JR - CV

1.  Oct 2024 – January 2025
• Commissioned contributions for evidence from various stakeholders across the organisation, ensuring accuracy of the information from both policy and data provision perspectives.
• Designed the roadmap for Information Security Policy establishment at the organisation
• Carried out a comparism exercise of various government departments policy portfolios to analyse the gaps and strengths of FCDO policy suite
• Articulated the high level policy suite including standards and a prioritisation of the order of establishments
• Acted as a business as usual consultant providing advice and guidance on all elements of the relevant policy to the stakeholders
• Documented the policy approval workflows and obtained sign-off for it.

2.  Jan 2024 – Sept 2024
• Worked with CAF Framework and ISO27001 standards (including the NIST Framework)
• Digital Risk Management Framework programme developing artefacts and establishing processes and policies
• Collaborated with cross-functional teams to identify information security risks and develop risk mitigation strategies
• Documented the overarching Digital Security Risk Management Framework document aligned with CAF and ISO 27001
• Documented the E2E processes aligned to the ISO 27001 standards: risk identification, risk assessment, risk tolerance, risk appetite, risk mitigation, risk reporting, risk acceptance, risk profiling, risk exception, continuous cybersecurity assurance, vendor risk management etc
• Engaged and collaborated with the security incidents team to update security incident response processes (Disaster Recovery, Business Continuity, Gold Command, Escalations and Triages)
• Development of risk register template and the SRA control questionnaire
• Documented Work Instructions (Knowledge Articles) for supporting the incident response team in incident handling and management
• Documented, reviewed and communicated policies, processes and requirements to ensure alignment with CAF and ISO/IEC 27001 standards and best practices Documented artefacts such as : Use Cases, SRA Questionnaire, The RMF Overarching Framework, RMF programme Improvements and Timeline Documenting processes, RACI, Requirements catalogue Change Management Proposal and all relevant artefacts
• Facilitated workshops and meetings to gather business requirements, define project scope and establish project timelines in compliance with CAF and ISO/IEC 27001 requirements
• Conducted gap analysis assessments to identify areas for improvement and recommended solutions to enhance information security controls
• Developed and maintained documentation, including policies, standards, procedures, and guidelines, to support CAF and ISO/IEC27001 compliance
• Facilitated the ISMS maintenance activity meetings and follow up to make sure action items from all meetings are completed
• Supported in the Security Operations Centre Process Improvements and Governance, Risk, Compliance (GRC) projects aligned to ISO27001 Standards.  

3. Dec 2022 – Jan 2024 
Workstream 1 – Threat Intelligence Management
• Process Re-engineering. Eliciting and documenting requirements at both high and detailed levels
• Acted as a bridge between the business, IT services and technical teams.
• Documented the overall Threat Intelligence Framework, Business Analysis Approach, Use Cases and Target Operating Model, Operational RACI
• Provided key input to threat intelligence as it relates to the organisation and aligned to the MITRE ATT&CK framework
• Worked within the project standard methodology and contributed to developing those standards for the benefit of the team and own self-improvement.
• Elicited and documented the Requirements (user stories, acceptance criteria) for the Threat Intelligence Platform (TIP) and the Digital Risk Protection (DRP) (PaaS) Service
• Created high level and detailed process maps of the “as is” highlighting pain points, worked closely with services and the digital team to redesign the “to be” services, development of prioritized user stories and epics based on the user needs identified.
• Product development from initial design stage to implementation and go-live (Dev-UAT-Go-live)
• Engaged and managed Stakeholders/Team Leads/Technical Leads (at different levels) to obtain buy-in and support for the project
• Coordinated requirements gathering workshops, investigation of relevant processes and technical tools • Fostered an understanding and delivery of requirements
• Coordinated the workshops with vendors for the implementation/integration of the MISP platform Threat Intelligence Platform (TIP) and the Sentinel Security Incident and Event Management tool (SIEM)
• Documented the AS IS and TO BE process and system flows
• Engaged and managed internal stakeholders and the external threat intelligence management service providers

