Description

Helping organisations strengthen security, reduce risk, and build trust. Practical, business-focused cyber security and compliance support.

I help SMEs, tech scale-ups, and ambitious businesses solve real security challenges — from managing risk and meeting compliance requirements, to building resilient systems and achieving certification. I combine deep technical knowledge with practical business insight so you get solutions that are effective, understandable and implementable.

What I bring to the table:

• 15+ years’ experience in cyber security, risk and compliance

• Proven track record with ISO 27001, SOC 2, GDPR, Cyber Essentials, and security frameworks

• Strong understanding of both technical controls and risk governance

• Ability to translate complexity into clear actions, priorities and documentation

I stand out because I don’t just produce reports — I help clients turn recommendations into results. I focus on:

• Actionable risk treatment plans

• Practical, tailored policies and procedures

• Readiness assessments that actually prepare teams for audits

• Clear communication for technical and non-technical stakeholders

Typical projects I handle include:

• ISO 27001 readiness assessments, GAP analyses and certification support

• SOC 2 readiness and attestation preparation

• Security risk assessments and treatment plans

• Policy, standards and control documentation

• Vendor / third-party risk assessments

• Cybersecurity strategy and governance frameworks

Whether you need fixed-price deliverables (assessment reports, controls implementation, documentation packs) or ongoing consultancy and advisory support, I provide pragmatic, business-aligned security services that reduce friction and build confidence.

Languages

English
Native or bilingual

Workplace preferences

Can work on-site

London (up to 50km)

Pallium Protect
Security Consultancy
CONSULTING AND AUDITS
April 2025 - Today (1 year and 2 months)
London, United Kingdom
Working with a range of clients across the UK and Europe,
including private offices, high-net-worth individuals (HNWIs).
Recent engagements have included.
• Advising on the design and implementation of tailored
cybersecurity programmes for private clients, with a
focus on personal digital risk, secure communications,
and home network protection.
• Supporting small organisations and family offices with
third-party risk management, and compliance strategy.
• Conducting discreet security assessments and incident
response planning for clients with complex privacy or
risk profiles.
• Acting as a trusted advisor for technology-related
decision-making, vendor selection, and secure cloud
and SaaS adoption.
• Performing cyber due diligence assessments of
organisations as part of takeover process.
Engagements have required a high degree of discretion,
technical depth, and the ability to operate independently in
sensitive environments.
Technical project management Cybersecurity Incident Management Compliance ISO 27001 Risk Management
Hyperoptic
Security Compliance Lead-Hyperoptic
TELECOMMUNICATIONS
October 2024 - April 2025 (6 months)
London, United Kingdom
Brought in as a technical compliance lead to support
regulatory compliance under the UK’s Telecoms Security
Regulations (TSR), working directly with the CISO to enhance
security posture and ensure audit readiness.
• Designed and implemented a comprehensive compliance
framework, enabling ongoing monitoring, governance, and
alignment with TSR mandates.
• Led internal risk assessments and audits, identifying
vulnerabilities and delivering clear, actionable remediation
plans.
• Collaborated across engineering, IT, and operations to
embed security controls and best practices organisation wide.
• Authored and refined security policies and procedures,
ensuring consistency with both industry standards and
regulatory requirements.
• Delivered tailored security awareness training, boosting
compliance engagement and accountability at all levels.
• Acted as a key compliance advisor, translating complex
regulatory requirements into practical, business-friendly
processes.
IT-Security Cybersecurity Incident Management security compliance ISO 27001
Fractional CISO
Independent Consultant
CONSULTING AND AUDITS
November 2023 - Today (2 years and 7 months)
London, United Kingdom
Provided fractional CISO leadership and hands-on
cybersecurity consultancy to a portfolio of startups and
growing businesses, delivering tailored strategies to enhance
resilience, compliance, and operational security.
• Developed and executed bespoke security strategies
aligned with client risk profiles, business models, and growth
stages.
• Conducted detailed risk assessments and threat modelling,
delivering practical, cost-effective mitigation plans.
• Guided multiple organisations through successful
implementation of ISO 27001, SOC 2, Cyber Essentials, and PCI-
DSS compliance programmes.
• Worked closely with founders and leadership teams to
embed security-by-design into products, operations, and
culture.
• Delivered incident response training and playbooks,
equipping teams to respond swiftly and effectively to cyber
threats.
• Acted as a trusted security advisor and coach, translating
complex risks into board-level insights and actionable
decisions
ISO 27001