Greater London, England, United Kingdom
Seasoned cybersecurity engineering leader with 30 years of IT experience, of which 12 years were spent spearheading security architecture, risk oversight, and controls at a $13B Fortune 500 enterprise supporting 55,000 users. Leverages cross-domain expertise (applications, cloud, data, infrastructure) to drive evidence-based, multi-disciplinary strategies that reduce risk, cut costs, and strengthen controls. Develops CISO-level briefings and board presentations, leads vendor due diligence, and plans multimillion-dollar security budgets. Deep expertise in industry frameworks, program and control design, and advanced cyber-risk analysis — backed by ISO 27001, SANS, TOGAF, and CISSP certifications, with a focus on securing emerging technologies like GenAI and Web3.
• Enterprise-Wide Security Strategy — Created, instantiated, and embedded global cybersecurity strategies, standards, and technologies across application, cloud, data, endpoint, IAM, and network domains for tens of thousands of users. Authored strategies for application, cloud, endpoint, mobile, and network security; wrote the cloud security policy and multiple standards. • Quantitative Risk Modelling — Built Monte Carlo and other models; led enterprise risk/maturity assessments and security testing; defined and tracked KPIs to drive executive reporting and ROI analyses. • Security Architecture Reviews — Designed and implemented a repeatable architecture review process; conducted 100s of annual assessments of critical business solutions, including “Interact” — IPG's inhouse marketing platform, Intelligence Node — a $100M acquisition, Web3/blockchain, and GenAI tools. • Security Uplift — Designed and deployed advanced Active Directory controls, delivering demonstrable resilience improvements. Engaged top consultancies to assess AD, firewall, and identity risks, implementing their recommendations. • Best-of-Breed Tooling — Researched, evaluated, and globally deployed leading security platforms across application, cloud, data, and infrastructure, materially reducing enterprise risk. Very early adoption of what's now the industry-leading cloud security platform enabled enterprise-wide detection of zero-day vulnerabilities such as Log4j, cutting attack surface and risk. • Secure Development Enablement — Instituted threat modelling, SAST/DAST pipelines, vulnerability-disclosure workflows, and developer training; introduced tools to industrialise threat modelling across IPG. • Leadership & Board Communications — Recruited, mentored, and led a large global engineering team; produced CISO-level briefings and board presentations; presented on priority topics (AI, cloud, software security); led vendor due diligence and built accurate security budgets and forecasts.
• Created Initial Security Program Roadmap (2014) — Laid the foundations for IPG's inaugural enterprise security program and evaluated, designed, and/or piloted multi-factor authentication, administrative account security, password auditing/vaulting, and SIEM solutions. • Delivered Global Strategy and Advisory — Defined and drove global technology strategies and implementations across the infrastructure stack and advised print media and broadcast units on storage, file delivery, and WAN optimisation investments. • Outstanding Cost Savings — Introduced cloud-gateway solutions in over 15 mission-critical storage deployments — saving over $1M annually. • Introduced Groundbreaking Technology — Architected and deployed wide-area file systems across multi-location creative networks, empowering real-time HD media collaboration across sites. The technology (Nasuni) was crucial to the success of Craft, IPG’s creative agency. • Designed and Installed Global Services — Planned and installed IPG’s Microsoft 365/Azure AD tenants; designed a 40,000-seat Citrix XenApp SAP rollout; upgraded global Active Directory to Windows Server 2008; and architected an in-house single-sign-on (SSO) application to secure 250+ applications. • Leadership and Team Management — Recruited, trained, mentored, and led an 18-member engineering team across directory services, identity management, server/storage, and cloud computing.
• Planned and Installed Global Services — Led the definition, design, implementation, and support of Windows 2003 Active Directory (500 sites, 43,000 users, 4,000 servers), IPG’s extranet, public/private DNS, distributed file system, identity management, SSO, and server/storage support models. • Drove Migrations and Standardisation — Planned and oversaw the migration of 300+ sites from Novell NetWare, Windows NT, Netscape Messaging, Lotus Notes, and Exchange 5.5/2000 to Windows 2003 AD and Exchange 2003 — while establishing and enforcing global standards for data, software, and technology. • Leadership and Team Management — Recruited, trained, mentored, and managed an 18-engineer team to deliver and sustain mission-critical solutions.
As a member of the EMEA Infrastructure team, worked on the MTV EMEA Windows 2000 roll-out.
As a member of the EMEA infrastructure team, worked with Sony engineers on the Windows 2000 roll-out.