Introduction
I have recently left my position as the Chief Information Security Officer (CISO) for Blue Stream Academy Ltd. who are a leading provider of online training and HR solutions to healthcare organisations in the UK.
I oversaw the organisation’s information security strategies, ensuring the protection of sensitive data, and complying with healthcare industry-specific regulations and standards.
During my time as CISO, I established and maintained the Information Security Management System (ISMS) required for our ongoing General Data Protection Regulation (GDPR) compliance, ISO27001 and PCI-DSS certifications.
Experience
Chief Information Security Officer (CISO) • Blue Stream Academy Ltd. • August 2018 – May 2024
Responsibilities:
- Direction and approval for the design of the Information Security Management System (ISMS).
- Preservation of the confidentiality, integrity and availability of all information security assets.
- Management and implementation of the ISMS.
- Creation and implementation of strategies for the deployment of information security technologies.
- Monitoring information security technologies and innovations.
- Conducting continuous assessments of current information security practices and systems, identifying areas for improvement.
- Performing information security audits/risk assessments and reporting on ways to minimise threats.
- Monitoring information security vulnerabilities and threats within networks and host systems.
- Providing regular reporting regarding information security threats and on the status of the ISMS to executive management.
- Development of strategies, and the implementation of solutions to minimise the risk and impact of information security incidents.
- Oversight and investigation of reported information security incidents.
- Development and implementations of Business Continuity Plans to ensure continuity of service when a change programme is introduced, an information security incident occurs or in the event that the Disaster Recovery Plan needs to be triggered.
- Compliance with latest information security regulations/legislation.
- Communication of best practices/risk across the organisation.
- Protections of the intellectual property of the organisation.
- Creations and maintenance of policies, procedures and incident response plans.
- Due diligence regarding the information security governance, compliance and standards of suppliers and partners.
- Revision and approval of requested changes to contracts/agreements and the proposal of changes to either executive management or legal representation.
Qualifications
- Certified Information Security Manager (CISM) – ISACA
- ISMS ISO27001 Lead Auditor – BSI
- Certified in CyberSecurity – ISC2
- Security Awareness and Culture Professional (SACP) – HLayer
- Emergency First Aid at Work – British Red Cross
Education
- HNC In Sport and Leisure Management
- BTEC National Diploma in Sports Studies
- A-Level Sports Science
- A-Level Law
- GCSE Maths and English C+
Skills
- Leadership
- Office Management
- People Management
- Data Protection
- General Data Protection Regulation (GDPR)
- ISO 27001
- PCI-DSS
- Cyber Essentials+
- Risk Management
- Asset Management
- Adaptability/Flexibility
- Customer Focus
- Communication
- Decision Making
- Creative Thinking
- Critical Thinking
- Multi-Tasking
- Social Media Marketing
- Technical Proficiency
- Professionalism
- Written Communication
- Verbal Communication
- Attention to Detail
- Website Design
- UX/UI
- HR/Employment Laws, Regulations and Best Practices
References
Personal and professional references available upon request.
Personal
I live with my wife of 11 years and two children, Jackson (14) and Robson (11). In my spare time, I enjoy watching and/or taking part in MMA/Kickboxing/Boxing, pool/snooker, poker, football and hiking.
In July 2018 I undertook and completed the National 3 Peaks Challenge, summiting the highest peaks in England, Scotland and Wales in under 24 hours; raising over £1,000 for the National Autistic Society.
In 2022, I was lucky enough to win a competition that presented me with the once in a lifetime opportunity to play at the Theatre of Dreams – Old Trafford; home of my favourite football team, Manchester United.
I was listed as one of ‘The Most Influential CISOs of the Year 2024’ by The CIO World magazine.