Hi, I'm Doug from DRJ-Consulting
Hi, I'm Doug from DRJ-Consulting
Embedded Files
High Quality Infosec Consulting Services
High Quality Infosec Consulting Services
I have over 30 years in the Information Security consulting field, supporting varied clients including Federal and State governments, Defence departments, through to multi-national organisations.
💻
💻
30 Years Exp.
30 Years Exp.
I have worked in computing fields since 1986, and IT Security specialised fields since 1999.
📰
📰
IRAP Assessor
IRAP Assessor
I was first registsred by the Defence Signals Directorate as an IRAP assessor in 2007.
🌟
🌟
50+ Agencies
50+ Agencies
As an information Security Consultant, I have supported over 50 State and Federal Government agencies as well as over 20 Private organisations
🥷
🥷
ISACA Membership
ISACA Membership
CISM, CISA.
“Security is not a product, but a process. And it’s a process that involves everyone in the organisation — from the CEO to the temp.”
“Security is not a product, but a process. And it’s a process that involves everyone in the organisation — from the CEO to the temp.”
— Bruce Schneier
Security Philosophy
“Security must be practical, proportionate, and pervasive. It should enable operations, not obstruct them.”
I believe in real-world, operational security — not just compliance for its own sake. Systems must be accreditable, advice must be actionable, and policy development must be fit-for-purpose, aligning with business objectives and risk appetite.
Rigorous threat and risk analysis is the foundation for decision-making, and critical systems must rely on defence-in-depth and trusted system design — where security is embedded into the architecture from the outset, rather than retrofitted.
Functional Principles for Life
I believe that effective security must be embedded, practical, and aligned with the organisation’s mission. My approach is grounded in evidence-based decision making, where structured threat and risk assessments inform tailored, proportionate controls.
Advocating for defence-in-depth by design is pivotal — integrating layered security into architecture from the outset rather than relying on afterthought fixes. Assurance is key: I prioritise verifiable outcomes through formal accreditation, testing, and compliance with standards like the ISM, PSPF, ISO27001 and SOC2.
Communication Foundation
Clear communication is fundamental to sustainable security. I work across all levels — from executives to technical teams — to ensure understanding, alignment, and ownership of security responsibilities.
My focus extends beyond individual projects to include knowledge transfer, mentoring, and the development of processes that uplift organisational capability. Ultimately, I aim to deliver secure systems that support operational objectives while ensuring long-term resilience and trust.
IT Security Architect | Federal Government Specialist | Defence-Grade Assurance
IT Security Architect | Federal Government Specialist | Defence-Grade Assurance
Senior IT Security professional with over 30 years of experience delivering secure systems across Australian Government, Defence, and commercial sectors. Specialist in IRAP assessments, secure gateway design, and ISM compliance. Proven ability to lead accreditation, design, and implementation of high-assurance IT environments at all classifications. Recognised for strategic thinking, deep technical expertise, and ability to engage stakeholders across all levels.
Let's Connect
Let's Connect
If you would like any information, please feel free to contact me at doug@drj-consulting.com.
I am located in Canberra, Australia.
Page updated
Google Sites
Report abuse