An accomplished, dedicated and committed Information Security consulting firm with over 14 years of UK based experience within financial services including banking, public sectors, mobile telecom, and energy industries. Hands on technical security assessment capability with involvement of wide range of challenging engagements through optimisation of client security controls and cyber security programmes, to providing specialist support on issues such as cyber strategy, third party risk.
Key strengths
- Ability to understand the business and regulatory requirements and to be able to translate complex cyber security issues into straightforward, credible, jargon free advice to clients; and delivering the support they require.
- Track record within the financial services showing understanding of threat and regulatory issues related to cyber security followed by implementing wider range of standards and frameworks including NIST, CIS 20, SANS, ISO 27001, GDPR, Cyber Essential Plus, PCI-DSS etc.
- Experience of leading and overseeing security aspects of IT infrastructure projects for clients, ensuring adherences to best practice processes and tooling. Exposure of recommending security controls to high regulated financial clients and identifying solutions that support a business objective, working out subtle security needs and understanding the impact of decisions.
- Specialist in conducting full risk assessment activities followed by providing security advice and recommendations based on the latest risk analysis, so that agreed solutions can be subject to end-to-end assurance measures.
- Qualitative testing of web application security within various stages of the Software Development Life Cycle (SDLC) and production environments to help strengthen the company’s security posture through penetration testing activities and use of automated (and semi-automated) tooling, tracking identified vulnerabilities & providing resolutions.