About Trevor
I help organisations reduce vulnerability exposure and focus on the risks that actually matter.
Cyber Security Lead specialising in Vulnerability Management, Cloud Security, and Risk & Compliance (PCI DSS, SOC 2).
I support organisations in reducing cyber risk by turning large volumes of security findings into clear, prioritised actions aligned to business impact and compliance requirements.
I’ve led enterprise vulnerability management and risk governance programmes across complex environments, improving remediation efficiency, reducing backlog, and strengthening overall security posture.
My approach is practical and outcome-driven — implementing risk-based prioritisation, improving processes, and aligning security controls to PCI/SOC2 requirements.
Trusted by security and risk leaders in regulated environments to deliver measurable improvements in security maturity and resilience.
Available for short-term engagements, health checks, or longer-term support to improve vulnerability management and reduce risk.
English
Native or bilingual
Remote only
Primarily works remotely
Experience
- Global Fortune 500 Travel Technology EnterpriseSenior Cyber Security Lead | Vulnerability Management | Risk & Compliance (PCI, SOC2)DIGITAL AND ITSeptember 2021 - Today (4 years and 9 months)Senior Cyber Security Lead with extensive experience driving vulnerability management, threat intelligence, cloud security, risk reduction, and compliance across large-scale enterprise environments.Proven track record leading security programmes within complex cloud and hybrid infrastructures, with a strong focus on identifying real-world risks and implementing practical, scalable controls.Experienced in delivering and supporting compliance frameworks including PCI DSS, SOC2, and data protection requirements, while working closely with engineering and business teams to strengthen overall security posture.Combines deep technical understanding with strong stakeholder engagement to reduce risk, improve operational resilience, and drive measurable security outcomes.Led enterprise vulnerability management and security assurance programmes across large-scale environmentsManaged escalation of high-risk vulnerabilities in line with PCI DSS and SOC2 requirements, ensuring timely remediation, stakeholder visibility, and alignment with defined SLAsDelivered security improvements across cloud and legacy infrastructure, reducing overall attack surfaceLed cross-functional projects including network segmentation and compliance remediationManaged third-party vendors for penetration testing, scanning, and security assessmentsProvided risk reporting and insights to senior stakeholders to support decision-making
- Global Fortune 500 Insurance EnterpriseSecurity & Risk LeadDIGITAL AND ITApril 2010 - September 2021 (11 years and 5 months)Acted as subject matter expert across enterprise vulnerability management and risk remediation, leading end-to-end programmes across large-scale infrastructure, application, and cloud environments. Delivered risk-based prioritisation using CVSS, threat intelligence, and exploitability data to drive effective remediation aligned to defined SLAs.Designed, enhanced, and operationalised vulnerability management frameworks and secure configuration standards, improving process efficiency, remediation outcomes, and overall security posture. Integrated threat intelligence into vulnerability management workflows to strengthen prioritisation and reduce exposure to active threats.Delivered measurable reduction in vulnerability exposure across enterprise environments, supported by improved prioritisation, remediation processes, and configuration drift controlsDelivered executive-level reporting on risk exposure and vulnerability posture to support informed decision-making.Provided leadership, mentoring, and capability development across security teams, driving operational maturity and strengthening organisational resilience.Managed Unix and Windows environments across test, pre-production, and productionDelivered automation through scripting to improve operational efficiencySupported patching, system hardening, and server lifecycle management
Recommendations
Be the first to recommend Trevor
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- BSc Business Network EngineeringUK University2004Business and Operations Mgt. Client/Server Apps. Computer Networks Data Structures for Networks E-Commerce Financial Management Industrial Work Practice Management Practice Multimedia Networks Network Language Programming Object Orientated Design & Programming Resources Management Strategic Management Supply-Chain Management
- MSc Information SecurityLulea University2015Applied Computer Security Business Applications Development Computer Platforms Computing Solutions Critical Infrastructure Protection Database Analysis & Design Digital Forensics Financial Systems and Auditing Implementation Project Information Security Governance Information Security Risk Management Information Systems (IS) Project Internet Security Introduction to Information Security Legal Regulation and Privacy Master Thesis in Information Security Multimedia & Internet Development Practical Cryptology Scientific Methods Security Architecture Software Constructs and Tools Systems Analysis Trends in IS and Information Security Web Site Management
Certifications
- Security EssentialsGIAC2018
- Network Penetration Testing and Ethical HackingGIAC2019