The Security department supports the rest of the rapidly growing Ardoq organization by building and evolving core information security capabilities. We advocate for a pragmatic and risk-based approach to enable the creative and smart teams throughout Ardoq.Since I joined Ardoq as the head of the Security department, we've managed to prove that we have strong security fundamentals in place by undergoing SOC 2 (Type II) audits, and becoming ISO 27001 certified.As the company grows so do the challenges. Our team is always looking for talented and experienced individuals who can help Ardoq build and maintain creative approaches to security and manage risk.

I joined Miles to help create an exciting new cybersecurity practice. Leveraging Miles’ existing expertise and experience within software development, architecture and agile methods, our aim was to develop new and exciting software security capabilities for our customers.

I was responsible for the success and delivery of software security consulting services at existing and new customers. In November 2016, I took on the challenge of developing our reach into the Nordics, growing the region from an outlier to a critical part of the company’s European security consulting strategy. I assisted companies in building and improving their software security initiatives, helping them build capabilities within their own teams to address security in all stages of their development life cycles. With the aim of being a trusted advisor to senior security stakeholders, I worked with clients to understand their security challenges and discuss how best to balance their objectives of risk reduction and feature velocity. This included an increased focus on CI/CD2 and DevOps.I managed delivery of security assessments such as application penetration testing, threat modelling, secure code review, embedded hardware security testing, and network penetration testing.I also operationally managed members of the consulting team in London. I am passionate about creating a working environment where employees feel recognised, supported and empowered. My responsibilities included helping my team achieve their career goals by facilitating their technical and non-technical skills development. I supported the team in creating a new consultant internship programme, ensuring we attracted and retained top talent through a semi-structured skills development curriculum.One of the areas of my job that I was most passionate about was collecting information on companies’ software security initiatives to help inform and update the Building Security In Maturity Model (BSIMM). As a lead BSIMM assessor, I interviewed key customer stakeholders, including senior development managers, heads of software security, and often company executives. I helped cultivate the BSIMM community by selecting speakers and topics for the annual BSIMM Europe conference.

As a Managing Consultant at Cigital, I was responsible for the success and delivery of software security consulting services, product deployments and training delivery at Fortune 100 companies based in the UK and mainland Europe. My focus was on helping companies build and improve existing software security initiatives, including measuring organisations against the Building Security In Maturity Model (BSIMM), and helping them build capabilities within their own teams to address security in all stages of their development life cycles.As part of my role I also operationally managed and mentored some members of the Cigital Europe team. My responsibilities included taking consultants through semi-annual and annual reviews and providing on-going feedback on performance, as well as helping them achieve their career goals through promotions and other personal development.

I helped build the Strategic Security professional services team in EMEA, where we grew the team from 2 to 14 resources in 3 years. I continued to provide consulting services, but also focused on business development. My role included team mentoring, consulting resource administration, pre-sales, scoping, proposal preparation and sales forecasting.I continued to provide tactical assessment services and training, and assisted customers in building strategic security programs. This has included several longer-term engagements helping customers develop proactive Application Security programs.

I performed a variety of assessment services for clients, focusing on web application security assessments, network penetration testing and policy reviews. I also served as an instructor for Foundstone's Building Secure Software and Ultimate Web Hacking classes. My work also involved project management of a variety of assessment services, managing resources and liaising with clients from initial sales calls to successful completion of the engagement.

I was part of a research team working on trust and security in the context of the HP Adaptive Enterprise programme. My work applied both my technical and social skills, and included algorithm design, prototyping and other IP generating work. As a result of my work, three patent applications were filed by HP.

As part of my passion for music, I was employed as a sound technician for the student union. My work involved setting up and running a variety of sound systems from small DJ setups to full rock concerts, with the largest project being the students' Summer Ball. My work also involved setting up and running lighting rigs for a variety of events, adding to my practical and creative skills.

Assisted researchers in the field of audio stimulus for use in psychology research. Rewrote software in Matlab to apply Head-Related Transfer Functions to audio stimuli, so as to simulate virtual origins of audio stimuli in a 3D environment.

Between my second and third year at Exeter University, I was employed to design and implement a network polling system for the University. This let me explore both network engineering and programming using SNMP, SQL, dynamically linked code and low level memory management in C.