York, England, United Kingdom
Experienced Security Specialist with a demonstrated history of working across sectors in fast-paced and emerging enterprises
Incorporated vulnerability, exploit, known exploitation, and other feeds/sources into customer-facing artifacts relating to vulnerability detection using the AppCheck scan platform.
Implemented an Information Security Management System (ISMS) from scratch within 12 months, delivering ISO27001 accreditation alongside establishing a risk management programme. Covered all aspects at all levels from board interaction and risk framework creation, through to policy documentation and knowledge share/evangelism, down to hands-on firewall reviews.
Headed up support team covering customer queries relating to vulnerability scan technical findings, and advising on tooling and remediation. Implemented KPIs, improved internal tooling, and external SLAs for key functions.
Rapid growth and scaling of the vulnerability and risk management functions across multiple business units and organisational entities within the wider group. Benchmarking and development of function in line with capability maturity models (C2M2, ISM3, CMM) to ensure pragmatic and measurable progress against best practice.
Development and deployment of SecDevOps tooling and integrations to left-shift security of security throughout a distributed code environment following Agile/Scrum practices.