Workstream 2– Public Key Infrastructure (PKI)
• Assisted with the development of the business case by providing useful information and worked alongside the delivery manager to gain approvals for spend control.
• Assisted the Product Owner with the development of product roadmaps / horizon ensuring products meets the Digital Service Standard
• Devised solutions to business problems and supporting the organisation’s certification management in a cost-effective way by eliciting and documenting the requirements to align with the objectives of ISO 27001
• Business Transformation and Change Management project: driving change to move the organization from Current State to Future State
• Responsible for liaising with operational staff from different business units to produce detailed business requirements and translating same into functional specification (user stories) to be utilized by development team in building the solution.
• Provided support to a roll-out a cloud based PKIaaS with integrated lifecycle management with a dedicated offline root CA with certificate issuing capability
• Worked within project standard methodology and contribute to developing those standards for the benefit of the team and own self-improvement.
• Produced the System Scoring matrix categorizing the requirements.
• Vendor management RFI, RFP, demo management
• Validated IT security and Target Infrastructure template.
• Supported the required approach to ensure certificates have appropriate security controls applied throughout their lifecycle in alignment with the Zero Trust principle of FCA  

4.  Oct 2021– Oct 2022
Workstream 1
• Collecting and analyzing client's business ISMS objectives as defined by ISO27001 and translating them into requirements in clear formats and representations
• Preparing accurate and detailed requirement specifications documents, user interface guides, and functional specification documents
• Evaluating the data collected through task analysis, business process analysis, stakeholder interviews, surveys, and workshops.
• Implementation of cyber security (vulnerability and patch management) governance artefacts and methods for reducing risks
• Change Management programme for vulnerability and patch cycle migration and governance
• Managed the engagements of 3rd party suppliers and compliance
• Helped Server owners (internal) to raise and log exceptions for a set of VMWare, SAP vulnerabilities
• Supported the migration of company servers into the standard monthly patch cycle
• Engaged server owners to get agreements for migration of owned servers into the monthly cycle
• Planned, implemented, managed and communicated change to relevant stakeholders
• Extracting vulnerability and patch data from PowerBI dashboard for generating progress reports
• Monitored the progress by managing and maintaining the asset tracker, analysing the process of migration and communicating updates to relevant stakeholders
• Monitored the vulnerability tickets raised by teams, reporting and closing the tickets
• Coordinated migration scheduling meetings and supporting the production of governance documentation
• Managed the process, ownership and updates of decommissioned servers which are still live on the network
• Produced artefacts like policies, standards, runbooks and process workflow
• Helped to close vulnerability tickets in Remedy

Workstream 2 • Access Management: Application (Mergers and acquisition)
• Engaging and managing both the onshore and offshore stakeholder base from both organisations to; gather entitlements requirements necessary for creating service tickets in ServiceNow
• Setting up and coordinating numerous workshops to gather requirements
• Documenting AD groups/roles access documents, knowledge articles, process workflows and procedure documents
• Mapping large volumes of dataset (AD groups from merged organisation to host organisation ) for group memberships.
• Designed User handbook for ServiceNow application access provisioning
• Managing the inflight tickets (for hiring managers) of unprocessed access requests between the merged organisation and host
• Owning and managing the access management process and tracker

5.  Mar 2021– Sept 2021
Workstream 1 – GRC
• Policy development, deployment, reviews and updates
• Responsible for the analysis of existing policies
• Development of new policies to align to the ISO/IEC 27001and DEA framework.
• Reviewing and feedback engagement with identified policy owners and obtaining sign-off
• Integrated policies into the operations of the organization and ISMS programme
• Established communication plans to all staff and teams including 3rd parties
• Incorporated policies into the security awareness and training programme of the organisation
• Documented processes for reviews and updates
• Created high level and detailed process maps of the “as is” highlighting pain points, worked closely with services and the digital team to redesign the “to be” services.
• Analysed existing security documents and drafted a gap analysis document on previous submissions (what controls approved, what evidences lacking)
• Documented artefacts like process maps, policy documents, standards, documents maps, RACI
• Designed the document hierarchy map for document relationship
• Engaging service managers to document ISMS policies and procedures. for accreditation
• Documented the RACI matrix, mapping stakeholders and ownerships to the documents and document links
• Created a control document where all the documents for individual controls are mapped and linked • Designed ISMS document architecture map, ISMS document review process, ISMS document review work instruction
• Supported in pulling together a robust document set compliant with ISO27001 regulatory framework and evidences to build the accreditation submission pack
• Engaged senior managers to gather and document evidences for submission
• Coordinated document review sessions with stakeholders
• Designed the ISMS Training and Awareness material
• Engaged suppliers to carry out market review of Training platforms
• Supported in collating the risk register, and audit prep of stakeholders
• Drafted the reports to the Management Board on the DEA team processes and updates
• Supported in the DEA accreditation exercise audit by the ONS

