Chief Information Security Officer · 27 Years · Big 4 Lineage · Parliamentary Testimony
Information Security Executive

27 Years. Board to Basement.
Every Sector That Matters.

Chief Information Security Officer, enterprise security architect, and regulatory strategist. Big 4 consulting lineage. Academic appointments at UCL, Imperial College London, and Amsterdam Airport Schiphol. Parliamentary testimony on national cyber legislation. Operational across 12 sectors from financial services to aerospace, defence, and CNI.

CISO Big 4 Lineage 27+ Years Parliamentary Testimony UCL · Imperial · Schiphol ISO 27001 NIST CSF 2.0 CNI · Defence FCA · PRA
Engage Now Full Credentials
27+ Years of Delivery From 1999 to present
12 Sectors Engaged Financial · Defence · Healthcare · Energy · Transport · Law Enforcement…
147→12 Audit Findings Critical findings reduced in regulated enterprise programme
0→214 AI Models Governed ISO 42001:2023 programme from ground zero
How I Engage

Executive Mandate Types

Six engagement models — from standing CISO function to targeted transformation leadership. Each calibrated for organisational maturity, regulatory context, and delivery tempo.

🏛️ Executive Leadership

Chief Information Security Officer

Full CISO mandate — strategic, operational, and governance. Board accountability, risk ownership, and enterprise-wide programme leadership from Day 1.

Board ReportingRisk OwnershipSecurity StrategyRegulatory Leadership
Interim & Transition

Interim CISO & Leadership Transition

Critical leadership continuity for M&A integration, post-incident recovery, regulatory remediation, and executive succession. Operational from Day 1.

M&A SecurityPost-IncidentSuccession PlanningProgramme Continuity
🔧 Programme Leadership

Security Transformation Director

End-to-end security transformation: operating model redesign, technology platform modernisation, and capability uplift across complex, multi-entity organisations.

Operating ModelTechnology StrategyCapability BuildingChange Management
🏗️ Architecture

Enterprise Security Architecture

Zero-trust architecture, cloud security design, identity governance, and security-by-design embedding across engineering and product organisations.

Zero TrustCloud SecurityIdentity & AccessSecurity by Design
⚖️ Governance & Risk

Security Governance & Risk Leadership

GRC programme design, board-level risk reporting, and enterprise risk management frameworks aligned to ISO 31000, NIST CSF 2.0, and sector-specific regulatory requirements.

GRCISO 31000NIST CSFBoard Risk Reporting
📋 Regulatory

Regulatory & Compliance Directorship

CISO-level ownership of regulatory compliance programmes. Deep FCA/PRA operational resilience, DORA, NIS2, EU AI Act, and GDPR/UK GDPR across multi-jurisdictional enterprises.

FCA / PRADORANIS2GDPR / UK GDPR
Sector Breadth

Sectors Engaged

Security leadership across every major regulated sector — with the regulatory and framework fluency each environment demands.

Sector Regulators & Authorities Primary Frameworks
Financial Services & Banking FCA · PRA · EBA DORA · ISO 27001 · NIST CSF
Aerospace, Defence & Space MOD · NCSC NIST 800-53 · ISO 27001 · JSP 440
Critical National Infrastructure NIS2 · NCSC CAF · NIS Regulations · ISO 22301
Healthcare & Life Sciences CQC · ICO HIPAA/HITECH · ISO 27001 · DSPT
Energy & Utilities OFGEM · NCSC CAF · IEC 62443 · ISO 27001
Transport & Aviation CAA · ATISN ISO 27001 · NIST CSF · ISO 22301
Law Enforcement & Government Home Office · NCSC PSN · IL classifications · ISO 27001
Insurance & Capital Markets FCA · Lloyd's · PRA DORA · NIST CSF · ISO 27001
Career Lineage

Where the Experience Comes From

A career built across the most demanding environments in information security — consultancy, academia, government, and international standards.

Big 4 Consulting

Global advisory practice — enterprise security strategy and GRC for FTSE 100 and Fortune 500 clients

UCL · Imperial College · Schiphol

Academic appointments across University College London, Imperial College London, and Amsterdam Airport Schiphol

Parliamentary Committee

Oral and written testimony on the UK Cyber Security and Resilience Bill — advising national legislative cyber policy

National Disasters Emergency Centre

Vice Chair, Singapore — national-government-level resilience leadership

ISO Technical Committee

Appointed participation in international standards development for information security management

Cyber Resilience Centre for London

Active engagement with the national police-led cyber resilience initiative

Media Authority

Editorial bylines and expert commentary in the publications that shape the profession.

ForbesCSO OnlineInfosecurity MagazineSecureWorldDataBreachTodayCyber Protection Magazine
Philosophy

"Cybersecurity is a team sport — no single vendor, framework, or practitioner secures an organisation alone. The executive's role is to build the team, set the doctrine, and keep the board informed."

Certifications & Frameworks

Practitioner and architect-level command of the frameworks that govern regulated enterprise security.

ISO 27001ISO 42001ISO 22301NIST CSF 2.0NIST 800-53NIST AI RMFDORANIS2GDPREU AI ActCCSE

Looking for Executive Security Leadership?

Whether you need a standing CISO, an interim to stabilise a critical transition, or a transformation director to rebuild your security function — the engagement starts with a conversation.

Start the Conversation Full Credentials CISO Advisory ISO & NIST Strategy

Live Standards & Regulatory Horizon

InfoSec Executive — current signal stack

Curated each day from authoritative sources (ISO, NIST, ENISA, ESAs, ICO, NCSC). The signal pool refreshes nightly; the daily slate is selected deterministically so two readers on the same date see the same brief.

Updated 2026-05-25

Signal pool refreshed by kie_master_daily.py Phase 26. Methodology: curated synthesis from ISO / NIST / ENISA / ESAs / ICO / NCSC primary sources.

Contact Email Direct