Grounded in Infrastructure
Focused on Cloud
Governance across Security, Operations, Engineering, Architecture, and Suppliers.
Audit, Compliance, and Vulnerability Remediation Expertise.
- Reducing Risk.
- Driving Assurance.
Cyber Security Specialist
Comprehensive Cyber Security project delivery across modern cloud environments.
Delivery of robust protection and resilience across Azure and Microsoft cloud environments.
Outcome-focused GRC expert aligning security with business goals, compliance, and real-world resilience.
Assuring high-stakes environments through structured risk management and defensible architecture.
Evidencing control maturity for internal audits, regulatory assessments, and external certifications.
Deploying Microsoft Defender Suite and KQL-driven insights to stay ahead of emerging threats.
Translating complex security challenges into board-level outcomes with clarity and confidence.
About Me
20+ years Engineering, Architecting and securing on-prem and cloud infrastructure with deep cybersecurity expertise. Specialising in business-driven GRC frameworks that deliver scalable, resilient security solutions.
Expertise
Cloud security architecture, compliance automation, security operations, and risk management. Experience spans multiple sectors, driving enterprise-grade cyber security initiatives.
My Approach
Security should enable progress, not hinder it. I embed practical security early, aligning with GRC to ensure secure, compliant, and operationally fit systems.
Key Skills
Cloud Security Engineering,Architecture (Azure & Microsoft 365), GRC, AI Security Governance, Technical Security Control Design, Implementation, and Cybersecurity Project Leadership.
Technical Skills
Specialised technical expertise across cloud platforms, security tools, and infrastructure technologies.
Cloud Technologies
Microsoft Azure
Microsoft 365
Security Frameworks
Tech Stack
GRC
- Policy \ Standards \ Procedures
- Risk assessments
- Risk Treatment
- Information Security Policy
- Controls Testing - framework alignment
SIEM & Monitoring
- Microsoft Sentinel
- Tenable One
- Azure Monitor
- KQL Query Language
- Log Analytics
Endpoint Security
- Microsoft Defender for Endpoint
- Carbon Black
- DLP - Data Loss Prevention
- Intune MDM
- WDAC Application Control
Infrastructure & Automation
Infrastructure as Code
- Azure Resource Manager
- Automated Patch Management
- CIS-Hardened Builds
Scripting & Automation
- PowerShell
- Bash
- Logic Apps
Automation Reporting
- PowerBi
- Power Automate
- Co-Pilot
Professional Projects
A track record of successful security project outcomes.
- Engage with internal and external partners to ensure services are secure by design.
- Audit vulnerabilities and provide actionable mitigation strategies.
- Conduct security reviews, risk assessments, and audits.
- Ensure compliance alignment with recognised industry frameworks.
- SC Cleared - Comfortable working in Highly Regulated Environments.
- Endpoint security controls within OT pre-production environment using Carbon Black EDR.
- Authored (HLD/LLD) security designs, contributing to defensible architecture.
- Delivered tailored application control baselines and custom EDR rule sets.
- Mentored internal teams on secure operations, post-project handover.
- Delivery of a NIST-aligned cyber security program across IT and OT infrastructure.
- Oversaw onboarding of MSSP, SIEM (Dell SecureWorks), and tuning of IDS/IPS policies.
- Deployed enterprise EDR, DNS security (Carbon Black, Cisco Umbrella), and IAM controls (OKTA).
- Azure and O365 security architecture with hardened image deployments and automated patching.
- Projects delivered despite the covid shutdown.
- Deployed global EDR and SIEM solutions (Carbon Black, Splunk), enhancing detection and response.
- Onboarded IAM solutions (OKTA) and drove secure integration with AWS, Confluence, and JIRA.
- Hardened systems using CIS benchmarks, with automation of secure Windows 10 builds.
- Developed and enforced global security policies, procedures, and vulnerability management processes.
- Delivered secure infrastructure support across 250+ sites during a major digital transformation, contributing to PCI DSS compliance across UK & European hotel networks.
- Migrated legacy Exchange to Office 365, enabling secure and scalable email infrastructure.
- Decommissioned legacy VPNs and coordinated secure firewall upgrades across 200+ Cisco devices.
- Implemented secure scripting, patching automation, and compliance monitoring using PowerShell, SCCM, and event log auditing.
- Rebuilt and secured the entire IT estate post-catastrophic failure, delivering hardened infrastructure from the ground up across 6 sites, as the single IT Lead.
- Migrated legacy systems to a VMware hybrid environment with proactive monitoring (Nagios) and SAN-based backup strategies.
- Owned secure domain rebuilds, Exchange migrations, and the rollout of patch management and IT governance policies.
- Designed and implemented security-focused server upgrades, DNS/DHCP resilience, and SharePoint/SCCM deployment to enforce baseline compliance.