As Head Tutor of IMD's Cybersecurity Risk and Strategy, a program directed to C-levels, I guide professionals in mastering strategic frameworks and vocabulary to enhance organisational cyber resilience. This role involves delivering a non-technical, practical approach to cybersecurity management, ensuring participants can make informed decisions and fortify their institutions against cyber threats.

Security Operations Center Manager and CISO Advisor of a handful of Fortune 100companies, delivering follow-the-sun coverage. I work with various high-stakes environments, focusing on automated driving, healthcare, pharmaceuticals, and corporate asset protection while remaining hands-on in overseeing incident responses and discussing technical details with the team. I manage globally dispersed teams (spread around India, Singapore, Australia, Israel, Qatar, Switzerland, the USA, Germany, Belgium, and the UK), engage directly with CISOs, and navigate third-party relationships. My responsibilities include overseeing the Security Architecture Board and delivering monthly C-level reports. My role is integral in aligning security strategies with organisational goals, enhancing infrastructures, and driving continuous improvement in security measures across the board.

At Abcam, I led security the Security team globally to enhance operations and teamwork, managed partnerships to deliver superior security services aligned with our mission, and created and updated security policies and procedures to integrate with business goals and risk management. I developed a risk-based approach to vendor management and residual risks, initiated a company-wide security training program to improve awareness, and enhanced the security framework to meet NIST and ISO27000 standards, leading the organisation to prestigious certifications. Additionally, I improved incident response, developed metrics for security scores and insights, led data analysis to improve threat detection, collaborated with Internal Audit to ensure SOX compliance, managed the design and operations of network infrastructure, led technology discovery and major security implementation projects, managed technology planning and budgets for resource optimisation, and oversaw the implementation of advanced security solutions like CASB, SASE, and MDR.

I developed and implemented the internal SOC using Darktrace, led and managed a team of Security Analysts, engaged and supported customers through security events, mentored and developed Security Analysts to excel, managed partners to deliver a world-leading security service, created and reviewed policies, led the certification process for standards such as PCI-DSS, and provided leadership over analysing multiple data sources to detect and defeat system threats. As the Security Architect for all cloud applications on Azure and AWS, I designed and operated network and email security frameworks, including networking, firewalls, switches, VPNs, and frameworks like DKIM and DMARC. Additionally, I was responsible for technology discovery, architecture, implementation projects, governance, continuous improvement, and strategic planning of technology, budgets, and investment cases.

As the Global Head of Infrastructure at AVEVA, I managed infrastructure project management and operations, leading a team of global specialists to deliver operational infrastructural support for networking, firewalls, SaaS, Azure, AWS, and incident management, overseeing technology discovery, design, and implementation projects, and ensuring governance and continuous improvement across policies, legal, security, compliance, and risk management best practices. I also handled strategic planning of technology, budgets, and investment cases and supported the global merger with Schneider Electric Software Business while providing effective and appropriate support to the AVEVA user base and other IT functions.

From October 2010 to April 2018, I managed Granta's information technology and security needs, overseeing the design, implementation, administration, and maintenance of Granta’s internal and external networking and security infrastructure. I led a team with three senior direct reports across IT Service Delivery, Infrastructure, and Business Systems, managed the IT budget, and created and implemented Granta’s IT roadmap. My team handled all IT and business systems, including system troubleshooting, backups, archiving, administration, and maintenance of systems, hardware, and software; implementation of security policies based on the ISO27001 framework; and administration of computer stations, servers, printers, and software company-wide, ensuring helpdesk issue resolution. Additionally, we managed inventory and procurement for software licenses, hardware, CRM, SharePoint, project management, and cloud management. Major projects included migrating Exchange 2003 to 2010 and later Office 365, SBS 2003 to clustered Active Directory 2008, now ADFS, developing Granta’s Helpdesk and Inventory system and IT Services Catalogue Portal, virtualising 90% of the company’s 300+ servers, redesigning Granta’s outdated network and security systems with a new Firewall, DMZ, and VPN solution, introducing Agile Model-based IT team evaluation, and leading the adoption of CRM, SharePoint, Skype for Business, and Microsoft Teams.

