Client-focused, big-picture thinker, affable.
David is passionate about making sure his clients succeed. An inveterate enthusiast, he helps his clients become more innovative and effective in their operations by evaluating and adopting the right cutting edge technologies to meet their needs. David is a highly sought-after expert in the rapidly growing field of Big Data analytics, more specifically with tools such as Splunk and Artificial Intelligence technologies, and robotic process automation.
David has over 14 years of experience delivering audit and security expertise in the area of IT risk management to a wide range of sectors. He has proven knowledge and experience in the delivery of information technology audits for large organizations that typically include complex application, database, network, server and virtual infrastructure. He also has considerable experience in delivering security controls solutions and audits against statutory and compliance standards. In particular, David focuses on IT audit (Service Auditor Reporting, WebTrust for CA), IT audit remediation, Root key generation witnessing and security consulting services.
His strong background and understanding of business and IT strategy and process helps to bridge the business and technology requirements of his clients in harmony.
Fields of expertise
- Cloud security
- Robotic Process Automation
- Artificial Intelligence
- Information security, privacy and threat risk assessments
- Third-party control audits (including SOC audits and WebTrust for CA)
- Readiness assessments and service auditor reports (SOC reporting) under AICPA/CPA Canada guidelines
- Implementation and audit against statutory and compliance standards and frameworks
- ISO 27001 gap assessments Information security policy frameworks and lifecycle management
- Splunk Certified User, Splunk Power User and Splunk Certified Administrator, 2018
- Certified in Risk and Information Systems Control (CRISC), 2011
- Certified Information Systems Security Professional (CISSP), 2009
- Certified Information Systems Auditor (CISA), 2005
- A+ Certified Technician, 2000
- B.Sc., (with honours), University of Toronto, 1999
- Diploma in Computer Programming and Operating Systems, (with honours), Seneca@York, School of Computer Studies, 2001
Professional and community involvement
- International Information Systems Security Certification Consortium (ISC2) – Member, since 2008
- Information Systems Audit and Control Association (ISACA) – Member, since 2005
Risk Management Advisory
With change happening at an increasing pace, your company must innovate, adapt to better connect to your customers and suppliers, and streamline internal processes to grow with confidence.
Your company’s worst nightmare: a cyberattack paralyzes servers, puts confidential information and finances at risk, and threatens to compromise client data. How do you overcome it? Better yet, how can you avoid this?
Like it or not, in today’s rapidly shifting marketplace, if a business wants to stay competitive it not only has to “go” digital, it has to “be” digital.
Growth is exciting. But navigating the aspects involved in successful growth – particularly when it happens rapidly – can be one of the most complex challenges a business can face.