Providing thought leadership, consulting and enablement around cyber resiliency best practices to internal resources and customers. Providing the vision for Cohesity's cyber resiliency pillar: assisting product management in the development of product capabilities and features that are aligned to customer operational requirements; working with product marketing as a domain expert to develop white papers, blog posts and webinars; supporting enablement by defining cybersecurity skills requirements and then creating and delivering training material to both internal resources and customers; helping marketing and PR by undertaking conference presentations, media interviews and participating in marketing events.Developing and executing on strategic advisory, workshops and assessment programs to help customers improve their cyber resiliency.Leading initiatives with Cohesity's Data Security Alliance partners such as Cisco, Palo Alto, Splunk, ServiceNow, Okta, BigID, Securonix, Qualys, ZScaler, Tenable, Crowdstrike, Cyberark, PwC, TCS and Mandiant to develop integrated cyber resiliency solutions.

Responsible for engagement with the CIO and CISO roles, as well as their operational reports, at Rubrik's enterprise and government customers. Engagements typically involve strategy and operational topics related to security digital transformation; the detection, investigation, response and recovery from ransomware incidents; achieving intelligence-led cyber risk management, including continuous controls monitoring; and developing a posture of cyber resiliency through implementation of automation, orchestration & deception while achieving the maintainability, agility, survivability and continual improvement of operations.

Field Chief Technology Officers are deputised by Rubrik's CEO and CTO to represent the company's strategic vision & roadmap as well as represent the interests of customers back into the organisation. In this role we drive customer success by working directly with our peer CIO, CTO and CISOs to advise and align their cyber resiliency transformation programs. As the Field CTO for Security this involves keeping pace with adversary capabilities and campaigns, changing trends in IT delivery and ensuring we can help our customers not only mitigate the impact of the scourge of ransomware, but can also transform their businesses into one that can adopt a data-centric approach to cyber security. We lead assessments of operational current state; lead workshops on best-practice approaches that encompass the business alignment, structure, people, process and technology aspects; build transformation roadmaps with interdependencies; advise on pragmatic approaches to overcome any existing constraints; use industry experience in vertical markets and technology to sanity check customer's existing plans and regularly engage with the customers to advise on how to overcome roadblocks to the program.

Acting as advisor on strategic and operational risk management and cyber security operations at CIO and CISO level to our enterprise and government customers. With a high percentage of the global enterprises as established ServiceNow customers, the Advisory CISO role helps customers establish a baseline of current capability; understand the financial, resource, compliance, contractual, political and cultural constraints in place; then help the customer establish a pragmatic program of work that can be delivered in a staged approach that allows the organisation to adapt to the unexpected, counter changes in adversary behaviour and keep pace with the organisation's ever-changing approach to IT delivery.These programs include the overall organisation structure and reporting line of information security within the organisation; security operations centres; cyber threat intelligence; cyber risk management and reporting; risk assessment and threat modelling that includes adversary characterisation; vulnerability management; hunt team; compliance with multiple contractual and regulatory obligations; continuous monitoring and situational awareness; staff recruitment, training, career progression and retention; operational, business, technical and analytical processes, including their measurement and continual improvement; cyber resiliency and crisis management; advice on design of physical operations facilities; application security, including SecDevOps methodologies such as Continuous Integration/Continuous Deployment; risk evaluation of different models such as on-prem vs hybrid vs cloud vs ITO; design of cross-swim lane workflows, investigatory and response playbooks; integration of cyber and IT risk into ERM/IRM frameworks.

Co-founder of the Security B-Sides London conference and actively involved in the planning and execution of every Security B-Sides London conference to-date. Security BSides London has had some of the most prominent researchers and analysts as speakers and includes a number of hands-on workshops and training. At it's heart it is a event organised by the infosec community, for the infosec community, devoid of external influence of cyber security vendors. It is a platform for collaboration, community building and information sharing for UK information security.In 2017 the event saw over 1,000 members of the information security choose to attend Security B-Sides London, despite the larger commercial Information Security Europe occurring at the same time. InfoSec Europe has 15,000 attendees, but this is spread across three days and has a multi-million budget.

