Cyber Candidate

Cyber

Personal statement

Information Security professional with CISSP since 2018. I have over 20 years of experience in security, compliance, risk, privacy, governance, and people management roles. At Barclays I successfully delivered high profile programmes with a personal 'Outstanding' rating relating to GDPR (General Data Protection Regulation), and Technology Controls improvement. In my current role I am the Information Security Manager which is the de facto CISO position for the company. I am responsible for the Information and Cyber Security programme and am also the company's Deputy Data Protection Officer. I enjoy being active in my workplace community by contributing to social clubs and organising events, founding a board games club at Barclays which grew to over 200 members.

 

Career Experience

London

Information Security Manager and Deputy Data Protection Officer

2020 to current

Responsible for the Information and Cyber Security Programme managing a small team to implement the Information and Cyber Securit y strateg y for the compan y . In the Deput y DPO role, I provide governance  to ensure the compan y complies with GDPR and Data Protection Act requirements.

  • De facto CISO role
  • Developed, implemented, and refined the Information and Cyber Security programme
  • Designed and implemented the Education and Awareness programme
  • Manage incident response

 

London

Information Risk Manager - CSO GDPR Programme Lead

2017 to 2020

Responsible for delivering GDPR readiness for the Chief Security Office {CSO) with vertical business line accountability and whole of business cyber security (horizontal accountability). Integrated with the compan y-wide programme providing  security expertise to develop and implement  policies  and controls to meet regulatory requirements.

  • Relationship managed senior stakeholders including multiple Managing Directors; scoped their requirements, facilitated strategy discussions, and provided guidance as a Subject Matter Expert (SME)
  • Performed gap analysis and provided recommendations for compliance with new regulations such as GDPR, PSD2, and privacy laws in multiple jurisdictions
  • Formulated Cyber Security, Information Security, Data, and Privacy compliance standards and policies for the risk management framework utilising my NIST, ISO 27001, GDPR, PSD2, and ePrivacy knowledge
  • Analysed hundreds of internal applications, systems, and processes to create an auditable compliance library of documents for Regulators including DPIA, AML, and Risk Registers
  • Led monthly stakeholder forums for Security, Risk, and Compliance responding to queries and challenges as the SME for Conducted security awareness training including social engineering exploits, KYC, supply chain management, internal monitoring, and anti-corruption measures
  • Delivered the Group GDPR programme with all milestones met on time and issues being resolved

 

Information Risk Manager - CSO Service Management Lead

Responsible for  delivering  the Technology  Controls improvement  programme for  CSO. Updated  and  modernised  the controls, to ensure accuracy, consistency, and accountability across a global landscape.

  • Managed Second Line of Defence Technology Controls for CSO, monitored and ensured continued compliance for ten technical standards (Configuration, Change, Incident, Problem, Hardware, Software, Service Level, Support, Data Backup and Recovery, and Resilience)
  • Performed horizon scanning, searching for current and emerging IT risks and Provided reports to stakeholders on topics including loT, data infrastructure, predictive and diagnostic analytics, and Al
  • Led twice-monthly Service Management forums, challenging managers where required, resolved issues with Identity Access Management (IAM), Sarbanes-Oxley (SOX), and Resilience compliance
  • Delegated group authority at Standard Owner forums and Stakeholder meetings, represented the Managing Director, provided feedback and challenge to policy proposals and new controls
  • Wrote closure packs for CSO Terminal Milestones, integral to formal risk issue closures

 

Team Leader

2013 to 2017

Responsible for leading several units of diverse employees  in teams of 8 to 11. Functioned  as a role model, coach, and

subject matter expert. Conducted performance and disciplinary investigations.

  • SME for global transformation programme, assessed software from potential new suppliers, developed new processes, guidance, comparative indicators, and reference materials
  • Coached and mentored application, policy, and service teams, encouraging positive workplace culture
  • Organised work allocations, managed internal reporting, and conducted personnel investigations
  • Improved productivity through operational planning analytics, 1:1coaching, and hosting training seminars
  • Established and maintained risk registers for information, fraud detection, and conflicts of interest

 

London                                                                                                                                                                 

2008 to 2012

Pricing Analyst

Responsible for pricing assets within tight deadlines for extremely high value funds . Needed to cond uct second line reviews, perform pricing investigations, and create variance reports for management and internal audit.

  • Created detailed Excel spreadsheet formulas and macros, using SQL and dashboard reporting software for price formulation, variance analysis, and risk reporting
  • Evaluated funds for high-wealth clients, responded to queries and price challenges from stakeholders
  • Trained new and experienced colleagues and signed-off their work
  • Produced financial reports for senior decision makers incorporating scenario planning

 

London

Expense Analyst

2011

Headhunted for  a short-term  contract to provide  enhanced steering for  a high profile,  sensitive programme,  covering

thousands of employees  to identify hundreds of millions of dollars of savings.

  • Managed a cost cutting project providing analytics, guidance, and materials to department heads
  • Created presentation decks and coached messaging for senior management to deliver difficult news
  • Successfully achieved savings goal with minimal impact on employees and business functions

 

Intelligence Analyst

2004 to 2007

Responsible for creating detailed risk and intelligence reports at strategic and tactical levels to brief senior management

and the Minister of Immigration .

  • Wrote and executed the area's intelligence plan and created intelligence digests for stakeholders
  • Established and strengthened relationships with foreign and domestic law enforcement agencies
  • Led project presentations to the Chief Executive Group
  • Managed records for regulatory compliance for the Group's information system in accordance with international standards, built an online knowledge base, and trained officers in information security
  • Created detailed spreadsheets, using Excel macros and SQL to bulk analyse applicants, developed and implemented strict information security protocols to store and use the information
  • Project managed the IT fit-out of new premises incorporating physical and cyber threat assessment, and was a software Key User providing support to senior colleagues for Microsoft and bespoke applications

 

Qualifications and Training

2018 Certified Information Systems Security  Professional {CISSP)  membership

2015 - 2016 Internal government and external private courses on coaching, leading, and facilitation

2004 - 2007 Internal government courses on information security, strategic and tactical risk assessments, project management, website development,  advanced document fraud detection, and counter terrorism

 

University Qualifications

2002         Bachelor of Arts (Social Anthropology)

1999         Bachelor of Commerce (Accounting)

Request call back

Upload your CV

Contact us