Nicholas Carreiro
About Nicholas Carreiro
Nicholas Carreiro serves as the Technical Head of Group Cyber Security Governance at QBE Insurance, where he has worked since 2019. He has extensive experience in cybersecurity, having held various roles at organizations such as Westpac Group, KPMG Australia, and Commonwealth Bank, focusing on risk assessment, compliance, and security governance.
Work at QBE Insurance Group
Nicholas Carreiro has been serving as the Technical Head of Group Cyber Security Governance at QBE Insurance since 2019. In this role, he is responsible for overseeing the organization's cyber security governance framework. His work includes defining security and risk processes that enhance the organization's security posture and aligning security services with business objectives. He engages in compliance activities to ensure adherence to industry standards and regulations.
Previous Experience at Westpac Group
Nicholas Carreiro worked at Westpac Group from 2011 to 2015, holding multiple positions including Information Security Consultant and Senior Information Security Architect. During his tenure, he focused on technology risk assessment and security measures. He conducted internal and external IT audits to ensure compliance with security standards and was involved in designing secure systems.
Professional Background at Commonwealth Bank
Nicholas Carreiro held various roles at Commonwealth Bank from 2010 to 2019, including IT Security Analyst, Cyber Security Governance Manager, and Senior Manager - Line 2 Cyber Security & Supplier Risk. His responsibilities included developing IT security policies, conducting third-party assurance reviews, and managing cyber governance initiatives. He also acted as Executive Manager - Group Cyber Governance for a brief period in 2016.
Experience at KPMG Australia
Nicholas Carreiro worked at KPMG Australia from 2007 to 2010 as a Senior Advisor in IT Advisory. His role involved providing insights into IT architecture and design consultation, focusing on secure system design. He contributed to various projects aimed at improving clients' information security frameworks.
Expertise in Cyber Security and Risk Management
Nicholas Carreiro possesses expertise in technology risk assessment, security risk in the Software Development Life Cycle (SDLC), and compliance with PCI DSS standards. He is skilled in communicating IT-related risks to senior stakeholders and performs penetration testing to identify and mitigate vulnerabilities in systems. His experience spans across various aspects of cyber security governance and risk management.