William (Bill) Inglebright

Experience

• 

  Microsoft

  Mar 1997 - Jun 2000

  Support Team Lead

  Team lead of Microsoft Interenet Data Centre in

• 

  Credit Suisse

  Jun 2000 - Sept 2001

  Windows Security Architect

  analysed new technology and built a windows 2000 DMZ.

• 

  EuroClear

  Mar 2007 - Aug 2007

  Security Analysist

  Brussels

• 

  Barclays

  Sept 2007 - Mar 2009

  Security Architect

  Internet Security Architect - eChannels architect for the Internet facing transactional project being deployed within Barclays in the UK and the Emerging Markets

• 

  Euroclear

  Mar 2009 - Jun 2009

  IT windows auditor

  Auditor for Active Directory (AD), CAL II (centralised audit logging solution) and ASA (automated security assessment solution).

• 

  Lloyds Banking Group

  Jul 2009 - May 2011

  Security Architect

  Security Solution Architect for various DMZ, core banking and integration projects.

• 

  RBS Global Banking & Markets

  Sept 2011 - Feb 2012

  Risk Analyst

  Performed risk assessments on remote access and mobile technology including MobileIron and iOS.

• 

  KPMG US

  Jun 2012 - Mar 2013

  Senior Security Architect & Risk Analyst

  Responsible for the Security Architecture and Risk for KPMG's Mobility program (MobileIron, Good, Android, iOS), Desktop refresh (Windows 7, SCCM, WinMagic, IE8), Exchange upgrade and DMZ redesign.

• 

  Visa

  Apr 2013 - Oct 2013

  Security Architect

  Security Architect for the V.me Internet Payment Program within an Agile development environment.

• 

  Lloyds Banking Group

  Oct 2013 - Nov 2014

  Lead Security Solutions Architect

  Lead Security Architect for the Identity & Access Management work stream plus numerous other Comet security projects.

• 

  Cheque and Credit Clearing Company

  Nov 2014 - Jul 2016

  Security Architect

  ♦ Wrote and managed the definition of security requirements for the vendors to meet and be scored on for the invitation to tender as part of the procurement group.♦ Managed the development of the integrity controls to ensure the cheque image captured was a “true copy” of the image paid based on discussions with legal.♦ Interacted at all levels to communicate status, issues and clarify technical items.Achievements:♦ Drove and directed for a new UK payment scheme – clearing cheques by image technical management with the remit to form and drive the security architecture, manage the security solution process, perform risk assessments, act as the definitive source of advice & guidance for all security matters including contract, operational, cryptography, regulatory, fraud, application and legal aspects.♦ Managed and defined the high-level security policy & conduct documents for all the participating banks to agree about technically interacting with the central infrastructure – Security Code of Conduct.♦ Directed & approved all technical design decisions, 3rd party access (AuthZ, AuthN). PCI-DSS assessment including fraud risk controls based on risk. Show less

• 

  Lloyds Banking Group

  Jul 2016 - Mar 2018

  Security Architect - Payments - Cloud

  Technical Payment & Security Architect for Image Clearing System (ICS) to clear cheques via Image for the Bank. Currently engaged in a PSD2 Fraud project working in an Agile environment to implement AWS security controls around 31m customer records in the cloud.

• 

  Williams Lea Tag

  Mar 2018 - Dec 2018

  Cloud Security Architect

  Cloud Security Architect for an AWS Cloud first green field transformation programme. Contract ends in September

• 

  Mastercard

  Nov 2018 - Jan 2019

  Security Architect IAM OAuth2 & OpenID Connect
• 

  Lloyds Banking Group

  Jan 2019 - Jan 2020

  Security Architect / Engineer in Cloud Payments

  Worked as the security engineer for Commercial Banking API transformation programme involving bi-lateral payments and fraud.

• 

  TechnipFMC

  Jul 2019 - Jun 2020

  Senior Cloud Security Architect

  Defined the AWS Security Architecture and the security of the Azure Devops CI/CD pipeline using containerised Terraform (fargate/ECS) and AWS Code Pipeline. Embedded in the development team to provide SecDevOps support using agile extreme programming and dev pairing.

• 

  International Airlines Group (IAG)

  Jul 2020 - Jun 2021

  Cloud Security Data Architect

  ♦ Documented security standards and patterns while mapping them to specific JSON security policies. Collaborated with key services like Control Tower and major AWS data capabilities to weave in security best practices. Configured authorisation based on roles, bucket permissions, and object-level permissions with tags and Lambda functions.♦ Created a centralised repository of over 30 AWS security standards and patterns for data lakes, ensuring consistent security across IAG deployments.♦ Streamlined security policy management by translating standards into actionable JSON policies for different organisational levels.♦ Achieved robust access control for data lake resources through a layered approach with IAM, Corporate Directory, and Ping Federate.Achievements:♦ Ensured secure and compliant deployments of IAG Splunk and data platform environments by optimising Terraform and CloudFormation scripts.♦ Directed the integration of a comprehensive security solution for the data lake project, setting a benchmark for wider organisational security governance. Show less

• 

  Jumio Corporation

  Jun 2021 - May 2023

  Lead Cloud Security Architect

  ♦ Introduced automated security controls for CI/CD deployments across AWS, Azure, and GCP environments, to refine the deployment process while enhancing security posture. ♦ Reviewed existing security controls for CI/CD deployments within Jenkins and the broader SDLC process to identify potential vulnerabilities and areas for improvement. ♦ Conducted four Proof-of-Concept (POC) evaluations for Shift Left security tools, including WhiteSource, BlackDuck, Synk, and ThreatModeller, to assess their effectiveness in early detection and mitigation of security flaws. ♦ Enhanced infrastructure security by carrying out paper-based Threat Modelling activities for the core infrastructure while identifying and mitigating potential threats before deployment.♦ Created comprehensive AWS governance documentation, including Security Control Lists for KMS, S3, DynamoDB, SNS, SQS, Lambda, Kinesis, and RDS, establishing clear security guidelines for cloud resources.Achievements:♦ Reduced the corporate risk of using unlicensed software and software vulnerabilities in distributed code by implementing SAST, SCA, Container and Infrastructure as Code tests.♦ Created bespoke reports with API and wrote Python scripts using ChatGPT for US Government requirements. Show less

• 

  Sodexo

  Mar 2023 - Feb 2024

  Cloud Data Security Architect

  Cloud Data Security Architect embedded in the Data and Digital team.• ♦ Secure data pipelines by reviewing and approving security for new data designs used in ingesting, transforming, and processing Sodexo data. ♦ Manage data access controls by overseeing the approval process and enforcing Sodexo's data policies. Integrate security into data projects, including a new data lake utilising Dremio as a semantic layer, thereby bolstering the overall data security posture. ♦ Verify access permissions while granting or denying device, user, and application registration permissions based on established security criteria.Achievements:♦ Streamlined cloud migration and facilitated the approval process for North America's Lift and Shift programmes, enabling the secure migration of legacy on-premises assets to the Azure cloud.♦ Championed secure technology adoption and advocated for a range of secure Azure technologies, including Microsoft OpenAI, Azure DataBricks, Azure Data Factory, PowerBI, DevOps Agents, Azure Data Lake, KeyVault, HD Insight, Azure SQL family, and Azure Cosmos DB. Show less