Director - Digital Assurance

• Oct 2021 - Present

Leading a great team of ICT Audit, Cyber Assurance, and Digital Forensics Specialists, in the delivery of first class business assurance services that make our clients go "wow"!

Deputy Director, ICT audit and Cyber Assurance Services

• Apr 2020 - Oct 2021

Head of Cybersecurity

• Mar 2017 - Apr 2020

Responsible for the establishment of a national Cyber Security and Assurance service which operates in all market sectors. My role includes leadership, strategic development and transformation of the capability and capacity of the service. The service links in with ICT Audit, Digital Forensics, Data Analytics, and Counter Fraud / Local Security Management, utilising skilled staff from all areas.I have developed the service to deliver an extensive range of Cyber products, which includes an excellent Cyber Security Maturity Assessment (alignment to CES / NCSC). As this has been so successful, I will be creating a benchmarking report per sector, and summary of hot spots.I’ve also lead on the development of a number of “deep dive” audits which scrutinise core areas of CES / NCSC frameworks to provide a deeper level of assurance. This includes, vulnerability scanning (Pen-test) including OWASP, ex-filtration security, SIEM, Access Controls, and End Point security measure. Other areas include ISO 27001 and PCI-DSS, with future service development to strengthen vulnerability assessment testing.Core to the successful development of the Cyber Assurance Service has been networking. This has been exemplified by being published in HFMA magazine, and working alongside CIPFA to develop a Cyber Crime product. A notable achievement was my 2017 Cyber Security Digest, reviewing perception versus reality of cyber resilience. To strengthen cyber awareness, I am also a national presenter, as have developed and delivered a robust training service. As well as being an established presenter and author for competitive client tenders, I am also a technical adviser to various Audit Committee Chairs networks. and UK Security Expo.My specialist role includes Post Major Incident / SIRI reviews and Board level reporting. I am trained in Digital Forensics Incident Response, which is invaluable in providing knowledgeable engagement with all stakeholders.

Senior ICT Audit Manager

• Jan 2014 - Mar 2017

A specialist ICT Auditor to the public sector since 2002, working as an ICT Auditor and progressing up to Senior ICT Audit Manager. I'm an accomplished CISA qualified auditor, and provided a consultative role in many areas with my Chartered IT Professional (CITP MBCS) status.I've delivered a broad spectrum of audits to provide effective and holistic IT governance. I was an ICT audit lead for several NHS bodies, including Acute, Community, and CCG organisations. This required a wide range of technical, inter-personal, and managerial skills to enable delivery of complex technical audits, as well as supporting client’s strategic developments.I had used my ACL training to support the Data Analytics Service (DAS). The service used ACL and IDEA to bring exceptional business assurance, through 100% testing along with expert data analysis and reporting.

Senior ICT Audit Manager

• Nov 2012 - Dec 2013

A revision to the previous role of Senior Computer Auditor, to more accurately reflect the client management focus and diverse range of highly technical Informatics auditing skills we possess.I had previously led on the development of corporate IT as well as implementing some significant business tools to facilitate delivery of Internal Audit. This included strengthening and promoting the Data Analytics Service (DAS) to assist in our mission to helping our clients be successful from deep dive data analysis. The DAS has been re-engineered from our explicit understanding of healthcare audits to make the customers go "wow!"...

Senior Computer Auditor

• Oct 2002 - Nov 2012

I had over 11 years Computer Audit and consultancy experience with SCA. As a Chartered IT Professional, and holding a CISA for computer audit I was directly involved in the successful management of the computer audit plan to one of the largest Health Informatics Service (HIS) since 2004. This delivered a broad spectrum of audits to provide effective IT governance. As well as providing a wide range of technical computer audits, I had undertaken Project Management consultative roles (Project Assurance and Security) in the deployment of two Community of Interest Networks (COIN). During this period I had also been instrumental in the architecture and evolution of the TeamCentral audit tracking service and it's integration with TeamMate Audit software.

Technical Director

• Apr 2001 - Oct 2002

As a consultant, keen analytical skills were vital, along with ability to be innovative and communicate at all levels within all sizes of organisations. Some of my key achievements included:-• Technical consultant for the world's first non-gelatine soft capsule.• Architect and development of a comprehensive stock control application for SME.• IT Consultancy including the provision of practical IT Service solutions.Wide range of technical consultancy work including IT and Business development. Additional areas of expertise include development and support to the nutritional / pharmaceutical healthcare sector.

Technical Manager

• Mar 1998 - Mar 2001

Senior Manager responsible for Quality Assurance, Quality Control, and Regulatory Affairs. Also provided corporate wide ICT services. Senior Manager responsible for Quality Assurance, Quality Control, and Regulatory Affairs. Also provided corporate wide ICT services.

Technical Manager

• 1997 - Mar 1998

Role became merged with Sussex Pharmaceutical Ltd, hence 18 month role.Was primarily involved in the development of new healthcare / nutritional formulations, as well as provision of QA audits pan-Europe. Member of Health Food Manufacturers Association (HFMA) to the Analytical method development committee.Provided corporate support to IM&T for critical business systems and infrastructure. Role became merged with Sussex Pharmaceutical Ltd, hence 18 month role.Was primarily involved in the development of new healthcare / nutritional formulations, as well as provision of QA audits pan-Europe. Member of Health Food Manufacturers Association (HFMA) to the Analytical method development committee.Provided corporate support to IM&T for critical business systems and infrastructure.

Deputy Quality Assurance Manager

• 1990 - 1997

Senior Quality Assurance role, responsible for provision of developmental QA/QC and analytical services, as well as development of new formulations within the nutritional, neutraceutical, and traditional herbal supplements market.Provided key support to new product developments for "big four" high street supermarkets. Senior Quality Assurance role, responsible for provision of developmental QA/QC and analytical services, as well as development of new formulations within the nutritional, neutraceutical, and traditional herbal supplements market.Provided key support to new product developments for "big four" high street supermarkets.