Thomas B. Email & Phone Number

London, England, GB

Providing executive, investor, client and organisational security leadership for this software as a medical device (SaMD) company focused on the use of artificial intelligence to assist physicians with atrial fibrillation ablation cardiac mapping procedures. Managing the cyber security risk management methodologies, processes, and solutions to ensure data.

London, GB

Providing board-level advisory services as a non-executive director related to cyber security, information technology, customer relationship management (CRM), and boarder aspects realated to risk and compliance.

London, Greater London, GB

CEO and Managing director for this London based boutique cyber security advisory and consulting company who employ and leverage ex-Big Four resources with a minimum of 20+ years experience to provide strategic, organisational, technology and pragmatic results-oriented solutions for companies of any size and across every industry.

Contracted as a NED and board advisor to help this startup prepare for a Series A funding drive while ensuring IP and sensitive data is protected from external and internal threat vectors. Leveraging a combination of COTS, SaaS and IaaS solutions to develop a pragmatic tactical security / data privacy architecture and strategy designed to improve over time.

New York, NY, US

Corporate and executive advisor for GLG clients on a variety of industry and technology topics leveraging my non-executive director, consulting and advisory experience.

Cambridge, Cambs, GB

Supported CISO and CIO with the development of new enterprise IT and enterprise security target operating Models (TOM) along with a new information security strategy, while managing a team of 8 within the Governance Risk and Compliance (GRC) function. Laid foundation for new risk management framework based on ISO 27005 supported by an updated control.

London, England, GB

Leveraging experience to establish a new consolidated enterprise risk framework while managing the governance risk and compliance (GRC) function in the heavily regulated UK healthcare and cloud platform services market (e.g. CQC, NHS Digital, DCB0129/160, ASX, etc.). Established streamlined ISO 27001 Information security management system (ISMS) combined.

London, England, GB

Provided information security leadership as CISO working with the Board, leadership and every department to drive complex compliance and assurance requirements (e.g. CQC, NHS digital, ISO, cyber essentials, commercial, M&A, PCI-DSS, etc.), establish a new information security strategy, structure a target operating model (TOM) and design controls to meet.

Chicago, Illinois, US

Providing executive advisory services and fulfilling the Chief Information Security Officer (CISO) role. Developed and implemented custom ISO 27001 information security management system (ISMS) and privacy information management system (PIMS) for a US internet data marketing management company focusing on pseudonymized privacy and GDPR/CCPA compliance.

London, GB

Managed the design, development, and delivery of custom risk management framework team to support both enterprise risk and information security transformation programmes as well as architect a new risk target operating model (TOM). The new methodology supports a wide range of compliance and assurance capabilities (e.g. FRC, ISO, cyber essentials, HM.

Worldwide, OO

Delivered a global security compliance programme resulting in 48 individual ISO 27001 certifications covering all 250 thousand employees of this Big Four audit firm while supporting the implementation of new security strategy for global, regional, and member firm CIOs, CISOs, and business partners.

Worldwide, OO

Successfully transitioned the enterprise from ISO27001:2005 to 2013 version and invented a custom designed ISMS methodology and part SharePoint / Excel GRC solution involving daily interaction with the CSO, executives, business owners, information owners, security, IT, suppliers, and internal audit.

Virtual Chief Information Security Officer (CISO) and Chief Technology Officer (CTO) covering information technology, information security and privacy (GDPR) compliance for this networking organisation focusing on providing resources, access, and opportunities to youth and young professionals in emerging communities and emerging markets across Europe, so.

London, GB

Designed a contract, personnel, technical, and process security control framework based on ISO27001, ITIL, and client specific security policies which included support for secure B2B, remote monitoring, ListX, Forensics, and custom DR requirements for three new infrastructure outsourcing clients. Also performed an ISO27001 security audit on a country wide.

London, GB

Authored two security awareness training courses for management and engineers within Industrial Control Systems (ICS) industries for the UK Centre for the Protection of National Infrastructure (CPNI).

London, England, GB

Developed custom security compliance programme for all corporate and function business units (e.g., IT, Treasury, HR, Legal, M&A, Tax, etc) including training and awareness, governance and data driven reporting. Managed senior stakeholders from business leaders, CIOs and 1000s of employees and contractor relationships from business group leaders, CIOs.

London, England, GB

Developed custom security compliance programme for all corporate and function business units (e.g., IT, Treasury, HR, Legal, M&A, Tax, etc) including training and awareness, governance and data driven reporting. Managed senior stakeholders from business leaders, CIOs and 1000s of employees and contractor relationships from business group leaders, CIOs.

Zurich, CH

Managing the global security and compliance team for a one billion-dollar six-year infrastructure outsourcing agreement with a large Swiss investment banking organisation covering networking, voice, and perimeter protection services. Focus includes contract compliance for global operations and implementations teams spanning over 200 suppliers, internal /.

Foster City, California, US

Coordinated third party auditors and consulting organizations with all internal global business and IT departments to shape remediation projects identified within the first QSA gap assessment results. This included more than 20 thousand hours of estimated work requiring stakeholder management, budget management, contract legal reviews, and governance setup.

London, London, GB

Enabled the enterprise architecture team to deliver security through a standard set of security services managed centrally using TOGAF and focusing on threat modelling, risk-based decision making, reusable design patterns and various workforces including on-shore and off-shore resources.

London, England, GB

Created a new centralised programme management office (PMO) for all the centrally managed IT security programmes valued over 20 million dollars, which also required direct interaction with the CSO, CIO, individual business units, security department heads, finance teams and delivery teams.

