Client-focused, big-picture thinker, affable.
David is passionate about making sure his clients succeed. An inveterate enthusiast, he helps his clients become more innovative and effective in their operations by evaluating and adopting the right cutting edge technologies to meet their needs. David is a highly sought-after expert in the rapidly growing field of Big Data analytics, more specifically with tools such as Splunk and Artificial Intelligence technologies, and robotic process automation.
David has over 14 years of experience delivering audit and security expertise in the area of IT risk management to a wide range of sectors. He has proven knowledge and experience in the delivery of information technology audits for large organizations that typically include complex application, database, network, server and virtual infrastructure. He also has considerable experience in delivering security controls solutions and audits against statutory and compliance standards. In particular, David focuses on IT audit (Service Auditor Reporting, WebTrust for CA), IT audit remediation, Root key generation witnessing and security consulting services.
His strong background and understanding of business and IT strategy and process helps to bridge the business and technology requirements of his clients in harmony.
Fields of expertise
- Cloud security
- Robotic Process Automation
- Artificial Intelligence
- Information security, privacy and threat risk assessments
- Third-party control audits (including SOC audits and WebTrust for CA)
- Readiness assessments and service auditor reports (SOC reporting) under AICPA/CPA Canada guidelines
- Implementation and audit against statutory and compliance standards and frameworks
- ISO 27001 gap assessments Information security policy frameworks and lifecycle management
- Splunk Certified User, Splunk Power User and Splunk Certified Administrator, 2018
- Certified in Risk and Information Systems Control (CRISC), 2011
- Certified Information Systems Security Professional (CISSP), 2009
- Certified Information Systems Auditor (CISA), 2005
- A+ Certified Technician, 2000
- B.Sc., (with honours), University of Toronto, 1999
- Diploma in Computer Programming and Operating Systems, (with honours), Seneca@York, School of Computer Studies, 2001
Professional and community involvement
- International Information Systems Security Certification Consortium (ISC2) – Member, since 2008
- Information Systems Audit and Control Association (ISACA) – Member, since 2005