United Kingdom
Dublin born, Edinburgh based and with over 25 years experience in the software industry across a number of roles and sectors, Richard has the specialist information security and cybersecurity knowledge required in delivering SaaS solutions and securing PII data, compliant with industry standard best practice, including ISO 27001, GDPR and Cyber Essentials requirements. Bright Software Group provides payroll, accounting, practice management and tax software capability to SMEs across both the UK and Ireland, and are backed by Hg Capital private equity firm. Prior to joining Bright as CISO, Richard was Director of Information Security at FreeAgent, the cloud-based Accounting platform serving over 150,000 SMEs predominantly in the UK and Ireland, bought by NatWest. Previous roles have been at SaaS businesses providing Compensation Management and Employee Benefit solutions for large corporate clients, both also acquired by larger industry players. Richard has been a Certified Information Systems Security Professional (CISSP) since 2011.
Bright provides innovative payroll, accounting/bookkeeping, accounts production, practice management and tax software solutions to many businesses across Ireland and the UK.
FreeAgent Central Ltd. is an operationally independent part of the NatWest Group of Companies, acquired in June 2018. As Head of Information Security and part of the Engineering Leadership Team, Richard is responsible for the continuous identification, assessment and reduction of information security risks across the wider business. Covering people, process and technology, areas of focus include policy; security training and awareness; web, native mobile app and infrastructure vulnerabilities; detective and preventative controls; legal, regulatory and standards compliance; data privacy and protection; 3rd party supplier assessments; due diligence; budgets and strategic direction.
Ownership and maintenance of the company Information Security Policies and Procedures, ensuring infrastructure and client data is adequately protected against accidental, deliberate and/or malicious damage/disclosure. Ownership, strategic direction and management of technical platforms providing and supporting CURO corporate and customer facing business environments. Ensuring the stable operation of the company’s intellectual property by developing, configuring, maintaining, supporting and optimizing all infrastructure hardware and software. Assuring the successful execution of the company’s business mission through development and deployment of the company’s web presence.
IT Security Management Policy, Due Diligence Audits, Compliance, Data Protection, Business Continuity, Vendor Management. Responsible for the ongoing planning, implementation and management of IT Infrastructure and Security providing flexible benefit scheme management globally to over 250 clients with in excess of 500,000 employee users in a private cloud environment. Implementation and ongoing management of centralised, automated continuous integration build & deployment process environment using Hudson/Jenkins and enforcing QA constraints with Fortify and OpenSource tools including SONAR, CheckStyle, PMD, FindBugs. Also management of code repository, migrating from CVS to SVN, hooks and branching strategy. Technologies covering VMware, Java, JBoss, IBM WebSphere, IBM Rational Performance Tester, SQL Server, ANT, Continuous Integration (Hudson, Jenkins) and software QA (Fortify, Sonar, Checkstyle). Vebnet were bought by Standard Life in 2008.
Responsible for the build, deployment and promotion of multiple, in-house n-tier applications through from development, test and into live. Implemented a centralised, continuous build environment using CruiseControl, and introduced automated methodologies to improve deployment process and consistency.