Workstream 2- Training & Awareness
• Developed the strategy, goals, and objectives for the information security training, and awareness program.
• Evaluated the effectiveness of existing information security training, education, and awareness program
•Prepared the information security awareness campaign materials which focused on the adoption of ISMS controls and the information security awareness trainings
• Worked with the information security team and human resources to roll out training using the Scottish Govt training portal and KnowBe4 platform
• Incorporated the security awareness into virtual learning, including new staff orientation, new manager training and other milestones and developments
• Established a security awareness network with key stakeholders throughout the organisation, engendering security champions
• Delivered awareness campaign trainings across the organisation
• Developed metrics to measure the success of the security awareness program
• Communicated the security policies and requirements in the information security awareness program
• Owns and manages the relationships with security education and awareness related vendors (mimecast)


6.   May 2020– Jan 2021
• Worked in an agile fast-paced environment with sound prioritisation skills incorporating change and impact analysis
• Breaking product management’s epics into actionable tasks and prioritising them
• Evaluating progression of remediation and responding to queries from the engineering teams
• Served as a liaison between the remediation and the development team
• Ensured everyone in the team is aligned on the goals and ensured continuous delivery of values
• Identified the relevant stakeholders (suppliers and colleagues) while engaging, influencing and building relationships to foster collaborative working across different teams
• Engaged the supplier assurance, business and application teams and other points of contact for the remediation of the organisation’s applications
• Updated processes, procedures, runbook for the GDPR Programme by analysing the AS-IS and defining the future state TO-BE while communicating the changes to the relevant stakeholders
• Identified the relevant stakeholders (suppliers and colleagues) while engaging, influencing and building relationships to foster collaborative working across the different teams
• Worked in an agile fast-paced environment with sound prioritisation skills incorporating change and impact analysis
• Managed knowledge bases and systems encyclopaedia; gathering data, analysing, tracking and documenting the monthly reports
• Sourced for and drove the data remediation process for internal, offshore and 3rd party applications
• Maintained an overview of all the organisation’s GDPR security remediation epics


7. May 2019– Jan 2020

• Risk reporting and analytics.
• Managed engagement activities between compliance, internal audit and external audit teams
• Defined and documented the security policies, standards, controls, process re-engineering, SOP and playbooks
• Built the IT security controls catalogue using the SANS Top 20 CIS security controls guidelines and Zero Trust principles and tactically mapping the Controls to the policies and standards for consistency
• Identified the controls for relevance and applicability and aligning them to the regulatory frameworks: NIST Framework, ISO27001 and CoBBIT; defining control baselines while categorising information and systems into Low, Medium and High (H,M,L)
• Assessed the design adequacy of controls and tested their operational effectiveness by producing analytical visuals using the Microsoft PowerBI Dashboard tool to support the Risk team in defining the risk posture
• Designed the high level cyber security assurance and compliance models which included planning, scheduling and mapping, preparation, fieldwork assessments and reporting to inform the senior Executive Management and the Risk team
• Coordinated workshops and gathered requirements while documenting reports and engaging senior executive managers, technology and business departments, 3rd party suppliers and internal stakeholders
• Strategically challenging ways of working, analysing and improving on scope creep and handoffs and thereby driving changes
• Developed and championed security best practices in line with the interpretation of standard rules, regulations and risk procedures
• Gathered data for internal audits through interviews, research, and engagements • Participated in major risk evaluations and delivered results and recommendations to business and technology management areas
• Coordinated various workshops for security assurance process definition for Data Loss Prevention, Security Testing, Security Review, Third Party Review, Audit Support, Mergers, Acquisitions, Divestitures and Terminations, Internal/External Assurance, and Certification requirements such as SOC2, Cyber Essentials with minimal supervision
• Supported the Information Assurance approach within service design work and the associated design documentation such as Compliance Questionnaire, Terms of Reference, Assurance Request Tracker, HLDs, processes and playbooks
• Supported in the processes for the management and optimisation of the automation of assurance and compliance operations in Archer system designed to improve the performance within the framework of business mission and objectives
• Maintained current knowledge of applicable cyber threats, regulatory and compliance issues related to information security.
• Articulated audit findings, risks and detailed recommendations to senior executive managements


