Lisa Zhao
Msc, E.I.T, CISM
Hey I'm Lisa, a Certified Information Security Manager (CISM) through ISACA. I also serve as the Communications Director for the Calgary Chapter.
I'm passionate about security governance and currently sit on the board for CSA Z246.1, focusing on Security Management for Petroleum and Natural Gas Industry Systems.
Beyond the Resume - when not designing compliance frameworks, you'll find me volunteering at arts festivals (Burning Man organizer), engaging with farmers and ranchers across Western Canada, or speaking at conferences about the intersection of technology and human systems. I'm driven by curiosity about how complex systems work—from cryptographic algorithms to community food networks to organizational transformation.
Most Recent Experience
Management System and Strategy Specialist
Applied4Sight
2022-Present
∠ Conducted compliance audits and gap analyses, providing closure reports and suggestions to improve corporate compliance. Conducted audits for TC Energy, Pembina, Enbridge, and South Bow. ∠ Designed and implemented security risk assessment processes for major energy companies including Trans Mountain and WEX. ∠ Developed Compliant Security Programs for energy companies including Pembina Pipeline, TC Energy, South Bow and Trans Mountain. ∠ Designed and delivered technical training content for regulatory compliance across CAN (CER, OPR, CSA, NERC) and US (PHMSA, CFR, TSA) for energy companies. ∠ Provided Cybersecurity subject matter expertise to cross-functional teams including Operations, Sa- fety, and Regulatory departments. ∠ Led investigation and documentation of Cybersecurity compliance issues and developed corrective action plans for WOLF. ∠ Led training and development projects at A4S and developed a Training Program for the company. ∠ Worked closely with CER, AER, BCER regulators and acted as primary contact between energy companies and the government. ∠ Mentored junior staff on Cybersecurity compliance requirements and best practices in USA and CAN.
Management System and Strategy Specialist
Applied4Sight
2022-Present
∠ Conducted compliance audits and gap analyses, providing closure reports and suggestions to improve corporate compliance. Conducted audits for TC Energy, Pembina, Enbridge, and South Bow. ∠ Designed and implemented security risk assessment processes for major energy companies including Trans Mountain and WEX. ∠ Developed Compliant Security Programs for energy companies including Pembina Pipeline, TC Energy, South Bow and Trans Mountain. ∠ Designed and delivered technical training content for regulatory compliance across CAN (CER, OPR, CSA, NERC) and US (PHMSA, CFR, TSA) for energy companies. ∠ Provided Cybersecurity subject matter expertise to cross-functional teams including Operations, Sa- fety, and Regulatory departments. ∠ Led investigation and documentation of Cybersecurity compliance issues and developed corrective action plans for WOLF. ∠ Led training and development projects at A4S and developed a Training Program for the company. ∠ Worked closely with CER, AER, BCER regulators and acted as primary contact between energy companies and the government. ∠ Mentored junior staff on Cybersecurity compliance requirements and best practices in USA and CAN.
Management System and Strategy Specialist
Applied4Sight
2022-Present
∠ Conducted compliance audits and gap analyses, providing closure reports and suggestions to improve corporate compliance. Conducted audits for TC Energy, Pembina, Enbridge, and South Bow. ∠ Designed and implemented security risk assessment processes for major energy companies including Trans Mountain and WEX. ∠ Developed Compliant Security Programs for energy companies including Pembina Pipeline, TC Energy, South Bow and Trans Mountain. ∠ Designed and delivered technical training content for regulatory compliance across CAN (CER, OPR, CSA, NERC) and US (PHMSA, CFR, TSA) for energy companies. ∠ Provided Cybersecurity subject matter expertise to cross-functional teams including Operations, Sa- fety, and Regulatory departments. ∠ Led investigation and documentation of Cybersecurity compliance issues and developed corrective action plans for WOLF. ∠ Led training and development projects at A4S and developed a Training Program for the company. ∠ Worked closely with CER, AER, BCER regulators and acted as primary contact between energy companies and the government. ∠ Mentored junior staff on Cybersecurity compliance requirements and best practices in USA and CAN.
Instructor
University of Calgary
2021
∠ Nominated for teaching excellence award in emphasizing innovative learning methods, inclusive teaching environments and collaborative classes. ∠ Planned and implemented teachings around foresight and research to 130 undergraduate students. ∠ Spearheaded the student course leaders group that provided feedback to professors and improved student learning.
Instructor
University of Calgary
2021
∠ Nominated for teaching excellence award in emphasizing innovative learning methods, inclusive teaching environments and collaborative classes. ∠ Planned and implemented teachings around foresight and research to 130 undergraduate students. ∠ Spearheaded the student course leaders group that provided feedback to professors and improved student learning.
Instructor
University of Calgary
2021
∠ Nominated for teaching excellence award in emphasizing innovative learning methods, inclusive teaching environments and collaborative classes. ∠ Planned and implemented teachings around foresight and research to 130 undergraduate students. ∠ Spearheaded the student course leaders group that provided feedback to professors and improved student learning.
