About Me...

I am a 35 year old Information Security Management Expert who currently runs his own niche information security consultancy that focusses on compliance, governance and audit amongst other things. I hold several professional qualifications (CISSP-ISSMP, CISA and CISM, CISMP) and government security clearance up to SC. I have always been interested in Security because it evolves daily providing a constant challenge.

...and some more

I have been married 13 years to my lovely wife Radha and we have two children, Dylan who is 10 and Elisha who is 8, and I live in a small village north of Cambridge. I have been involved in providing reviews, writing white papers, community projects and much more. So if you need any help or feedback then please let me know by visiting my Contact page.

Professional

2008 – Present: Cardwell Security Ltd: Director / Managing Consultant

Formed my own small information security consultancy to provide a range of services to various clients. Transferred my contract with British Telecom to my own firm and continued to offer them a CSO interim management service. My focus this year is on transforming and optimising the security programme.

2001 – 2008: Hays IT Consulting: Security Specialist / Computing Security Officer

Placed for the last five years as the computing security officer for BT Retail Technology, running a team of fifteen covering vulnerability management, system security, audit, compliance, third party security and responsibility for the programmes £1.26 million budget. My objective is to ensure the protection of the £950 million revenue generated by the line of business.

Duties Include:

  • Development of security policies and standards.
  • Managing third party security in the UK, Ireland and India.
  • Vulnerability/Risk Management.
  • Security Project Management.
  • 3rd party security Audit/Resolution Management.
  • Operational security consultancy.
  • Penetration tests.
  • Platform evaluations.
  • Advice on the security aspects of contracts and system architecture solutions.

Other roles whilst at Hays IT Consulting / BT:

  • Security Architect.
  • BS7799 security auditor.
  • Pen testing.
  • Security Awareness.
  • Security System Design.
  • Instructed a class of 14 for the CISSP qualification; 100% pass rate.

2000 – 2001: International Network Services: Managing Consultant: Security Practice

I managed a highly skilled multi-disciplinary team of account managers, project engineers and consultants:

  • Controlled a team of 20 that generated a multi-million dollar annual income.
  • Responsible for P&L, staff development and team bonding, training and HR issues.
  • Managed the UK and Ireland security practice. Promoted the need for sensible security solutions which supported the businesses objectives.
  • Involved in business development and responsible for measuring the quality of client deliverables.
  • I consistently exceeded targets on utilisation and realisation figures.
  • I was the youngest managing consultant in INS international operations.

1999 – 2000: International Network Services: Security Consultant

Promoted to provide leadership to the security consultants and assisted the Security Practice Manager in business development. Also:

  • Established the security practice within the UK. Worked on projects that demonstrated return on security investment (ROSI) and provided security input to bid proposals.
  • Worked on projects for Internet service providers, telecoms companies, other consultancies and manufacturers. Covered a range of technical services which included system security design, UNIX security audits and penetration testing.
  • Managed large scale project with design authority for the security elements. One of the largest being a new online jewellery retailer.
  • Trained and mentored security engineers.
  • European wide travel to work onsite with clients.

1997 – 1999: UUNET: Security Master

I managed an operational security team which was responsible for security policy, server and network security. Achievements included:

  • Successful fraud investigations resulting in a £250,000 annual saving.
  • Successful implementation of VPN for UUNET.
  • First UK deployment of the PIX firewall and bug tested this device for CISCO.
  • Key role in the design and implementation of a state of the art global secure intranet with full unique and dynamic access control system.
  • Participated in Disaster Recovery group, identified key threats and reduced risk.
  • Responsible for EU operations in the Global Security Team.

1995 – 1997: UUNET: Corporate Support Engineer

Provided support to corporate customers; in a lead role, substantially improved the level of service received by customers and assisted other engineers with complex technical issues. Selected to establish and lead specialist security team handling over 400 firewall customers and their support issues. Helped set up dedicated lab for mirroring customer support problems in a non production environment.

Radha: Wife Dylan: Son Elisha: Daughter

MY WEBSITES

RECENT POSTS

SITE ARCHIVE

RECENT COMMENTS

MOST COMMENTS

USEFUL LINKS

ENERGY USAGE

    AlertMe Swingometer

Recent Readers. These are the cool and trendy people that reads my blog!Recent Readers