The last 20 years

Many thanks for reaching out.

Here is an outline of what I have been up to over the past few years.

In the period 1993-2000 I operated in various technical support roles.

In 2000 I was holding Checkpoint and Microsoft Engineer certification

together with CISCO CCNA and was appointed as Security Design Manager

for BT Ignite.

I passed my CISSP in 2003 which led an appointment to design and

implement a bespoke IPSEC security gateway architecture connecting

GEC/Alstom Paris head office Checkpoint hub with Alstom premises in Arab

countries where Checkpoint software could not be licensed. I created a

bespoke Linux kernel design to host stable IPSEC endpoints in Arab

countries using standard HP kit.

A discussion of this architecture at interview with BT Syntegra led to

an appointment as System Security Officer for the MOD/GSI/Internet

security gateway. While in post in 2004 I was accepted into the CLAS scheme.

In 2005 I did my 1st assignment in central government for ODPM regional

offices to assist NCC group to advise their client Fujitsu on the

security assurance of utilising a new VOIP telephony network for

Restricted government network traffic, designing a VPN architecture to

enable this integration.

I was CLAS consultant  for an outsource project of the

network and desktop together with decoupling infrastructure of DCLG  from DFT.

In 2006, while in post I was promoted to accreditor for the department

and helped them to get the appointed supplier into shape for them to

provide a secure solution for the new dual live-live out-of-town

datacentre architecture.

In that year I passed the British Standards Institute ISO27001 Lead Auditor course

I did special optical fibre security assurance research work on the

heatbeat inter-datacentre connection using an assessment of the optical

budget design to assure the mitigation from exposure to optical fibre


This work was discussed at interview in Cheltenham and resulted in a

four year assignment as proxy accreditor for a very large secure

network, during the course of which I ran 38 security assurance

projects. While in post I was awarded ITPC Accreditor certification by

waiver through experience.

Following from this I worked as ITSO for OFT, did security assurance for

a new agency integrated communications telephony network as well as

other assurance work for the Home Office.

In 2013 I assisted NCC group, Fujitsu and CESG with a CTAS security

assessment of the new Defence Enterpise Service Bus digital architecture.

In 2016 I was the IA consultant for a digital transformation project for

UK Borders.

In 2017 I was appointed IA and  Privacy manager for Cabinet Office

Government Digital Service (GDS) where i advised on the security

assurance of many SAAS tools as well as heading up security assurance

work on the GOV.UK platform.

I hold CISSP (ISC2) and CCSP (Certified Cloud Security Professional ISC2).

I also hold the International Association of Privacy  Professional

CIPP/E and CIPM certificates ( GDPR Law and Privacy management)

In 2020 I re-certified as NCSC CCP.

While awaiting assignment as IA consultant I am on the CREST CRT/CTL pen

testing path.

Possible Roles I undertake are as follows :-


Security Officer

Pen Tester

Security Manager

IA Consultant

IT Security Officer

Privacy Manager

Data Protection Officer


I attach two CVs.

Kind Regards