lectures an advanced cyber security master course at UNSW (Australian Defence Force Academy) and is the founder of SecTalks.org, the largest non-profit multinational technical security community. He has spoken at a number of top security conferences namely HITB Netherlands, BSides, and AusCyber. His research on cloud security and honeypots have received global media coverage in The Register, Computer Security, and Insecure Magazine

Darsh Shah

Darsh is a security engineer based in Eora (Sydney) focusing on defensive security and threat detection. He is a UTS & CSEC alumni and still misses Uni Bros sometimes. In his spare time, he goes out to too many live music gigs and take terrible photos in 35mm film.

Laura-Rose Carbone

Laura-Rose has experience growing cyber security software business from the ground up, leading the go to market for new product launches and has been awarded global and regional awards in the technology industry. Laura-Rose has a unique background, having working in marketing for a number of years since completing her undergraduate degree - before making a leap into sales focused cyber security role. Laura-Rose is increasingly fascinated by technology and the way it shapes the world, particularly its impact on people, organisations and society, shaping her insatiable interest in becoming a global technology leader.

Victoria Cheng, Tiara Wong, Eddie Zhang

Victoria is the Director of partnerships at UTS:CSEC and is a motivated student currently in her final year of a double degree in Business and I.T. Gudetama is her spirit animal.

Tiara is a passionate business and IT student who is also currently employed as a Security Engineer at Willow Inc. She prides herself on her problem solving skills and doesn’t back down from a challenge. Although she previously worked for multiple cosmetics brands, she’s terrible at drawing on eyebrows.

Eddie helps make things more secure. He’s currently employed as the AppSec Lead at Willow Inc. Outside of security, he like climbing up fake rocks in warehouses.

Cole Cornford

Cole has been working across software engineering and security for a decade. Initially beginning his career in freelance development, he moved into the Application Security space and championed programs at federal agencies, banks, telcos, nfps, and tech companies.\n\nCole now runs his own shop, Galah Cyber, that’s helping companies get their software engineering straight, and keeping enterprise software secure.\n\nOutside of work Cole has a baby daughter on the way so he’s curating a list of dumb plush animals for his wife to say no to, watching majoras mask randomizers, and trying to work out how to stop weeds from growing in his garden. It’s just too hard. :(

Sean Duca

Sean is Vice President and Regional Chief Security Officer for Asia Pacific & Japan at Palo Alto Networks where he works on the development of thought leadership, threat intelligence and security best practices for the cyber security community and business executives.\n\nWith more than 20 years of experience in the IT and security industry, he acts as a trusted advisor to organisations across the region and helping them improve their security postures and align security strategically with business initiatives.\n \n Prior to joining Palo Alto Networks, he spent 15 years in a variety of roles at Intel Security (McAfee), with his last position as the Chief Technology Officer for Asia Pacific. Before this, Sean was involved in software development, technical support and consulting services for a range of Internet security solutions.