London, England, GB

Initiated project start-up for several security risk management technology projects including: data leakage / loss prevention (DLP), middleware and database scanning, SIEM active event monitoring, vulnerability scanning, strategic incident detection systems (IDS) and various incident detection / response solutions. Managed setup of legal contracts with.

London, England, GB

Provided project management and consulting for several projects including an enterprise security awareness platform replacement, security awareness content development and a common enterprise policy framework based on ISO 27001 and a new risk-based delivery model.

Dublin 2, IE

Evolved Anderson Consulting’s strategic approach into Accenture’s tiered service delivery model by developing, leveraging, and delivering with various global diverse work forces across every industry and corporate technical environment. Establishment as a global security architect and eCommerce fraud expert provided a platform for specialisation, while a.

London, UK, GB

Provided a full security architecture review for this large UK bank’s strategic international payment solution. Delivery included management of client, third party consultants, software vendors and legal teams to ensure the appropriate technical and process solution was within risk acceptance tolerances. Ensured first stage-gate governance passed with over.

Provided a security architecture and strategy to meet the client’s unique high volume requirements transforming from custom developed hardware and software solutions to more standardised enterprise vendor solutions. Accenture was asked to design a practical security architecture with a phased rollout approach allowing for critical growth needs balanced.

London, GB

Responsible for the application architecture work stream and delivering the initial overall end-to-end enterprise technical architecture for this UK-based global investment banking firm. The new solution required digital transformation of the eBanking and full eCommerce architecture while ensuring full regulatory compliance (e.g. FCA, PRA, PCI, SOX, MiFID.

London, GB

Acted as the eCommerce IT Fraud subject matter expert for the programme and helped with the initial business case, vendor analysis, technical feasibility study, and target solution architecture design for this international bank.

London, GB

Managed a team of 16 enterprise solution architects to deliver a portfolio of over 50 internal banking projects including mainframe, card systems, fraud management, SOA, service interface designs and compliance activities requiring legal, procurement, security, and executive stakeholder management throughout all phases of the delivery lifecycle.

London, GB

Provided industry and technical experience to help with various initiatives including strong authentication, transaction integrity and new wireless communication channel security opportunities. This international bank required support and management of several on-going security / anti-fraud programs within online banking.

92707 Colombes, FR

Led mixed Accenture and client French delivery team to 1) profile critical SAP business processes including a Business Impact Assessment (BIA); 2) map processes to underlying people, processes and technology against industry standards (e.g., ITIL, ISO17799, Cobit, etc.); 3) facilitate prioritization based on business, CFO and CIO impact / risk assessment.

Managed three strategic work streams for this Belgium telecom company: 1) overall mobility technical roadmap including policies and architecture, 2) securing Microsoft exchange for both client and web access, 3) 802.x wireless security architecture design. The designed solution was aligned with the client and industry risk / threat models providing context.

Blagnac Cedex, FR

Directed the investigation, design, and delivery of a custom IT Security Architecture to support physical, network, application, and operational delivery of a pre-European country boarder security 8-million-euro solution. Coordinated with large European defence contractor to manage a delivery ecosystem of providers across a wide range of security.

London, GB

Supported time-sensitive Sarbanes-Oxley (Sox) and data classification efforts with tight compliance deadlines. This included architecture, procedures, reporting, analysis, and implementation of delivered solutions to a global audience of client directors and client country leads. This large financial services client has offices on every continent and is.

London, GB

Performed the role of lead Security Architect for a 6-year enterprise transformation program for this large global insurance company, including supporting 600+ delivery personnel throughout all phases of deployment and with a diverse Accenture lead ecosystem of providers and offshore delivery teams.

Dublin, IE

Managed a team of internal and external resources to develop custom cross-government identity and access management (I&AM) service-oriented-architecture (SOA) service to connect different agencies.

Farnborough, Hampshire, GB

Assessed the security risk for a 7-year UK government infrastructure outsourcing agreement.

Yeongdeungpo-gu, Seoul, KR

Developed enterprise banking security architecture for a new banking infrastructure solution.

London, GB

Delivered a tailored security architecture assessment conducted to ensure the technical and logical outsourcing design would maintain security compliance to meet both banking and functional requirements. This global bank was focused on security concerns should their entire software development department be outsourced to one or more vendors outside of the.

Bloomington, Illinois, US

Developed 7 security service strategies into a TOGAF enterprise security architecture framework.

Bloomington, Illinois, US

Structured the Enterprise Security organization service offerings and business support models.

Washington, District Of Columbia, US

Developed a comprehensive web application security architecture base on Netegrity SiteMinder.

Indianapolis, Indiana, US

Architected and managed implementation of a full PKI and web application security B2C / B2B portal.

Bloomington, Illinois, US

Constructed enterprise security roadmap for CSO, CIO and executive board members.

Worldwide, OO

Led US HIPAA practice for healthcare security methodologies and solutions. Managed security for 9 projects focused on PKI, incident response, SAP DR, network sec. and more.

Des Moines, Iowa, US

Led SSO (Single Sign On) and Password Synchronization (OS390, NT, NetWare, Unix) initiatives. Managed ESM (Enterprise Systems Management) security team responsible for budget of $2 million. Analysed, researched, & consulted all strategic business units on new and/or existing technologies.

Managed and implemented new web developments, networks, and security architecture designs. Provided IS consulting services for 50+ small to medium sized clients.

Designed and implemented new enterprise network architecture including LAN & WAN connectivity and office IT infrastructure. Architected new cross-organization Multiple Listing Service (MLS) architecture from vendor assessment through to full state-wide implementation.

Mba, Business Administration And Management (Technology)

Bs, Business Administration And Management (Technology)

Education record