✅ My methodology for all of my work begins with understanding your business, first and foremost
✅ 5 years experience working in cyber security
✅ Certified as an cyber security incident handler (GCIH) and a security auditor (GCCC)
✅ Qualified at BSc level in computer security and forensics
✅ Experience as a non-executive director - I understand the business context as well as the technical and security aspects
✅ Experience in a variety of positions within security:
- Technical (SOC analyst)
- Risk (Information security officer)
- Strategy (cyber security strategy specialist)
✅ I am not the type of consultant for a tick-in-the-box approach. If you genuinely want to achieve a better cyber security understanding and/or posture, my work quality will be a good fit.
A pragmatic, down-to-earth Cyber Security professional who translates technical jargon into understandable business terms. I have worked in technical, risk and strategy roles in both large enterprises and smaller organisations - so I can relate to most organisations' security challenges.
The vast majority of my experience is in the financial services sector, the most heavily regulated and mature industry for cyber security. However, I've also worked in a consultancy services role, working directly with customers in identifying breaches and recommending how they can improve their security posture.
With cyber security, a business can't focus on improving everything, so it is important to focus on those few areas which give the greatest return on investment.
My specialty is explaining cyber related businesses risk in a simple way, and advising on solutions in a rational, quantified manner to maximise ROI, both in effort and cost.
I offer practical and pragmatic consultancy on:
- Risk Assessments
- Strategy/Policy Design
- vCISO Services
- Compliance Assistance
- Supplier Security Due Diligence