Lead pivotal initiatives in cyber security strategy execution, including integrating security controls into deployment lifecycles, architecting threat modeling processes, and shaping advanced security standards. Influence ERM's cloud security protocols for enhanced overall security maturity.Oversee the Cloud Security Engineering function, providing application security models (e.g., OWASP SAMM), Cloud Security Standards, and DevSecOps Standards (OWASP DSOMM) to internal development teams.Manage the SecOps Team responsible for Security Operations Center (SOC), incident response, vulnerability management, and overall security controls. Ensure effective monitoring, response, and mitigation of security threats.Serve as the primary liaison for managed SOC, threat intelligence, and vulnerability management vendors. Define, monitor, and negotiate SLAs, KPIs, and contracts to ensure alignment with security objectives and standards. Evaluate emerging security technologies and solutions.Advocate comprehensive security principles across cloud and on-premise environments throughout ERM. Collaborate with technology delivery teams and stakeholders to drive continuous enhancements in cyber security posture.Lead the technical implementation of ISO 27001 standards, aligning security controls and practices with certification requirements. Collaborate with the GRC function to integrate technical security elements into the overall compliance strategy.

Subject matter expert in Defender for Endpoint, Defender for Identity, Entra Conditional Access/ Identity Protection and Identity Governance, Purview, Defender for Cloud, Recorded Future, Azure Sentinel, OS Hardening and Mobile Application Management (MAM)Rapid maturity of SecOps function with implementation of governance i.e creation of Security Incident Response Policy, Runbooks, Use case detection and testing.Creation of 24/7 incident response capability through a mixture of outsourcing using a managed SOC, creation of internal escalation on call rota and incident response retainer for expertise in specific areas. This included the mentoring and upskilling of all staff on call. Coordination of independent testing of capabilities using red teaming, penetration tests and table top exercises. Ensuring Cyber security controls remained effective and implementing continual improvement opportunities Built up the internal and outsourced vulnerability management services from scratch. Creation and reporting of KPIs for security controls, processes, incidents and maturity tracking against corporate strategies and business objectives.

Led a team of IT technical experts to remediate Red Team findings across on premise and cloud infrastructure spanning 268 individual tasksDefining and leading a threat led approach to enhancing configurations and policy to reduce riskFocusing on maximising security risk reduction value from existing investmentsMonitoring the capacity of security tooling, supporting infrastructure and forecasting future capacityPerforming cloud migration activities with existing on premise tooling to SaaS equivalents such as Defender for Endpoint, Tenable.io, Sentinel, Intune etc

Scrum master and coordinating of technical response to Covid with technical team across multiple disciplinesRepresenting Infosec at Architecture BDA sessions, providing Architecture Impact Assessments and aligning project solutions with strategic visionsSecurity requirements input into creation of various architecture roadmaps including Azure, O365 stack, OT DMZ, Networks and Zero trust access. Security governance for migration of platforms to cloud based solutions (ADFS, spam filtering - EOP, Sharepoint, Lync federation, BYOD for mobile)Defining and implementing policies, standards, procedures and guidanceSystem manager for LogRhythm, WebSense, Nessus, Symantec, Azure ATP, Defender for Identity and othersImplementation of Cyber Essentials+ and PCI-DSS v2/v3 compliance activitiesIncident response for breaches of corporate Acceptable Use Policy, malicious code events, lost / stolen equipment and spam/phishing emailMaintenance and tuning of security controls to counter identified and trending security incidents

Scout Specialist Vehicle (Apr 2013 till Oct 2013)Security engineer for the Scout Specialist Vehicle programmeLiaised with all design teams across entire programme to ensure security requirements were being met by proposed designsDesigning use case / testing and CTAS activity to provide assurance for requirementsIssuing security requirements to 3rd party suppliers and reviewing / approving documentation and test evidenceMint Tiger (Dec 2012 till Apr 2013)Protocol vulnerability analysisDeveloping exploit proof of concept code using PythonModification of COTS hardware to achieve desired functionalityDemonstrating vulnerability concepts to customer and documenting findings in a deliverable reportBowman, ComBAT, Infrastructure and P-BISA (BCIP) Programme (March 2009 till Dec 2012)Provision and specification of systems security requirements to address or treat security risks using DOORSProcess tailoring to match programme time and budget constraintsDefinition of product / system security architecture and identification of related control measures and solutionsDevelopment of security documentation to demonstrate compliance with applicable policies and standards to assist in the Accreditation processRepresenting the company in various customer engagements, security and IA forums to support successful progression of the programme, pursuit or activityAssurance of security products / system through design and scoping of effective test criteria and methodologies Management of Long Term Service Support (LTSS) contract for BCIP that involved statistical analysis of previous Incident Reports (IRs)Development of Operating System and software hardening procedures in accordance with CESG guidance to mitigate identified security risks