This Group role manages the office of the Chief Technology Officer, overseeing and drives the 3 year technology strategy, and managing medium term planning both of which are tightly aligned to the business strategy.Specific responsibilities I hold are to ensure the technology budget is appropriately managed, and a people strategy is in place to keep our 500+ employees engaged and delivering against a shared purpose; the technology strategy. My role oversees the governance required to ensure a Technology organisation runs smoothly and deliver what is required for an AIM listed and regulated company.The role retains my CISO responsibilities for the Group.

A promotion to extend my responsibilities within Gamma. Now responsible for the strategic development and delivery of Information Security, Security Operations, Enterprise/Integrated Risk, Governance, Business Continuity/Operational Resilience and Occupational Health and Safety for the group. Developing capabilities to ensure each area is aligned to and supporting business objectives.

Acting as Gamma’s first Information Security Director (CISO) I developed a security programme and gained Board support for its delivery. Reflecting Gamma’s risk against control gaps, highlighting the most realistic and cost-effective delivery schedule. Key deliverables included: Tranforming the team from their focus on compliance to recognising and responding to the threats faced. Partnering with several UK and US security start-ups who are solving problems at a faster pace than large scale incumbents.

A named Director for a Consultancy firm based in the North West of England. L&A provide a variety of technical services including:• High powered computing (HPC) infrastructure to support AI solutions• Security architecture design and delivery• Security Consultancy

The GSMA is a trade association representing the mobile telecommunications ecosystem, aligning the interests of 750 operators and 400 companies within the industry value chain. My team’s purpose is to improve the industry’s response to threats faced.I managed the definition and launch of the first mobile centric security framework. The lack of relevant mobile telecommunications security framework was limiting the industry’s ability to measure security maturity, impacting security investment decision making. The framework and self-assessment complements the NIST Cybersecurity Framework (CSF) and CIS (SANS) Critical Security Controls already adopted within the industry. I worked as part of the Supply Chain task force to bring together global Heads of Information Security and Chief Security Information Officers (CISO) and develop a way of protecting the mobile supply chain, this included defining the supply chain toolbox. I developed and delivered workshops on various security topics at global GSMA events. Workshops are attended by senior security stakeholders and CISO in order to collaborate and develop industry best practice, these workshops are usually wargame or exercise related. In order to educate numerous stakeholders to the threats facing the industry I present at global conferences on technical topics such as Cloud security, eSIM, 5G security and supply chain security.

As Head of Security for BT I led two areas:• Creating and managing the BT Security Transformation initiatives. • Departmental oversight for BT’s Incident Response and Forensics strategy I was given autonomy to define the Transformation initiatives based on my in depth knowledge of the business and technical security background. I used industry best practice, and agile transformation activities to define tooling requirements, re-engineer processes and improve team/area productivity. This required:• Stakeholder management, I had no formal authority over the team being impacted and I required their buy in and resource to enable to transformation to occur• The ability to challenge the status quo, breaking others out of the ‘we’ve always done it this way’ mentality• The ability to recognise risk versus opportunity, many decisions resulted in repercussions, these required modelling before action was taken. • Technical knowledge of security tooling, specifically how one complements the other and how they can be implemented to their fullest capability. I brought together virtual teams and redesigned the way:1) BT monitored for malware, developing a proactive not relative capability. Rationalising the plethora of tools based on value delivered, which saved money on ineffective tooling and removed duplicated effort responding the alerts within the Security Orchestration, Automation and Response (SOAR) playbooks. 2) Security Operations integrated Threat Intelligence into operational processes, including how we managed global incidents that impacted both internal SOC and managed customers. Improving the managed service BT sold as well as developing collaboration and threat sharing within internal SOC’s. During my time at BT I developed a strong coaching style, supporting those within the business develop their skillsets to achieve career based objectives. I also mentored several people, developing relationships that have continued for several years.

The CERT are the 3rd line technical incident response (IR) team within BT Security and they have an IR responsibility to BT Group and major global customers. The team grew from 4 to 20+ under my leadership, developing the Group's incident response capabilities. To be successful I had to build on my technical skillset and understand how an attacker may target a complex, global network. From this knowledge the team developed from responders into threat hunters. These hunts were developed against industry standard frameworks such as NIST and ATT&CK, allowing them to be KPI driven. Alongside the CERT I built the Group's security training team. The Training budget was being overused for entry level training in 1st and 2nd line. I developed the BT Security training team to deliver an internally defined 1st line pathway. A mentor driven, vocational pathway was formed for 2nd line. Leaving budget for 3rd line to develop new investigation capabilities. The result was a formalised career pathway, improving retention, whilst ensuring training budget was used appropriately. I also supported non-technical leaders in developing several global SOC, both commercial and internal, to allow BT to develop as an organisation. This included identifying the appropriate information security management system (ISMS), tools, software, people and SOAR processes that were required. All teams supported were ISO27001 certified, meaning all documentation had to stand up to audit scrutiny and I was part of each ISO27001 audit.

My role involved investigating incidents relating to possible security breaches. This is not only internal to BT but supporting various high level customers. The pace and depth of the investigations were always high due to 3rd line only managing large scale or ‘unknown’ incidents. I regularly investigated network intrusions, Cisco routers, Authentication servers, various Windows and *nix servers (virtual and physical), Firewall technologies and other similar security appliances. Doing incident response on a network as vast as BT’s required that I understand routing, data transit protocols, load balancing and network design. This is to track possible lateral movement and understand where a threat actor could have infiltrated.

My main remit was to carry out complex investigations of computers and other hardware; including investigating Windows (server and workstation), Mac OSX and Linux Operating Systems. The output of these investigations was technical evidence that had to be produced in various formats for non-technical personnel to understand. This meant I developed my communications skills to the point where I could taken a layperson through deeply technical topics with ease.I was proficient in the use of EnCase, FTK, Cellebrite and other open source Linux and Windows based forensics software. I also researched and developed new ways to investigate hardware, including developing the way the Unit investigated early generation iPhones. I was regularly required to present this evidence to the Crown Prosecution Service (CPS), juries, Judges and Barristers during various stages of the UK Court process. For more technical legislation I was also required to advise and aid the CPS with charging decisions.

Providing a SME company, Channel Fostercare Ltd., with technical support. This included managing their mail platform and Zentyal platform for proxy, VPN and file sharing services. Recognizing a gap within the foster carers training material I also designed and delivered various 'online safety' courses for the company's carers. In 2008 this was not mandatory.

Creating Heauristic rules and DFP patterns for SPAM filters