8.  October 2018– May 2019
• Artefacts: POAP, BPMN, SOP and policy documents to ISO/IEC 27001 standards (playbooks, supplier contact catalogues, security incident response report form, lessons learnt template) for the Global Security Operations Centre (GSOC)
• Drafted the NIST Incident Response workflows: PCI DSS, logging and monitoring, Lost & Stolen properties, Blocking IP address, Platform onboarding process, Entity Onboarding process
• Designed organic Security Orchestration, Automation, and Response (SOAR) cognitive architecture for SIEM tools incorporating standardised and automated process to enable an understanding of the aggregation and correlation of threats, vulnerability and security incidents within SIEM tools and ServiceNoW
• Gathered data and designed the SIEM automation workflows
• Change governance; managing 3rd party suppliers and ensuring their processes align with the security policies and standards of Centrica. Also ensuring sign-off for newly written policies and processes.
• Solid communication skills with the ability to liaise with business and stakeholders at all levels of the organisation up to executive level (GOC- physical security team), Risks, Audit, Incident Response teams, 3rd party service desk, network and firewall team.
• Championing the cyber awareness and education programme for Centrica members


9. Nov 2016– Sept 2018
• Developed the end-to-end HL processes for the security service operations and Target Operating Model
• Improved the Service Operations, defining the disaster recovery and business continuity procedures i.e. Gold Command, Tech Bridge call, P1-P4 incidents prioritisations, Triaging/Escalation process in an integration of the Home Office Incident Management support teams internal and 3rd Party Managed Service Providers(MSP) in ServiceNow (SNoW)
• Contributed to the procurement documentation for the SIEM products, helping to raise RFI, RFP and coordinating demo exercises for the external vendors while managing communications with internal stakeholders
• Hands on analysis of different work streams for a large programme in compliance with GDPR, NIST framework and SIEM system onboarding.
• Programme formalisation of governance and risk management (policy and procedural documentation with responsibilities and specific processes for vulnerability identification, notification, and remediation tasks)
• Engaged and collaborating with key stakeholders (meetings and workshops) at a strategic level to gain an overview of the Home Office security risk assessment framework
• Worked in conjunction with multiple stakeholders, including senior management and third parties to drive strategic programmes communication best practice and consistency
• Designed the Target Operating Model for the Security programme
• Gathered requirements for SecOps (a plugin in ServiceNow) in support of the Zero Trust/least privilege policies of the Home Office
• Adapted communications from external vendors for internal use, ensuring messages are consistent and translated effectively for all stakeholders.
• Provided third parties with appropriate standards and ensured they adhered to them.
• Complex IT systems analysis (application & infrastructure) – transaction flows using EA Sparx
• Weekly updates and reports to the HO Service Managers on the SOC operations and updates
• Managed and updated internal incident management processes within the SOC, change process and risks, also ensuring that teams are able to interact with efficient information flows.
• Managed the on-boarding process for new data sets and systems and supporting the business units, Managed Service Providers (MSP) (3rd Party suppliers) and customers through this process to help increase their understanding of protective monitoring support.
• Ensured due diligence with the EU GDPR programme to ensure policies, processes and systems are compliant with data protection (Personal Identifiers (PI), IP addresses are protected)
• Documented Use Cases, PID document, Operating Models, Monitoring Agreement documents.
• Facilitated training for trainee Security Analysts, coordinated and scheduled resource persons for the training
• Gathered feedback from case handlers on operational changes
• Led the NIST Framework SOC process work stream drafting the TOM processes: managing 2 junior BAs with the documentation of BPMN process and policy documents.
• Supported the Delivery Manager in sifting CVs and interviewing of junior BAs.
• Assisted the Enterprise Architect in security architecture reviews and analysis and to advise and guide security analysts
• Workshop, brainstorming sessions on functional requirements gathering.
• Updated the Incident Management TOM using BPMN 2.0 and deriving regulatory knowledge articles and policies
• Documented the Post Security Incident Report (PSIR), Use Cases, runbooks, Requirements catalogue and Policy documents.
• Managed intelligence feeds from NCSC to the SOC, ensuring the information is received in a timely manner, and any changes required are updated accordingly.
• Worked with the SOC Analysts to collate and analyse inputs to resolve incidents.
• Aided in recovering from security breaches by establishing lessons learnt sessions, war game exercise plan, creating the Gold Command process and other artefacts