As the Head of IT and CyberSecurity, I successfully steered Camfed through IT challenges faced by a rapidly expanding charity with offices in the UK, US, and Africa. I radically improved the IT infrastructure, significantly reducing IT costs and transforming communication between Camfed offices. I inherited and consolidated a decentralized IT management and service support structure across international offices in six countries into a centralized infrastructure management model, enhancing manageability, risk assessment, and reducing complexity. This consolidation involved global server and computer unification, decreasing administrative overheads through consistent processes and efficiencies via centralised systems, outsourced exchange mail, and internet service providers. I designed and implemented the helpdesk system, corporate intranet, and wiki, led the migration of the financial system to a consolidated service, cut costs on licenses and support, and migrated the CRM system to Salesforce, engaging the organization in its usage. Additionally, I developed all IT and security policies, designed baseline surveys in African rural areas using PDAs, laptops, and solar panels, selected technology for IT centres in Africa focusing on green, low-cost, low-maintenance solutions, and was a member of the Senior Management Team.

As the Owner and CyberSecurity Expert at SystemCall, I developed network and security projects and training plans, acted as a pre-sales engineer for network and security projects, performed presentations on security products, and provided consultancy on system administration for Windows 2000/2003, Solaris, Linux, and FreeBSD. I participated in content networking projects, including site load balance, server load balance, firewall load balance, and content distribution, and provided training on basic and advanced TCP/IP, network design, Checkpoint firewalls, Nokia appliances, security management, BS7799, and ITIL.

As the Information Security Officer at Atento Brasil, I was responsible for the network security strategy, reviewing the information security policy, and designing and validating all documents and procedures to meet the policy. I managed the Incident Response Team of approximately 30 people, led the Internal Information Security Committee comprising executive directors from each department, the CSO, and the CIO to discuss security-related problems and metrics solutions, and led the development of the Disaster Recovery Plan. My main activities included conducting vulnerability analysis using tools like Internet Scanner (ISS), scanport, GFI Languard, Retina, and Nessus; system administration on Linux (Red Hat and Debian), FreeBSD, and Solaris for UNIX-based servers; defining and designing network security for internal and external projects; training key staff members on information security concepts; resolving security-related issues in accordance with group policies and security standards; driving a focus on systems data security and integrity issues across the IT community; and providing technical consultancy, assurance, and coordination to underwrite the security and integrity of various server/desktop and infrastructure technologies.

As the Network and Security Manager at Siemens, I led the security team, managed over 15 firewalls (Checkpoint, Nokia, IPtables, and Cisco Pix), supported around 1,000 VPN users with RSA tokens, digital certificates, and Radius authentication using hybrid IKE, and oversaw all external and internal DNS (Bind) and email (Sendmail) servers on FreeBSD. My main activities included conducting security audits on Cisco routers, switches, VLANs, and SAP systems; system administration on UNIX, Linux, FreeBSD, Solaris, and Windows; providing security consultancy and project management for clients; preparing security documentation and performing penetration tests; conducting internal and external risk assessments; monitoring the environment to implement preventive security measures; designing and managing Security Operation Centre (SOC) implementations and auditing systems; maintaining systems and protecting data from unauthorised access; providing technical and user support for incidents; administering IDS and performing vulnerability analysis for networks, databases, and operating systems; designing network infrastructure projects for Siemens Business Services clients; handling general network, server, and desktop security; editing security bulletins; and serving as a pre-sales consultant producing RFPs and RFIs for projects.

Working as a consultant from March, 1999 to August, 2001 in the following projects/clients:-- MundoMedia (Advertising industry) 02/01 – 08/01Infrastructure and Support Manager-----------------------------------------------------------------------------------Responsible for reorganizing and administering the network, besides all site support and help desk. Key Roles included Network Administrator, System Administrator and Technical Support Team Leader Environment: Directly responsible for all company servers: firewall, proxy, DNS, e-mail server, domain controller, database and others. Responsible for 2 people: Support and Help desk Team. -- Intersix (Security Consultancy) 11/00 – 02/01Security Consultant----------------------------------------------------------------------------------Responsible for supporting the sales department, acting as pre-sales and reviewing projects. Responsible for security projects implementation for external clients.-- Hewlett Packard (Technology) 03/00 – 11/00---------------------------------------------------------------------------------Support and Help-Desk ManagerResponsible for about 30 people for one of HP’s biggest clients. Responsible for SLA and high-quality service.Environment: Directly responsible for 30 people (Help-Desk team for 1 client) and Microsoft Systems Management Servers. The team under my supervision had 15 people at the beginning and after our success it increased to 30 people in 3 months. -- NetBrasil/Globocabo (Cable TV) 03/99 – 03/00---------------------------------------------------------------------------------- Systems DeveloperMain activities: General network, server and desktop support/help-desk. Network infrastructure migration. Windows NT server’s administration. Exchange server migration. MS Proxy installation. Checkpoint Firewall-1 administration.http://netbrasil.globo.com/

General network, server and desktop support/help-desk;Roles: - Windows NT - Network - Exchange Server