London, England, United Kingdom
After 20+ years working across multiple areas of the Minister of Defence, securing everything from remote radar installations to critical defence networks, I've learned that cybersecurity is fundamentally about people, not just technology. This transition from military to civilian cyber has taught me something valuable; whether you're briefing senior military leaders or presenting to company boards, the challenge is the same, making complex security risks understandable and actionable. I currently manage security operations for critical UK infrastructure. Previously, I've led teams ranging from 8 to 30 people and managed 250+ global locations, including during some challenging periods like COVID, when we had to completely rethink how security teams operate. What I've found is that the best security programmes succeed because of strong teams, not just clever technology. My approach is fairly straightforward - understand the business, build the right team, and make security work for people rather than against them. I've delivered programmes worth £2.5M+ and achieved 80% efficiency improvements, but honestly, I'm most proud of developing teams that can handle whatever gets thrown at them. Whether that's a major incident at 3 am or a complex infrastructure transformation, good people with clear direction will always find a way.
Providing constant critical communications to maintain the UK's Strategic defence capability. Responsible for enterprise-wide security posture, incident response, and risk governance at the highest UK government classification levels. Manage security operations with mission-critical (zero-tolerance) risk thresholds requiring Prime Ministerial notification.
Directed information security governance and compliance programmes across 250 global locations for UK's military operational command headquarters. Reporting to senior Defence leaders within the UK's military operational command HQ , responsible for equipment worldwide, providing system administration, security assurance, management and training. Providing unique bespoke communication solutions to Permanent Joint HQ (PJHQ), while maintaining high government classification integrity. - Developed and maintained Risk Management Accreditation Document Sets (RMADS), Security Operating Procedures (SyOPs) and Risk Balance Cases (RBC), aligned with ISO 27001, JSP 440 and HMG security standards. - Led £2.5M infrastructure security enhancement initiative, improving compliance posture while maintaining operational continuity - Established zero-trust network architectures and hardened system configurations for classified environments - Conducted security posture assessments against NIST, NCSC and HMG frameworks to identify and remediate vulnerabilities
Led mission-critical security governance initiatives for the Defence Crisis Management Centre, establishing security frameworks for cross-governmental crisis communications at Political, Strategic and Operational levels. Provided expert security consultation to senior military leaders and government cabinet ministers. - Implemented Secure by Design (SbD) principles for high-classification communications systems, ensuring alignment with ISO 27001 and HMG Security Policy Framework security controls. - Conducted comprehensive security audits to verify compliance with defence security standards and Joint Service Publication (JSP) documentation. - Established business continuity and disaster recovery protocols for critical defence communications infrastructure. - Provided technical security leadership for cross-domain high classified video conferencing systems.
Managed secure IT infrastructure and network operations supporting UK government classified systems across Europe. Led security administration and incident response for networks serving over 100,000 users while enforcing stringent access controls and security protocols. - Directed security incident investigations and forensic analysis for compromised systems. - Implemented and maintained security controls for classified networks across distributed locations. - Conducted security assessments aligned with MOD security standards for critical military communications systems. - Managed technical engineering teams, ensuring security compliance at remote locations.
Ensured operational integrity and security of critical airfield control systems, safety infrastructure, and monitoring technologies. Specialised in maintaining secure communications for active military operations and air traffic management systems. - Implemented security controls for radar systems, precision approach infrastructure, and ground-to-air communications. - Conducted technical vulnerability assessments on operational control systems. - Maintained secure communications infrastructure supporting mission-critical operations. - Applied security hardening techniques to computer-controlled management systems. - Identified a technical oversight which saved the organisation £2M before contract compilation.