10. Aug. 2016 – Oct. 2016
• Business, project scope and objectives against Project goals
• Worked with the Cyber Security team to deliver business critical solutions and resolved or escalated issues encountered
• Managed the change process and procedure; risks, and compliance, reporting of updates to relevant stakeholders
• Gathered requirements, managing changes organising and facilitating meetings using different methodologies and technologies
• Managed penetration test scanning schedules with 3rd party scan consultancies.
• Managed internal and external parties, following up changes, and processes, and documented reports after scanning had been executed. Ensured all GDPR compliance procedures and systems were adhered to by the internal stakeholders and 3rd party vendors
• Prepared and analysed data internally for forthcoming scanning, highlighting inconsistencies and executing the cleaning the data.
• Addressed queries and obtained sign-off/approvals from relevant stakeholders
• Managed the Threat and Vulnerability Management (TVM) scan output, recommending resolution and managing processes
• Provided security assurance through effective compliance checks and vulnerability assessments
• Located the network system owners for servers. Involved hunting around technical teams, working with team leads and engineers to understand who is responsible for the server in question.
• Raised tickets in Service Management queue and followed through on the escalation process
• Requested and obtained credentials (Passwords) from Subnets/Servers owners for IBM TADDM scheduled scanning.
• Make request and obtain confirmation that pre-requisite software has been installed on the server. • Process oriented Scanning scheduling to ensure security remediation process is completed
• Maintained existing log sources and added new data as they come utlising the CMDB database
• Defined new rules, enhancing threat intelligence capabilities.
• Provided data (Server subnets, IP addresses, DNS, OS, sites, etc) for bi-weekly Request for Change forms (RFC), which is an internal Change Management process, working with team members to submit each RFC.
• Ensured RFCs have been approved for scanning, requires chasing up owners and change approvers. • Technical escalation and reporting, process improvement
• Identification and resolution of control improvements and recertification of failures and vulnerabilities
• Monitored conformance to security policies, standards, procedures and guidelines  

