Procyon Security Group
Your Trusted Partners for Information Security
About Us
Procyon Security Group brings together focused information security services provided by highly skilled security and computer network specialists. Procyon is a customer-focused, vendor-neutral security services organization. We are dedicated to the success of our clients' projects, and to achieving 100% customer satisfaction.
Procyon's four Principal Consultants combine over 100 years of experience in information technologies with more than 60 years of experience in IT and Information Security. They have worked diligently to establish reputations for consistently providing very high-quality services on demanding IT development and deployment projects. Our group holds the following credentials and certifications:
Certified Information Systems Security Professional (CISSP®)
Certified Information Systems Auditor (CISA®) Certified Information Security Manager (CISM®) Certified in Risk and Information Systems Control (CRISC™)
Certified Penetration Testing Engineer/Consultant (CPTE/CPTC)
Payment Card Industry Professional (PCIP)
When additional skills or resources are required on a project, Procyon uses Associate Consultants that provide their services to the group as subcontractors on an as-required basis.
Procyon Security Group was registered as a General Partnership in the Province of British Columbia in March 2003. The Group takes its name from Procyon (PRO•see•on), the primary star in the constellation Canis Minor and the eighth brightest star in the sky. Proycon, meaning "ahead of the dog" in Greek, was used by sailors in ancient times as a navigational aid. From early autumn, it rises in the east well before Sirius and is one of the brightest stars in the Northern Hemisphere.
Consultants
Steven Schnider, MASc, BASc
Steven Schnider was one of the original founders of the Procyon Security Group in 2003, and practices as an Information System Security Architect. He has been involved in the development of information technology systems since 1979 and has specialized in information security technology and Infosec risk management since 1987. He previously held senior technical positions with Certicom, LGS/DOMUS Security, and Hughes Aircraft Canada and led the security product development team at Bell-Northern Research. Steven has provided security consulting services to a broad range of public sector organizations including the federal government (DND, RCMP, CSE, Public Works and Government Services), provincial and territorial governments (British Columbia, Alberta, Saskatchewan, Ontario, the Yukon) and at the municipal level. His private sector experience ranges from international oil companies and multi-national wireless telecommunications providers through to small technology start-ups. Steven's primary interests are in high assurance system development, secure wide-area networking, distributed applications, and pervasive computing.
Ryan J Liu, B.Comm, CISA, CISSP
Ryan Liu has 22 years of direct experience in systems audit and IT risk management with over 10 years of experience working in formal security risk assessment and health informatics. Having started his career working for two international accounting and audit firms, he has a solid foundation in IT audit and controls and played a key role in building one of the earliest professional network penetration testing practices in Canada.
In addition to information security governance, security standards conformance (CobiT, ISO27002), vulnerability assessment, and penetration testing, Ryan has delivered risk assessments for Government of British Columbia and Health Authorities for major multi-year IT projects using both formalized risk assessment methodologies (RCMP, ISF IRAM, OCIO STRA) and customized assessments.
Ryan has provided security services to both public and private sector clients including provincial and municipal governments, BC health authorities, crown corporations, post-secondary, retail, mining, and financial services.
Rui Pereira, B.Sc(Hons), CISSP, CISA, CPTE/CPTC
Rui Pereira is a Principal Consultant for Procyon Security Group with over 35 years of experience in IT, specializing in Information Security and Audit for the last 25. Rui is a Certified Penetration Testing Engineer (CPTE) and Consultant (CPTC), and has also obtained the CISSP and CISA certifications.
Rui has provided both management and technical consulting to a wide range of customers in Western Canada in a variety of industries. He specializes in security reviews and audits; vulnerability assessments and penetration testing (ethical hacking), including for PCI DSS; wireless and (web) application security (including API security); PCI DSS, privacy and other compliance and legal requirements; Security Threat/Risk Assessments (STRAs) and threat modeling; security architecture development, review and implementation; and security awareness training.
He is active in the local IT security community, including the Vancouver Security Security SIG and the Vancouver Chapter of OWASP. He has presented on various security topics before these and other local organizations. Rui also taught various security topics at BCIT and UBC, and presents several multi-day courses in secure web application development, wireless network security, and ethical hacking.
Orvin Lau, CISSP, CISM, SCF, CRISC, PCIP
Orvin Lau is an information security consultant focusing on information security management, governance, business processes, and compliance. With over 24 years of experience in information technology and 16 years specializing in information security, governance, risk and compliance, Orvin is experienced at relating business requirements to technical requirements, and using frameworks such as ISO/IEC 27001 and 27002, the PCI Data Security Standard, and CobiT.
He has provided security consulting services to a wide variety of clients, including financial institutions, brokerage firms, professional regulators, manufacturing companies and transportation companies. In 2016 he was invited by the BC Government’s Office of the Chief Information Security Officer to join its Provincial Security Advisory Council.
Orvin previously worked as an information security managing consultant for leading Canadian accounting and business advisory firm where he provided IT Security consulting and audit services to clients in industries such as financial services, brokerage firms, health authorities, utility companies, and municipal governments. He has obtained the CISSP, CISM, CRISC and PCIP certifications.