Experience

• 

  Barclays bank

  Jan 2001 - Jan 2012

  Managed an IRM team of twenty three specialist Information Security and Data Privacy managers for Barclays UK Retail and Business Banking group.Accountable for the delivery of IRM control improvements across a range of subject areas, and establishing conformance/assessment and assurance processes across 400+ teams.Directed Logical Access Management controls improvement programme for UK Retail bank and other business in the Barclays Group.Conducted analysis of Logical Access data across key systems resulting in significantly reduced exposure to fraud/error. Show less Led a team of senior Information Security managers, managers and analysts providing UK Retail Bank with subject matter expertise in Information Security and associated technical skills. Designed and implemented control framework to achieve compliance with SOx requirements for logical access to critical applications.Ensured all products, project and change activities were compliant with Information Security policy and standards; sanctioning authority for policy dispensations.Managed review of IT security across over 1700 Retail branchesManaged business and IS responses to audits and subsequent issue assurance. Show less

  • Head of Information Risk Management

    Jan 2008 - Jan 2012

  • Head of Information Security, UK Retail Banking

    Jan 2006 - Jan 2008

  • Head of Standards & Governance, UK Banking Security

    Jan 2004 - Jan 2006

  • Head of IT Security – Corporate Banking

    Jan 2001 - Jan 2004
• 

  Grant thornton llp

  Jan 2013 - Jun 2014

  Consultant

  Undertaking management and consulting assignments on behalf of the Business Risk Services practice including:Successfully presenting proposals and bids to a number of financial and commercial clientsDefining and creating an audit plan for a manufacturing client for Information Security, Data Privacy and Records Management across 15 countries. Included detailed analysis of DP legislation in these jurisdictions.Investment bank – Various Information Security consulting engagements including risk review, key risk indicators and metrics for board governance presentation and policy writingPayment systems company – IT auditorRoyal Bank of Scotland – nine months secondment as IT audit manager Show less

• 

  Royal bank of scotland

  Feb 2013 - Oct 2013

  Audit manager
• 

  Information risk & security ltd

  Jul 2014 - now

  • Owner/Director

    Jan 2012 - now

  • Consultant

    Jul 2014 - Aug 2014
• 

  Jpmorgan chase & co.

  Aug 2015 - Aug 2017

  Executive director

  EMEA Head of Technology Controls