WHAT DO YOU DO?

I am a senior information security consultant, specialising in ISO 27001 and AI/ISO 42001, with experience of other compliance streams, such as SOC 2, NIST CSF, NIST AI RMF and internal audit.

WHY DO YOU DO IT?

A natural evolution from my roots in system development, through government security evaluation work, before penetration testing was a ‘thing’.

WHAT KIND OF SPECIAL PROJECTS HAVE YOU BEEN INVOLVED IN?

Most recently, long-term information security support, including undertaking the ISMS manager role for a client after their incumbent had left the organisation.  I have developed information security compliance regimes both as an external consultant and within organisations, including developing and managing compliance testing against CAS(T) for a UK telecoms provider.  In the past I have also managed global technology audits within financial services.

WHATS ON TOP OF YOUR BUCKET LIST?

My bucket list is centred around ocean cruising destinations.  Top of it are cruises around Alaska, the New England around fall (for the colours) and Australia / New Zealand.