Information Security enthusiast. Information Security, Governance, Risk & Compliance Consultant. CISSP, CISM, CRISC qualified. InfoSec Researcher.
Information Security enthusiast. Information Security, Governance, Risk & Compliance Consultant. CISSP, CISM, CRISC qualified.
InfoSec Researcher. Cyber-Defence Taskforce Member. University Gold Medalist. Policy Advisor. Private Investigator and Expert Witness.
Over Eighteen years' experience of business analysis, consulting, security architecture, assessments, threat analysis and risk management.
Expert in Incident response & management, Crises management, Stakeholder engagement, requirements mapping & management
• Information Security governance - COBIT
• Risk management - SARA, SPRINT
• Threat management - Arbor's SP Peakflow, TMS
• Vulnerabilities management -Qualys, ISS, Nessus, Foundstone
• Security architecture - HLD & LLD creation, Enterprise architecture - TOGAF
• Firewalls, IDS, IPS - Checkpoint, McAfee, Cisco, Juniper, ISS, Snort, Sourcefire
• Vpns, IPsec Site to site, Client to Site, Endpoint encryption - Safe boot, Pointsec
• Proxies, Content filtering - Bluecoat, ISA server, Finjan, Cisco Ironport, Websense
• Cryptology, Digital watermarking, Crypto analysis, Steganography, Encryption
• Payment card industry data security standard (PCIDSS)
• IT Audit, Arcsight insight, Skybox security (SOX)
• SIEM : Arcsight ESM, RSA Envision, Splunk, LogRhythm, RSA Security Analytics
• Information security management systems ISO27001
• Policy standards & framework
• Identity and access management (IAM)
• Law, Regulatory, Compliance - HMG Law, Safeharbor, Computer Misuse Act, Data protection Act, International Privacy Legislation
- Past work experience with Financial Conduct Authority (FCA) & the Prudential Regulation Authority (PRA)
· Business continuity & Disaster recovery planning (BCP & DRP)