Security, Quality, Environmental

Within the Governance & Compliance team, I provide Information Security consultancy services internally and to existing and prospective customers.My main responsibilities are detailed below:- Provide strategic direction and advice on internal security controls to ensure security is appropriate to the level of risk. Also, provide advice for existing and prospective clients; - Support the maintenance, auditing and monitoring of the corporate ISO27001 as well as certifications such as ISO27001, PCI and PSN on behalf of customers;- Manage Information Security controls on behalf of key customers, liaising with both internal and customer stakeholders to ensure contractual obligations are met; - Manage the provision of MI to customers based on the security controls applicable to the service; - Support the Information Security awareness campaigns and be responsible for producing quarterly newsletters and emails; - Conduct frequent reviews of Information Security procedures and policies; - Act on all security alerts, initiating remedial and investigatory actions and advising senior management on actual or potential risks and proposing options - Manage the Information Security Risk Register, identifying any key control gaps and providing suggestions for remedial actions; Current projects outside ISMS BAU: IPDS refresh, Vulnerability Scanning process design.

Conduct customer engagement & assessments against ISO27001:2013, ISO9001:2008 and CSA Star.Provide pre-certification gap analysis assessments for clients and report readiness for certification & re-certification. Lead assessment teams ensuring that team members are adequately briefed so that quality of service is maintained and that effective working relationships are sustained with Clients.Establish and develop an effective partnership, which secures the commercial relationship and encourages opportunities for business development and increased client satisfaction.Recommend the issue, re-issue or withdrawal of certificates, and report recommendations in accordance with BSI policy. Negotiate and agree to conformance issues. Produce technical assessment audit reports on a daily basis. Provide strategic direction to organisations ensuring Information security is managed and risk is within appetite.

Communisis Plc. is the leading Marketing, creative and digital Company within Europe working for large organisations particularly in the financial industry.My role within the Company as Compliance Analyst has responsibility for assisting in the management of and the maintenance of ISO27001 compliance for a number of the strategic accounts within Communisis such as Barclays Bank, Nationwide, Virgin Money and Lloyds.

My role within the Company is Compliance Manager with the responsibility for assisting in the management of and the maintenance of the Contract for Barclays Bank, Nationwide, Virgin Money and Lloyds.Day to Day Responsibilities:- Ensuring Information security legal, regulatory and contractual obligations are met- Contract SWOT analysis- Technical contract assurance- Identifying points of vulnerability, risk or threat- Maintaining client confidence and excellent working relationships- Monthly Information Security service/performance reporting - Ensuring technical projects are delivered on time referring to Data protection- Incident Management / corrective action / root cause analysis- 3rd party supplier due-diligence / pre-qualifying onboarding

A-one+ is a joint venture between Halcrow, Colas and Costain. The joint venture maintains government contracts via the Highways Agency. I was seconded from Halcrow to A-one+ as the ICT Infrastructure and Information Security Project Manager. This was a varied and demanding role with responsibility for integrating securely the three parent company systems into the Aone+ Joint Venture. I was accountable for Information Security/business continuity / technical project management with a scope containing 2000 employees and nineteen offices.

I was employed as Information Communications Officer providing IT service delivery (MS Server 2003, AD admin, MS Exchange, Citrix, Cisco)

System Admin

First/second line IT support, supporting British Petroleum, Rolls Royce and DWP.