Scope new technologies, operational approaches and roadmaps while supporting security audits and risk assessments. Called upon awareness of emerging cybersecurity developments, technologies and threats while identifying opportunities to mitigate infrastructure risk to critical systems within this European leader in residential real estate services in line with a budget of £1m+.Key Achievements:• Led, motivated, and provided budget oversight of the Information Security Compliance, Cyber Security, and IT Business Continuity teams. Expanded from a team of 1 to 6+, supporting a growing workforce of 6,000.• Through GPOs, Intune, and Azure controls, implemented hands-on hardening of devices, servers, and IaaS environments following best practice benchmarks and thorough risk assessments, ensuring minimal impact on employee productivity.• Orchestrated internal and external security-based assurance activities, including web application and systems reviews, penetration testing, ISO 27001 certification, NIST, and Cyber Essentials Plus.• Developed and implemented a new ISMS, along with policies, procedures, and risk-based initiatives for business continuity, disaster recovery, and vulnerability mitigation, focusing on enhancing cyber-resilience.• Delivered real-time KPI, KRI, and system health dashboards while providing regular board-level updates on strategic actions, risks, and financial controls as the lead for Security, IT Risk, and Change Management Committees.• Managed the threat management program aligned with MITRE and DREAD, assessing risks related to vendors, M&A, software, and projects, including web applications, CRM platforms, SD-WAN, and Azure IaaS transitions.• Defined security incident response strategy and built SOC team in accordance with MITRE ATT&CK framework, seamlessly managing 10,000+ monthly alerts and achieving average incident containment times of under 5 minutes.

Established initiatives to improve cybersecurity in a regulated global environment for this global pharmaceutical wholesaler and service provider during the challenging backdrop of COVID-19.Key Achievements:• Secured cost savings (20%+) and enhanced performance by coordinating the transition from MPLS to SD-WAN.• Scoped and led a dynamic cyber-hygiene initiative, adopting a risk assessment approach to align technical strategies with Cyber Essentials Plus, OWASP, CIS benchmarks, MHRA and complex client requirements.• Optimised cybersecurity rollout of NIST and ISO frameworks across incident, problem, change, capacity, availability, and information security management processes.• Cut high-risk vulnerability exposure from 60% to under 3% by implementing MFA, minimised admin privileges, secured endpoint builds and initiated a risk-based patch management process.• Launched comprehensive security training with over 92% participation in a month.• Enhanced email security, and embedded robust automated penetration testing process.• Introduced continuous monitoring and analysis of security posture to identify and remove threats and vulnerabilities at pace by implementing a 24/7 SOC service, leveraging cutting-edge SIEM and EDR solutions.• Reduced major incident rates by 96% and expedited containment time by 97% by developing business continuity and cybersecurity response strategies.

Temporary contract to take the lead on ISMS, BCMS and PIMS in line with ISO27001, ISO22301, ISO27701, DPA 2018, GDPR, and FCA requirements for this FinTech provider.Key Achievements:• Planned and managed ongoing audit programme to retain certifications, including ISO 27001 renewal.• Managed data protection topics, including DPO, including DSARs, DPIAs, and contract reviews.• Oversaw risk management of security and continuity, including process mapping for business impact assessments.• Supported DevSecOps processes within AWS and managed cybersecurity incident responses.

Managed ISMS and BCMS in compliance with ISO 27001, 22301, and Cyber Essentials standards for this provider of essential infrastructure services while overseeing recertification procedures.Key Achievements:• Enhanced resilience and security management frameworks; orchestrated crisis simulations to engage board members.• Spearheaded cybersecurity incident response, ensuring adherence to the "Golden Hour" response principle.• Security and Counter Terrorism Lead in accordance with FORS accreditation.• Project-managed revamp of business continuity approach; streamlined group-level processes for business impact analysis, risk evaluations and business continuity strategy formulation.

• Information security and privacy consultant to UK Bosch companies and on project teams for connected products (including the first AI-driven robotic lawnmower).• Transformed security capabilities from a cost centre into a revenue-generating department.• Implemented and audited ISMS policies and processes to ISO 27001 and business requirements.• Oversaw GDPR privacy compliance programme, including maintaining records of processing activities for all departments, performing risk assessments/DPIAs and supporting DSARs.• Supported cybersecurity incident response and crisis management processes, including litigation and ICO collaboration activities.

Assorted roles including:- Sole Trader: IT consultancy and retail- Business administration/office assistant roles- British Army events and logistics support