As part of the UK Cyber leadership team, I lead a team of technical cyber architects and consultants. The team makes a significant contribution to the company's drive for security and innovation, working with Tech Tribes and teams across the UK business.At Capital One UK we're proudly committed to creating an inclusive workplace, where the diversity of ideas and people are valued. We take on the best people from all walks of life. Whoever you are, whatever you look like, wherever you come from. We want you to share your ideas, grow your ideas and be listened to. Find our vacancies here: https://jobs.capitalone.co.uk/

I was the Chief Information Security Officer for NSK Europe, a Japanese-owned manufacturing company which operates in 10 countries in EMEA - from the UK to Russia (plus Turkey, South Africa and Dubai). I led a lean team of security staff and ran the European information security programme, working with colleagues across the world and with a central team in Tokyo.I was responsible for making sure that the easiest way to do business is as secure as NSK need it to be, that NSK are a trusted business partner because we meet or exceed customer security requirements, and that business leaders across NSK Europe can make risk-aware decisions as part of their day to day roles. I owned all aspects of security, including physical security, cyber security and security culture change.

I helped Equifax to survive one of the largest data breaches on record. I led several projects to address security issues prior to disclosure of the breach, and was the primary face of Equifax security to large US, Canadian and British customers as well as UK/Canadian regulators after the breach was made public. I have extensive experience of regulatory contact and investigation through this period of work, and in helping regulators to understand the challenges faced by modern multinational businesses.I created an immediate security improvement and control verification plan for 23 international business teams, and supported my global team through scheduling of client explanatory calls, updating team members on remediation progress, and ensuring the continued mental/emotional support for team members through this hugely disruptive and intense period of scrutiny and challenge.While I wouldn't wish this experience on anyone, it was an intense learning experience. The lessons that I and my team learned led to unique experience in areas such as breach readiness, control implementation and verification, crisis management, internal and external crisis communication, staff management and support, client engagement and effective delivery of the sheer number of concurrent tasks involved in such a situation.Prior to the breach, I was responsible for all business-facing security teams (Information Security Officers), leading around 80 security professionals in 24 countries across the world. My team was responsible for policy enforcement, client assurance, and security training and awareness.

Strategic management of security risks, working with matrixed centres of excellence in Atlanta, USA.Role highlights:- membership of the European executive board reporting to the Managing Director and global CISO- ownership of security education, training and awareness for Equifax worldwide, covering almost 10,000 staff in 24 countries- leading implementation of a global security risk management framework- leadership of teams in the UK and Ireland, and Iberia.

Responsible for global information security leadership, supporting operations on 4 continents. I worked with directors/MDs across the globe to address information risk in their business, implementing Equifax security processes and best practice. I led security work for a joint venture between TDX and the UK government to deliver a single funnel for debt management services, successfully gaining security accreditation for the pan-government project.I built the TDX security function, which did not exist prior to my arrival, into a team of high achieving staff which has recently been shortlisted as a finalist for a major European security award. • leverage Equifax resources, expertise and processes to mitigate information risk across TDX• provide guidance relating to privacy and compliance with the Data Protection Act (1998)• lead a global awareness and culture change programme, and present at Town Hall meetings• identify and mitigate information and business risk in UK, Spain, Australia and LatAm• influence executive stakeholders to include information risk in business planning and strategy• lead IT and security work on major bids, RFPs, client audits and contract negotiations• contribute as SME member of the risk and compliance committees, and the investment council• key contributor to the senior IT leadership team in TDX• represent TDX and build relationships with key clients including central government and global banking companiesKey achievements:• created and implemented a global risk management framework for all business risks• tangibly increased client confidence in TDX, improving client relationships to protect revenue• introduced a formal information security management system, certified to ISO27001• delivered security accreditation for the DMI programme• significant input into DMI contracts for TDX, covering ~20 subcontractors and ~150 supply chain bodies

I acted as Chief Information Security Officer (CISO) for the Agency, establishing a long-term security strategy and information risk management. I was responsible for leadership, development and management of 17 staff, covering security, privacy, compliance with the Data Protection and Freedom of Information Acts, as well as records and information management.• day to day ownership of information risk across the business, including senior briefings• leadership of several teams: security, DPA, FOI, information and records management • managing and leading audit programme (internal and throughout a global supply chain)• managing branch budget of ~£1m, and project budgets of up to £500,000Key achievements:• chaired Agency’s board-level Information Assurance Forum, driving engagement with directors• provided SME input into procuring a £500m online testing contract for use across government

Subject matter expert for all aspects of security, for a Government trading fund with a turnover of £200m, around 2,500 staff and 350 operational sites across Great Britain. • maintained key policies which cover the full range of technical, physical and personnel security• provided IA input to the Release Forum and board-level Audit & Risk Management Committee• acted as first responder for technical security incidents and investigations• managed compliance with PCI DSS, Security Policy Framework, IA Maturity ModelKey achievements:• contributed to the UK IA professionalisation programme, standardising roles across government• part of the Cabinet Office-led group which developed the Information Assurance Maturity Model • delivered budget savings of £300,000 over two years by bringing skills and knowledge in-house

Key achievements: • Security lead for the award winning CPC project, which delivered UK compliance with EU law• implement a consistent method of assessing physical security across the Agency’s 350 sites

Head of Technical Department for Nottingham-based software house, which produced applications running on IBM AS/400 mainframes. Our primary customers were large-scale high street fashion companies. My team provided functions such as IT support and operations management, security and client relationship management. • deliver new client implementations• support all aspects of AS/400 mainframe software• manage client relationships and run quarterly client forums• IT incident investigation and client support using Query/400Key achievements: • delivered internal IT modernisation programme for the company's network• implemented support ticketing platform and support FAQs