I am a Technology, Security and Risk Management professional with highly valuable business and technical skills obtained in high profile private and public sector organisations.
I have proven experience in successfully implementing information risk management frameworks and in developing effective management systems for risk and governance. My main focus is to ensure that technology and security delivers business benefit and is aligned to business strategy. I am believer that technology should effectively address real business risk and demonstrate clear value.
I have lead several projects to take organisations through the successful implementation (up to and including certification) of a number of standards including ISO/IEC 27001, PCI-DSS and HMG Accreditation. I have also conducted numerous risk assessments using a variety of methods, lead security improvement projects, lead due diligence exercises when selecting and assessing outsource contracts, developed security architectures, implemented and tested business continuity plans, managed penetration tests and security investigations.
In addition to consulting I am also a certified trainer working with PECB teaching accredited courses to clients worldwide along with developing course material. These courses include ISO 27001 Lead Auditor and Implementer, ISO 22301 Lead Auditor and Implementer, Certified Lead Privacy Implementer, CISA, CISSP and Risk Management courses.
I have gained valuable International experience gained across the globe and very much enjoy working in dynamic international environments. My international experience includes working in: UK, USA, Canada, Sweden, Ireland, Netherlands, Germany, Indonesia, Thailand, Mongolia, Fiji, Croatia, Portugal, Romania, Saudi Arabia, Qatar, Nigeria, Kazakhstan and Turkey.