Providing advisory to C-Level executives for FTSE/FORTUNE 100 organisations around cyber security transformation programs, focusing on cyber security operations (SOC, analytics, hunt, threat intelligence, incident response); secure Software Development Lifecycle (SDLC), information governance and SecDevOps.Role includes design of services portfolio, public speaking, acting as a Subject Matter Expert, project scoping, development of intellectual capital and enablement, quality assurance of deliverables and mentoring of delivery consultants. When delivering on consulting engagements, typically acting as interim-CISO or Head of Security Operations for customers. Micro Focus are the World's 8th largest software company and are ranked 47 on the FTSE 100 index.

The Cyber-security Information Sharing Partnership (CiSP), part of CERT-UK, is a joint industry-government initiative to share cyber threat and vulnerability information in order to increase overall situational awareness of the cyber threat and therefore reduce the impact on UK business.CiSP allows members from across sectors and organisations to exchange cyber threat information in real time, on a secure and dynamic environment, whilst operating within a framework that protects the confidentiality of shared information.

Responsible for the design and implementation of operational capability that integrated security operations detection (leveraging correlation, hunt and analytics); threat intelligence; detection content creation and security engineering teams. Developed Indicator of Compromise, Attack Vector and Attack Scenario taxonomy. Lead threat modelling workshops and designed Detect/Deceive/Disrupt controls portfolio based on findings. Implemented SIEM content based on taxonomy using leading SIEM and Log Management platforms. Managed delivery against multi-year transformation roadmap covering technology, processes and technology.Sat on the Global Technology Advisory Board to shape the future IT direction of the bank. Designed the Cyber components of the graduate program, designed to raise information security awareness and identify future candidates for positions within the Cyber Security organisation. Role relocated to New York as part of the location strategy following the EU Brexit referendum, did not wish to relocate.

Responsible for the management of cyber risk within the Corporate & Investment Banking line-of-business within the World's largest bank, including threat profiling, risk assessment, control selection and control monitoring. The Corporate & Investment Banking business unit represents and attractive target to nation-state and criminal threat actors as the line-of-business encompasses a number of functions including wholesale banking that transacted over 25% of all US dollar transactions globally; trading; mergers, acquisitions and IPOs; and wealth management.Sat on the committee that designed the organisation's cyber risk assessment methodology. Conducted the bank's first end-to-end cyber risk assessment for a line-of-business and in-depth threat modelling of several value-chain. Oversaw the implementation of control improvements in response to the SWIFT attacks. Reported cyber risk monthly to the operational risk committee and the commercial heads of the business unit. As the most senior Cyber Security representative at the Bournemouth Campus, I sat on the Bournemouth Technology Operating Committee, shaping the day-to-day working environment for the over 5,000 employees at that campus.

The HP SIOC Practice are the World’s most experienced consultancy practice in the field of establishing, maturing and operating cyber security operations capabilities for leading organisations around the World. HP SIOC have built the end-to-end capability - including technology implementation; recruitment, screening, training and career development of staff; analytical, operational, technical and business process creation and operationalisation; implemented metrics collection and continual improvement; designed intrusion analysis workflows and business-aligned risk reporting - for over 100 organisations such Wells Fargo, Citigroup, BAe Systems, Rolls Royce, BP, Shell, Cap Gemini, Vodafone, Apple, Microsoft, Walmart, American Airlines, FedEx, SKF, Foxconn, Symantec, SKF, UAE Government, Bombardier, Netherland Ministerie van Defensie, HydroOne and Ericsson.- Recruited and managed a team of Managing Principals, Principals and Consultants, as well as leveraging a pool of sub-contractors from boutique consultancies and Big 4.- Overall responsibility for the bookings and profit-and-loss of the practice, including driving demand and customer satisfaction.- Delivered on engagements where board or committee level engagement required.- Sub-contracted by Big 4 to provide Subject Matter Expertise in security operations for their customers.- Significant product pull-through and increased customer retention of HP ArcSight from SIOC customers.- Consultants maintained over 80% average utilisation, with an additional 10% time dedicated to development of Intellectual Property. Consultants achieved consistently above industry average gross margins - Collated data from multiple security operations maturity assessments, provided analysis and narrative for the annual State of Security Operations report.- Assisted in the creation of a portfolio of advanced service offerings around development of fusion cells; hunt team; cyber analytics and deception grids.

