Shaftesbury, England, United Kingdom
I am a transformational cybersecurity executive with 20+ years of experience turning security into a competitive advantage for privately and publicly owned fintech, SaaS, and technology organisations. I have built security functions from the ground up, led SaaS-first defences, and driven culture change that embeds resilience into the DNA of global teams. I blend strategy with hands-on expertise, spanning secure networking, application security, SaaS cloud platforms (Azure, AWS), and incident response, with a proven ability to deliver measurable risk reduction at scale. I am experienced in reporting to boards and trusted by executive teams and clients for making complex security challenges clear, actionable, and business-focused. Certified CISSP, CEH, OSCP, GSTRT, and GICL.
As Chief Security Officer of a $1B global fintech listed on the Swiss Stock Exchange (SIX), I lead enterprise cybersecurity strategy and execution—supporting the company’s evolution from SaaS-first to AI-first. Over the past four years, I’ve built and scaled a 70-person global security team, enabling the secure expansion of the business across Europe, the Middle East, Asia Pacific, and the Americas. My scope spans: Security governance, risk, and compliance 24/7/365 operations, incident response, and SOC leadership Security engineering, vulnerability management, and penetration testing Security awareness and culture change M&A support via risk assessments and harmonization KPI/KRI reporting through a centralized security data lake Embedding security into SaaS product development and service design I led the establishment of a global follow-the-sun SOC, with standardized monitoring, playbooks, infrastructure, and reporting—ensuring rapid, consistent incident response. I’ve also played a key role in defining governance for our SaaS business and integrating security into the lifecycle of new services and products. I chair the Security & Privacy Committee, report to the Board Audit Committee and Technology & Cybersecurity Committee, and sit on the Enterprise Risk, SaaS, and AI governance boards. I also support revenue growth through pre-sales risk engagements and executive-level client assurance. Responsible for budget, strategy, and leadership, I’ve helped position security as a strategic, measurable enabler of growth, resilience, and trust.
My role was expanded to cover the Temenos corporate security function including: - Development of security policies and standards for Temenos Group - Management of IT Security, Incident Response, Vulnerability Management - Development of key performance indicators - Reporting on security matters to the Temenos Group Audit Committee - Author of security material for Temenos Group Annual Report
Responsible for the security of all services provided by Temenos Cloud business unit, a public cloud hosted Core Banking and Internet Banking service. Recruit and lead a team of security specialists to ensure solutions provided by Temenos Cloud meet security requirements of clients, regulators, and security standards. Design, build, and maintain security solutions for clients, including: - Log shipping solutions - Web Application Firewalls - File Integrity Monitoring - Threat Detection & Response - Vulnerability Management Oversee internal and third party penetration testing and disaster recovery testing of Temenos Cloud SaaS platform. Manage budget for Temenos Cloud Security department in cooperation with finance organisation. Engage with clients and prospects during sales and security engagements. Provide subject matter expertise during Incident Response activities. Develop and implement standards and procedures for security operations. Play a key role in governance of the Temenos Cloud business, on Cloud Risk committees, operational readiness assessments, and architecture committees.
EMEA Security and Privacy lead for delivery of a public and private cloud-hosted digital customer acquisition and on-boarding solution for the banking sector. Ensure cloud hosted offering meets contractual and statutory security and privacy requirements. Manage customer and internally-reported security vulnerabilities within cloud hosting environments. Coordinate security projects, such as the deployment and testing of security solutions, and various assurance activities. Coordinate with hosting and software development teams in the remediation of security vulnerabilities. Assist with security aspects of the delivery of services projects to customers. Build and implement GDPR Compliance project. Security and Privacy Awareness program. Security incident management. Engage with customers to determine security requirements. Work alongside legal in reviewing contract terms. Assist sales and marketing with security collateral and knowledge. Line manage the EMEA IT Support team.
Global responsibility for ensuring all aspects of the MARU Group offering aligned with statutory, regulatory, and contractual requirements. Reported to MARU Group CTO. Created and maintained a global security and privacy program. Created and maintained security policies and procedures. Built, maintained, and extended ISO/IEC 27001:2013 certification as required for new acquisitions. Streamlined security processes using appropriate tooling. Group wide compliance programs (GDPR, etc). Information Security assessment of acquisition targets. Built and deployed global security awareness program. Advised IT, hosting, and security teams on secure design of cloud solutions. Collaborated with Software Development teams to develop secure software engineering processes. Worked with Sales, Marketing, and Operations teams during customer engagement. Worked alongside legal and finance teams in reviewing contract terms. Coordinated all third party security testing, auditing, and remediation. Technical analysis of vulnerabilities and exploits affecting networks, applications, systems.
Secure a private and public cloud hosted market research platform. Responsible for information security and business continuity across organisation. Implemented and operated an ISO/IEC 27001:2013 certified ISMS. Design and testing of secure infrastructure solutions. Manage security suppliers and activities. Security and privacy awareness programs. Vulnerability management. Assist sales with security collateral and RFP activities.
Lead a team to operate and support a private and public cloud hosted market research platform. Design, implement and maintain secure, highly-available infrastructure. Automating infrastructure operations via orchestration in private and public cloud. Management of infrastructure and security projects. Vulnerability management. Capacity management. Managed infrastructure and security vendors. Assist sales with security collateral.