Professional
Certifications and Associations: Certified Information
System Security Professional (CISSP), Chartered Engineer
(CEng), Chartered IT Professional (CITP), Member of
the British Computer Society (MBCS), Member of the Institution
of Engineering and Technology (MIET).
Qualifications: BSc(Hons) Electronic Engineering
(2.1) 1988 University of Sussex, BCS Certificate in Information
Management Security Principles (Distinction) 1999, Certified
Information Security System Professional (CISSP) 2002, Fast
Approved Software Manager 2002, Certified Ethical Hacker
(CEH) 2007.
Experience Summary: PKI Implementation,
Cryptographic Evaluation, Smart Card Operations, Certification
Authority, Risk Assessment, Security Policy and Procedures,
Security Standards and Specifications, Security Architecture,
Network and Operating System Security, Business Continuity
Planning, E-Commerce Security, Project and Team Management,
Seminar Designer.
ISEB Security Training, Speaker at Croatian PKI Seminar,
BCS PKI Seminar, Manchester BCS AGM, E-Business Risk Seminar,
PIN Security Seminars, In-House Presentations and Awareness
Seminars.
Career
Summary
2002
- Present Kivvy Consulting
Director and Principal Consultant,
providing expertise to organisations on their security issues.
Services include compliance reviews, applied cryptography
consultancy, assistance with information security management
activities and training.
2001
- 2002 Telenor Business Solutions (Nextra)
Head of Security, responsible
for determining security strategy, preparing the Company
for compliance with BS7799 and managing the security team.
Activities included risk assessment, security policy definition
and security reviews.
1997
- 2001 Mondex International (MasterCard)
Senior Manager - Architecture and Security,
responsible for Company security policy, smart card CA and
e-commerce system development. Activities included PKI implementation,
security architecture, risk assessment, security policy
definition, development of secure web sites and overseeing
sensitive security operations.
1995
- 1997 Visa International
Senior Executive - Risk Management Team,
responsible for the Visa PIN Security Programme in Europe,
Middle East and Africa. Activities included running awareness
seminars, co-ordinating the ATM Aquirer self audit process
and performing on-site reviews.
1991 - 1994 BT
Senior Security Consultant - IT Security Unit,
responsible for improving the quality and cost effectiveness
of IT security in BT. This involved undertaking security
reviews of IT systems, providing security consultancy, advising
on risk management issues, writing and reviewing security
policies and determination of BT’s information security
risk management methodology.
1988 - 1991 BT
Assistant Executive Engineer - Data Security
Labs, responsible for the development of PC
security products and systems. This included BT’s
PC encryption system which gained ITSEC E3 accreditation.
(A more detailed
CV can be provided on request).
Back