Reserach Intern
Hexagon
2017-2018
∠ Worked with Homeland Security data for a research project to test GNSS Spoofing. ∠ Improved spoofing mitigation techniques by performing testing of a GNSS receiver against a custom-built spoofing scenario using a HackRF. Scenario was compared to Homeland security field data and used to improve defense of GNSS receivers. ∠ Troubleshot an interference finding algorithm using Python to reduce noise and improve overall algorithm speed and efficiency.
Reserach Intern
Hexagon
2017-2018
∠ Worked with Homeland Security data for a research project to test GNSS Spoofing. ∠ Improved spoofing mitigation techniques by performing testing of a GNSS receiver against a custom-built spoofing scenario using a HackRF. Scenario was compared to Homeland security field data and used to improve defense of GNSS receivers. ∠ Troubleshot an interference finding algorithm using Python to reduce noise and improve overall algorithm speed and efficiency.
Reserach Intern
Hexagon
2017-2018
∠ Worked with Homeland Security data for a research project to test GNSS Spoofing. ∠ Improved spoofing mitigation techniques by performing testing of a GNSS receiver against a custom-built spoofing scenario using a HackRF. Scenario was compared to Homeland security field data and used to improve defense of GNSS receivers. ∠ Troubleshot an interference finding algorithm using Python to reduce noise and improve overall algorithm speed and efficiency.
Additional Experience
Vice Chair
Canadian Standards Association
2022-Present
∠ CSA Z246.1 is the only federally regulated standard for Cybersecurity in Oil and Gas. ∠ I work closely with regulators (AER, BCER, ONEB, CSIS) and industry to develop this leading federally and provincially enforced standard. ∠ Vice Chair of the board with a focus on Security Risk Process, Cybersecurity, and Information Management
Vice Chair
Canadian Standards Association
2022-Present
∠ CSA Z246.1 is the only federally regulated standard for Cybersecurity in Oil and Gas. ∠ I work closely with regulators (AER, BCER, ONEB, CSIS) and industry to develop this leading federally and provincially enforced standard. ∠ Vice Chair of the board with a focus on Security Risk Process, Cybersecurity, and Information Management
Vice Chair
Canadian Standards Association
2022-Present
∠ CSA Z246.1 is the only federally regulated standard for Cybersecurity in Oil and Gas. ∠ I work closely with regulators (AER, BCER, ONEB, CSIS) and industry to develop this leading federally and provincially enforced standard. ∠ Vice Chair of the board with a focus on Security Risk Process, Cybersecurity, and Information Management
Communiations Director
University of Calgary
2022-Present
∠ ISACA is a globally recognized IT certification body. I hold a CISM certificate under ISACA. ∠ Engaged the ISACA community by volunteering and planning multiple Cybersecurity, Quantum and AI events across Calgary.
Communiations Director
University of Calgary
2022-Present
∠ ISACA is a globally recognized IT certification body. I hold a CISM certificate under ISACA. ∠ Engaged the ISACA community by volunteering and planning multiple Cybersecurity, Quantum and AI events across Calgary.
Communiations Director
University of Calgary
2022-Present
∠ ISACA is a globally recognized IT certification body. I hold a CISM certificate under ISACA. ∠ Engaged the ISACA community by volunteering and planning multiple Cybersecurity, Quantum and AI events across Calgary.
Technical Skills
HTML/CSS
Framer
Canadian and USA Security Regulations
Outlook - Excel, Powerpoint, Word, PowerBI
Powerful AI
Python and Data Analytics
2025 Skills Toolbox
Security Governance, Risk, Compliance
5+ years experience
Management System and Strategy
3 years experience
Regulatory Compliance across USA/CAN
5+ years experience
Python
6+years experience
Business Development
6+ years experience
Security Governance, Risk, Compliance
5+ years experience
Management System and Strategy
3 years experience
Regulatory Compliance across USA/CAN
5+ years experience
Python
6+years experience
Business Development
6+ years experience
Security Governance, Risk, Compliance
5+ years experience
Management System and Strategy
3 years experience
Regulatory Compliance across USA/CAN
5+ years experience
Python
6+years experience
Business Development
6+ years experience
Education
Master of Science
Masters in Electrical Engineering
2019
Thesis specializing in wireless communications, physical security, self driving vehicle security
Master of Science
Masters in Electrical Engineering
2019
Thesis specializing in wireless communications, physical security, self driving vehicle security
Master of Science
Masters in Electrical Engineering
2019
Thesis specializing in wireless communications, physical security, self driving vehicle security
Got questions?
I’m always excited to collaborate on innovative and exciting projects!
Got questions?
I’m always excited to collaborate on innovative and exciting projects!
Got questions?
I’m always excited to collaborate on innovative and exciting projects!