WEEKENDS Horse riding and tennis. OBJECTIVE Obtain a senior Security Architect position where proven abilities are used to assess IT risks to the business, analyze security problems and develop solutions that will increase productivity and security within a technically advancing environment. CV PREVIEW Information Security: Risk Assessment, Data Leakage Prevention (DLP) techniques, Quantification of Application Risks, Security Guidance to App Dev projects, Cyber Security Controls Development Compliance: ISO27001, ISO27002, SAS70, Data Protection Act, EU Data Privacy Directive, Federal Act on Data Protection (FADP) Appln Development: JavaScript, Hadoop, AngularJS, Ruby on Rails, Rails Auth Penetration Testing: Metasploit, Echo Mirage, Burp Suite, sqlmap PROFESSIONAL EXPERIENCE Lloyds Bank Technical Security Architect, Security & Fraud, Digital June 2016 to Present Project Examples: • Lead security architect for design and implementation of public cloud (PaaS and IaaS) into the bank`s customer facing environment, including formulation of security requirements, vendor selection and technical solution design • Delivery of Technical Solution Design for a number of security and fraud related projects • Security design of a multichannel cross application system that supports input of large throughput of data. Based on distributed applications using the Apache Hadoop framework • Security solution architect for design of DDoS testing environment used for testing network and application attacks types Delivered: • Development of new and existing security related architectural Patterns • Delivery of a number of architectural artifacts supporting of security related Digital theme projects • Identification and mitigation of security risks within technical solution designs • Support of projects through the bank`s key governance paths including security design forums and design authorities Bank for International Settlements (Switzerland) Security Architect, Corporate Security August 2013 to June 2016 Project Examples: • Design and implementation of manual Web Application Security Penetration Testing methodology for all external facing applications Delivered: • Developed a pragmatic Cloud Security strategy for the organisation which included required governance framework and technical controls. • Application security risk assessments for significant and critical applications: identification of security risks and required mitigating controls. • Development of Cyber Security controls for banks’ global IT infrastructure and application environment. • Penetration testing of all newly deployed infrastructure. Royal Bank of Scotland Markets & International Banking, Info Security Senior Information Security Consultant June 2010 to July 2013
©