WEEKENDS Horse riding and tennis.

OBJECTIVE Obtain a senior Security Architect position where proven abilities are used to assess IT risks to the business, analyze security problems and develop solutions that will increase productivity and security within a technically advancing environment.

CV PREVIEW Information Security: Risk Assessment, Data Leakage Prevention (DLP) techniques, Quantification of Application Risks, Security Guidance to App Dev projects, Cyber Security Controls Development Compliance: ISO27001, ISO27002, SAS70, Data Protection Act, EU Data Privacy Directive, Federal Act on Data Protection (FADP) Appln Development: JavaScript, Hadoop, AngularJS, Ruby on Rails, Rails Auth Penetration Testing: Metasploit, Echo Mirage, Burp Suite, sqlmap

PROFESSIONAL
EXPERIENCE

Lloyds Bank 
  Technical Security Architect, Security & Fraud, Digital        June 2016 to Present

Project Examples: • Lead security architect for design and implementation of public cloud (PaaS and IaaS) into the bank's customer facing environment, including formulation of security requirements, vendor selection and technical solution design • Delivery of Technical Solution Design for a number of security and fraud related projects • Security design of a multichannel cross application system that supports input of large throughput of data. Based on distributed applications using the Apache Hadoop framework • Security solution architect for design of DDoS testing environment used for testing network and application attacks types

Delivered: • Development of new and existing security related architectural Patterns • Delivery of a number of architectural artifacts supporting of security related Digital theme projects • Identification and mitigation of security risks within technical solution designs • Support of projects through the bank's key governance paths including security design forums and design authorities

Bank for International Settlements (Switzerland)
 Security Architect, Corporate Security                August 2013 to June 2016

Project Examples: • Design and implementation of manual Web Application Security Penetration Testing methodology for all external facing applications Delivered: • Developed a pragmatic Cloud Security strategy for the organisation which included required governance framework and technical controls. • Application security risk assessments for significant and critical applications: identification of security risks and required mitigating controls. • Development of Cyber Security controls for banks’ global IT infrastructure and application environment. • Penetration testing of all newly deployed infrastructure.

  Royal Bank of Scotland Markets & International Banking, Info Security
  Senior Information Security Consultant                     June 2010 to July 2013