Mimecast are one of Europe’s most successful Software-as-a-Services (SaaS) companies specialising in the management of unstructured data. As employee number 7, was involved in the founding of the company and oversaw the function of maintaining the security of our infrastructure and customer data during a period of explosive growth. Company had highly successful NASDAQ IPO- Winner of Deloitte’s Fastest Growing UK Tech Company for two years running and featuring in the top 10 of the Telegraph’s Tech Top 100 twice. Cover story on SC Magazine.- Managed security for 2.4 petabytes of data across 6,000 servers in 13 data centres, 7 corporate offices over 4 continents with 650 employees. Provided security capability during a period of average year-on-year growth of over 1,500%.- Implemented and gained certification for a ISO/IEC 27001:2005 compliant Information Security Management System; implementation of 128 out of the possible 133 ISO/IEC 27002:2005 information security controls.- Achieved CESG certification for the service for use with UK government data.

Worked as a contractor for a variety of organizations focused on the development of incident detection and response capabilities, including people, process and technology. Implemented and improved incident detection capabilities using logging and SIEM platforms from Splunk, HP ArcSight ESM, NetForensics (BlackStratus) and RSA enVision. Provided expertise in the achievement of GPG13 and PCI DSS-compliant monitoring. Design of information security workflows to deal with multi-national organizations, including complex cross-border data transfer and privacy implications. Design, implementation and tuning of SIEM Use Case content and incident response playbooks to achieve alignment with organizational risk profiles or regulatory compliance obligations. Integration of incident detection and response capabilities into IT operational frameworks. Development of internal charge-back and costing mechanisms.Development and integration and interpretation of threat intelligence data through information exchange and the use of tar pits/honeypots. Undertaking the threat modeling and risk assessment for complex multi-national organizations with extended supply-chains. Operational and technical control selection and implementation including database access monitoring, identity and access management, anti-malware, host-and-network-based intrusion detection-and-prevention, proxies, virtual private networking, Designed and implemented the protective monitoring capability for a Joint Venture network for one of the UK’s largest telecommunications providers. Successfully implemented a number of other projects including a global SOC capability for a large European telecommunications provider as well as other projects for a number of government and military establishments with large information security infrastructures.

Vtesse design, deploy and manage bespoke highly-secure data and storage networks, based on Gigabit Ethernet, Fibre Channel and Wave Division Multiplexing. The Vtesse customer base in the main consisted of large Blue Chip organisations and financial institutions. I was responsible for managing the pre-sales consultancy and while in this position I ran a project to design and deploy the World's largest synchronous Storage Area Network partnering with Hitachi Data Systems. I also worked on the successful project for a £500 million contract for Lloyds TSB bank working in partnership with IBM Global Services.

Affiliate of Newbridge Networks that produce OSS/BSS security platforms for wireless operators and Internet Service Providers. Product handled policy management, security, profiling, billing mediation, provisioning and asset management. As the product interacted with many of the carrier’s network elements (billing systems, network access servers, routers, bandwidth managers, application servers, CRM, SS7 gateways) this position gave me a comprehensive understanding of wireless and Internet Service Provider’s infrastructure. Left after the acquisition of the parent company (Newbridge Networks) by Alcatel.

MORSE are Europe’s largest Hewlett-Packard and Sun dealer. Senior consultant specialising in the design of security, high-availability clusters and storage networks. Position involved elicitation and documentation of customer requirements; solution design and specification, including asset and management cost; calculation of TCO and ROI for solution; managing equipment build and configuration; handling testing and signoff with customer.

Custom Business Systems were a struggling distributor of terminal emulation software, who had seen both their market space and margin shrink. Remit was to revamp their product offerings and turn the business around. During my time at Custom Business Systems I was responsible for increasing sales five-fold while tripling margins in 18 months. I undertook a rebranding of the company and changed product focus towards IP services and security software by establishing distributorships with new companies, such as Netscape and Checkpoint. I also developed a strategy to leverage the sale of product with a ‘service-wrap’ using a pool of retained consultants.Using previous contacts I established new highly-profitable channel relationships with such as Business Systems Group, Computacentre and Integralis.While at Custom Business Systems I managed a direct sales team that focused on local government, as well as the development and support of our channel partners.

E92 Plus are a distributor of security products from vendors such as Cisco, Checkpoint and Netscreen. Role encompassed overall responsibility for the company’s technical capability, internally and externally for pre-sales and post-sales support.

Worked in various contract roles involving establishment of IT systems and network infrastructure. At this time companies were first starting to gain an Internet presences, so many of the contracts involved the upgrading of internal networks, the installation of packet filtering firewalls, installation of server hardware/software and routing infrastructure.

Responsible for the technical evangelism of Apple's product portfolio with an emphasis on Web, email and UNIX-integration products