I'm was responsible for all aspects of information security for Redeem Group at group level. I was responsible for establishing a more compliant and secure IT infrastructure. My main Responsibilities/Duties include:· Creating and maintaining a security policy process and procedures in line with and ISO 27001 framework.· Ensuring data security policies are implemented· Producing and delivering security training material.· Undertaking internal IT Security audits to ensure internal controls are in-line with the company’s IT Security Policies.· In the event of breaches or near misses relating to the IT security of the business carry out investigations including analysis, actions to correct and incident reporting.· Scoping penetration testing activities undertaken by external specialists.· Assessing the organisation’s infrastructure and data to identify vulnerabilities caused by weaknesses or flaws in software and hardware that could expose the infrastructure to a security breach.· Making effective recommendations to improve security; based on evaluation of current security posture and knowledge of current and emerging threats.

My key responsibilities include;• Lead and influence clients and their programme activities • Analyse and audit technical solutions as well as present information and advice to senior business partners. • Developed customer proposals and liaise with the Project Office in preparation of proposals and answering of tenders • Assisted in presales activities to generate projects for self and rest of the consultancy practice • Translate the technical findings from an assessment into relevant, actionable information for customers • Delivering projects within time and in budget and to a high level of customer satisfaction – exercising customer care at all times • Developing a strong rapport with customers and to engender long lasting relationships • Liaise with the Resource Management and Sales team during the sales cycle to assist in quantifying, pricing and organising the consulting resources required for the project delivery • Security consultancy• Agile project management

Key responsibilities included:• Recommend end-to-end IT security solutions, including architecture / design, process creation and development and basic project management, all in line with industry good practice.• Work individually and as part of a team to carry out end-to-end delivery of IS services andsolutions.• Produce and present clear and consistent technical, management and commercialdocumentation.• Identify and clarify client challenges and opportunities.• Assess core capabilities within a client IS function.• Recommend specific areas and approaches for quick wins and longer term businessimprovement.• Confidently scope complex and critical projects as well as (high level and detailed) deliverables.• Compile total cost of ownership and return on investment models for outline business cases.• Provide advice and guidance around IT security, across organisational and governance teams.• Ensure regular, clear and diligent communications with all project stakeholders and within theteam.• Act as a mentor to staff members within multiple disciplines.• Regularly undertake complex and/or critical consultative engagements, to a senior managementlevel.

Key responsibilities included;• Complete end-to-end IT security solutions as directed, including security monitoring, solution implementation, architecture and process development in line with industry good practice.• Work individually and as part of a team to carry out end-to-end implementation and configuration of solutions.• Assist in the production of clear and consistent technical, management and commercial documentation.• Recommend areas and approaches for quick wins and longer-term business improvement.• Ensure regular, clear and diligent communications with all project stakeholders and senior team members.• Contribute to the creation of new business cases.• Identify and suggest improvements to client challenges and opportunities.• Review and summarise data, demonstrating strong reasoning and analysis capabilities.• Collaborate and communicate with other team members, participating with creative and idea gathering sessions.

Working as part of a team to support the delivery of the Information Security Framework across Life & Pensions business units and to external clients. Working with local Information Security Managers to support a robust programme of security assurance activity and ensuring that issues are identified, reported, addressed/escalated or accepted as appropriate. Key responsibilities included;• Undertaking policy and contractual compliance reviews • Undertaking 3rd Party Security Due Diligence Assessments • Management of ongoing Application Security Assessment • Issue management • Supporting Information Security Managers and key stakeholders across L&P • Undertaking Assurance Activities in line with of a rolling plan for completion• Ongoing development and production of Information Security Dashboards• Management and coordination of Pen-testing approach • Ensuring that security incidents are recorded and tracked to resolution/closure of all actions• Oversight of Data Transfer Registers • Coordination of Information Security Related Audit action• Risk coordination

I obtained an advanced diploma in information security as well as the System Security Certified Practitioner (SSCP) certification, which has given me a great understanding of information security principles . I carried out the PCI-DSS required wireless scans, monitored Microsoft Forefront Identity Manager (FIM) for Atos and generate monthly reports on networks regarding the workstation and server security status as well as threat severity reports. I also mentored junior level staff, providing training where needed.Skills that I have gained in this role: • PCI-DSS Compliance wireless scans • Information Security • Network mapping• Generating High and Granular Level Reports• Linux• Server and Endpoint Hardening• Hardware/Software Fault Finding• Vulnerability Scanning and Penetration Testing• Network Support

This role involved me working within a datacentre. My duties included;• Processing payroll for clients • Restore and back up requests• Batch processing• Error check servers in the data centre• Application error checking• Incidents management• Disaster Recovery• Change management• Physical security• Defining, updating and enforce procedures • Escorting visitors around the data centre• Key management• Mainframe job scheduling• Troubleshooting server faults• Tape inventory