Jul 2025 – Present · 9 mos

• Overseeing end-to-end operations for a global cyber range platform, leading scenario delivery, content quality, and infrastructure governance across enterprise and military client engagements.
• Designed, strategically aligned, and facilitated cyber tabletop exercises (TTX) and technical cyber drills for international financial institutions and military organisations — including BNM (Bank Negara Malaysia), CIMB, Deloitte, and Saudi and Malaysian armed forces
• Leveraged AI and LLMs to accelerate exercise design, automate scenario documentation, and drive LLM-powered campaign automation — reducing content production time and improving delivery consistency across global client engagements
• Improved delivery predictability by ~35% through DoR/DoD frameworks, scope constraints, and a weekly decision cadence eliminating late-stage change requests
• Reduced rework by ~40% via QA gates, standard templates, and a formal release checklist spanning content, infrastructure, dashboards, and scoring
• Cut scenario onboarding time by ~30% through MITRE ATT&CK-aligned playbooks, enabling faster author and tester ramp-up
• Increased scenario reusability by ~50% by converting one-off builds into standardised assessment-ready lab environments
• Partnered with the product team and external military and regulatory stakeholders to govern roadmap decisions, manage delivery dependencies, and ensure platform evolution stayed aligned to operational requirements

Feb 2025 – Present · 1 yr 2 mos · Porthcawl, Wales, United Kingdom

• Building the UK's most intelligence-led cybersecurity talent marketplace — addressing the documented skills shortage through verified, evidence-based professional profiles and AI-powered talent matching.
• Deployed LLMs to power an intelligence job matching engine, enabling employers to search by verified capability, security clearance, sector experience, and contract preferences
• Driving strategic go-to-market partnerships with agencies, MSSPs, and hiring managers to establish Cydena as the UK's primary intelligence-led cybersecurity hiring platform
• Owning fundraising, strategic roadmap, and growth strategy; actively engaging Angels Invest Wales and institutional investors
• Advisory consulting arm delivering vCISO services, tabletop and purple-team exercises, SOC uplift, SIEM/XDR/SOAR implementation, and incident readiness programmes aligned to ISO 27001/42001 and NIST CSF.
• Strategically designed ISO 42001 AI Management System course pathways — positioning as one of the UK's first TRECCERT-accredited AI governance training providers at a time of accelerating EU AI Act and regulatory compliance demand
• Full course catalogue spanning ISO 27001, ISO 42001 AI, ISO 22301, Cybersecurity, and GRC

Feb 2025 – Jul 2025 · 5 mos · City Of Bristol, England, United Kingdom · Hybrid

• Embedded as first Head of Cyber at a regulated fintech platform serving Vanguard and State Street. Delivered full information security programme from ground zero to audit-ready posture within six months.
• Led formal due diligence security questionnaire (DDQ) process for Vanguard and State Street — authored responses and presented technical deep dives to four global financial institution security teams, achieving 100% client security approval rate
• Engaged directly with C-suite and executive stakeholders to report programme status, risk posture, and compliance milestones; managed dependency and risk registers throughout delivery
• ISO 27001-ready ISMS delivered in under 6 months — reduced audit preparation time by 60% and enabled fast-track onboarding of two global financial institutions
• 85% reduction in MTTD via Microsoft Defender XDR, AWS GuardDuty, and orchestrated IR playbooks
• 30+ security gaps remediated via NIST CSF and DORA-aligned quarterly delivery plans — boosted internal maturity score by two tiers
• 80% reduction in third-party risk exceptions and 30% faster supplier onboarding via rebuilt vendor risk workflows

Jun 2023 – Feb 2025 · 1 yr 8 mos · Doha, Qatar · On-site

• Led cybersecurity and AI capability development for a national defence organisation, managing training delivery, competitive strategy, and procurement for 400+ military personnel.
• Designed BSc-level AI curricula for sovereign military capability development — one of the earliest military-grade AI education programmes in the Gulf region
• Led a government-commissioned national cyber and AI programme spanning threat intelligence, digital forensics, malware analysis, offensive/defensive security, and AI disciplines
• Procured and onboarded OTIFYD into Meeza — Qatar's national IT managed services provider — to serve Qatar's critical national infrastructure (CNI) and OT security programme portfolio; managed full vendor selection, procurement governance, and onboarding lifecycle
• Advised the Government of Azerbaijan on national security data pipelines — strategic consultancy on data governance, security architecture, and compliance frameworks for critical national infrastructure
• Coordinated 20 bespoke programmes aligned to ISO, NIST, and NATO standards; managed external delivery partners and international military stakeholders
• Led student teams to international CTF victories in Qatar, Augusta (USA), and New York
• Contributed directly to national cybersecurity policy development

Jul 2022 – Jun 2023 · 11 mos · City Of Bristol, England, United Kingdom

• Managed a £10M+ portfolio of cybersecurity content projects, leading cross-functional product and content delivery aligned to enterprise client needs
• Governed concurrent workstreams with cross-functional stakeholder reporting, release governance, and external partner coordination; improved operational efficiency 20%
• Oversaw quality assurance, roadmap alignment, and release governance across technical security labs used by enterprise customers globally

Jul 2021 – Jul 2022 · 1 yr · City Of Bristol, England, United Kingdom

• Led a 15-person security testing team at one of the UK's largest financial services platforms.
• Directed £1M DevSecOps investment — reduced vulnerability identification time by 25% and improved PCI DSS and ISO 27001 compliance posture
• Led end-to-end migration from on-premises data centres to IaaS/SaaS cloud platforms, delivering a 30% reduction in operational costs

Jun 2018 – Jul 2021 · 3 yrs 1 mo · Cardiff, Wales, United Kingdom

• Led SOC operations for a managed detection and response provider, managing enterprise client accounts including Disney, Debenhams, and other major brands
• Managed analyst teams, client escalations, detection tuning, and continuous service improvement across a diverse enterprise portfolio
• Established ITIL-aligned SOPs reducing data non-conformance incidents to zero across a high-volume MDR environment

Sep 2013 – Jun 2018 · 4 yrs 9 mos · Cardiff, Wales, United Kingdom · On-site

• Led curriculum design and delivery across BSc Cybersecurity and Computing programmes at three institutions; managed teams of up to 15 lecturers.
• 30% improvement in student outcomes through redesigned assessment frameworks and hands-on lab delivery.
• This foundation directly informs my approach to security capability development, team upskilling, and the learning infrastructure behind Cydena.