George Choueifate, cyber security, smiling at the camera.

George Choueifate

Director, Cyber Security

Contact

Executive Summary

Executive summary

George is a Director in BDO’s Cyber Security team in Sydney. He brings a highly investigative, practical and outcome-focused approach to his work, combining technical cyber security governance, risk and compliance expertise, and strong foundations in privacy, fraud, investigations and regulatory compliance.

George provides cyber security assurance and advisory services, helping organisations assess, strengthen and demonstrate the effectiveness of their cyber risk management frameworks.

He specialises in working with public sector entities, financial services organisations and critical infrastructure providers, with extensive experience across government agencies, banks, superannuation funds, mutuals and regulated corporates.

George has over ten years of relevant professional experience across cyber risk, privacy, forensic investigations, governance, fraud, and financial crime.

Expertise

  • Cyber security assurance and advisory services for public sector organisations and financial institutions, including assessments against ISO 27001, CPS 234, CPS230 and NIST Cyber Security Framework
  • SOC 2 readiness assessments and assurance support for organisations preparing for external reporting and customer assurance
  • Cyber risk assessments, internal audit support, and the development of implementation roadmaps to uplift cyber maturity
  • Privacy impact assessments and privacy risk reviews aligned to the Australian Privacy Principles.

Experience

Financial services advisory, assurance and control testing

  • Led multiple concurrent control testing and assurance engagements across critical payment and settlement systems at a major Australian bank, including SWIFT, the New Payments Platform and the Reserve Bank Information and Transfer System, assessing design and operating effectiveness of controls
  • Led SOC 2 readiness assessments and ASAE3150 limited assurance engagements at multiple financial services organisations to support customer assurance and regulatory requirements.

Privacy and regulatory advisory

  • Undertook large-scale Privacy Impact Assessments for complex programs and systems at a Commonwealth public sector entity. This involved identifying privacy risks, assessing compliance with legislative obligations, and developing practical mitigation strategies and recommendations
  • Delivered CPS 234 and CPS 230 audits and readiness assessments at APRA-regulated entities, including evaluating information security and operational resilience frameworks, identifying gaps against regulatory requirements, and developing pragmatic remediation roadmaps to uplift control maturity.

Qualifications and affiliations

  • Bachelor of Commerce, Finance and Accounting
  • Bachelor of Economics, Econometrics
  • Chartered Accountant (CA ANZ)
  • ISO 27001 Lead Implementer
  • ISO 27001 Lead Auditor
  • Certificate III in Investigations