11.  July 2015 – July 2016 
• Gathered requirements and performed gap analysis, Investigating into causes of security failures, documenting the current state AS IS and recommending desired end solutions in the documentation of TO BE
• Documented Functional/non-functional requirements using Microsoft Excel Spreadsheet
• Gap analysis - Investigate into causes of security failures, documenting the current state AS IS and recommending desired end solutions in the documentation of TO BE
• Designed the current state and desired end state UML diagrams using Visio following the delivery of the CSR mitigation project.
• Analysed the use of insecure protocols within the Bank
• Threat Intelligence analysis, Risk Assessment and Business Impact Analysis
• Identified assets and resources critical to business operations
• Facilitating interviews and focus group sessions to gather requirements, analyse gaps and identify threats to infrastructure
• Worked with various Stakeholders; SMEs, Unix/Wintel resource, Senior Management Stakeholders, Business Service Managers (to gather requirements), IT Service Delivery Managers (to validate analysis)
• Documentation to assist vulnerability scanning
• Intelligence Threat Modelling:
• Modelled priority business service: created an Architectural diagram detailing the Users, Systems, Assets, and data flow, from source to targets and the technologies involved (OS, Applications, and protocols) using Visio to produce an architectural topography of the PBS Network Systems and showing the inter-relational dependencies of the systems
• Decomposed Applications and identifying data flows, API, user input, entry points, open ports and identification of vulnerability points
• Supported the investigation into attacks that could be targeted at each element of the diagram to see if servers can be decommissioned or turned off.
• Assisted business and stakeholders in information security concepts, issues and policies
• Assisted in the developing and completion of information security operations processes and documentation.
• Worked with information security leadership to develop strategies and plans to enforce security requirements and address identified risks.
• Reported to management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
• Monitoring daily or weekly reports and security logs for unusual events.
• Researched and assessing new threats and security alerts, and recommending remedial actions (COOP Bank) (July 2015-Dec. 2015) - (Business Architecture) IT Finance Business Assets Architectural Management (Application Discovery/Modelling)
• Regulatory compliance project-based role, identifying, analysing and developing current state Architecture models of 120 back-office IT applications classified as part of 14 non-priority IT business service management.
• Requirement gathering; Consulting, Negotiation, Identifying and defining the scope of the architectural mappings, requirement gathering methods and required deliverables
• Identification, analysis, and management of stakeholders at all levels (Strategic, Tactical and Operational) and in different locations; Sponsor, IT Service Delivery Managers, Business Service Owners, SMEs, and Service authors.
• Elicited and documented the project requirements – functional and non-functional from the relevant stakeholders
• Scheduled and Facilitated requirement gathering sessions with stakeholders in order to reach a common agreement employing various techniques; interview, focus group meetings, document analysis and interface analysis
• Kept the audit trail of meetings and decisions, managing the risk and issue log, and updating the delivery dashboard.
• Gap analysis; documenting Swim-Lane diagrams of current business processes, ‘AS IS’ maps. Proposing and designing an efficient and easy to read “TO BE” model using Visio (UML) & Use Cases. • Designed cross-functional Business and IT structures for the COOP PBS applications
• Performed a full analysis of 120 banking applications Priority Business Service Applications (PBS) agreeing on the criteria, scope and DOD for a disaster Impact and Recovery Assessment.
• Produced Service Maps of the IT Application systems showing the Network topography of the Bank Applications and their interactions/dependencies to enable the bank to account for all its IT Systems and Assets and manage disaster control effectively.
• Mappings delivered based upon discussion with business SME and other analysts to ensure correct context. Clear and concise documentation produced, enabling ease of review. This ensured that the service managers receiving the output could easily review and provide feedback on each document set produced.
• Facilitated reviews of outputs, obtained a sign-off of deliverables, tracking the overall progress against the individual application scope
• Purposely located adjacent to other analysts to maximise opportunity for discussion and clarification to ensure minimal changes required when mappings completed.   

Former experiences • University & Higher Education teaching
----------------------------------------------------------------------------------------------------
EDUCATION & CERTIFICATIONS
• Security Architecture – In Training
• CISM- certification 2020
• BCS Information Security Management Principles Professional (CISMP) Certification
• Cyber Warfare and Terrorism (Charles Sturt University, 2018)
• Fundamental Vulnerability Management (Cybrary Micro certification 2017)
• End user Security Fundamentals (Cybrary Micro certification 2017)
• Introduction to Cyber Security
• GDPR – (Cybrary Micro certification 2016)
• Cybersecurity and Its Ten Domains (University System of Georgia on Coursera 2016).
• SQL Certification
• Business Analysis Foundation Certification (BCS ISEB 2014)
• Principle of business and administration certification course level 2 (Vision2Learn 2013)
• ECDL certification (The Open University 2011)
• Masters Degree Information Science (1993)
• BA. Ed English (1990) Reference: Available on request Feedback: from previous Project Lead British Citizen, possess British International Passport