About Ashley
✅ My methodology for all of my work begins with understanding your business, first and foremost
✅ 12 years experience working in cyber security
✅ Certified as an cyber security incident handler (GCIH) and a security auditor (GCCC)
✅ Qualified at BSc level in computer security and forensics
✅ Experience as a non-executive director - I understand the business context as well as the technical and security aspects
✅ Experience in a variety of positions within security:
- Technical (SOC analyst)
- Risk (Information security officer)
- Strategy (cyber security strategy specialist)
✅ I am not the type of consultant for a tick-in-the-box approach. If you genuinely want to achieve a better cyber security understanding and/or posture, my work quality will be a good fit.
Description:
A pragmatic, down-to-earth Cybersecurity professional who translates technical jargon into understandable business terms. I have worked in technical, risk and strategy roles in both large enterprises and smaller organisations - so I can relate to most organisations' security challenges.
The vast majority of my experience is in the financial services sector, the most heavily regulated and mature industry for cyber security. However, I've also worked in a consultancy services role, working directly with customers in identifying breaches and recommending how they can improve their security posture.
With cyber security, a business can't focus on improving everything, so it is important to focus on those few areas which give the greatest return on investment.
My speciality is explaining cyber related businesses risk in a simple way, and advising on solutions in a rational, quantified manner to maximise ROI, both in effort and cost.
I offer practical and pragmatic consultancy on:
- Risk Assessments
- Strategy/Policy Design
- vCISO Services
- Compliance Assistance
- ISO 27001
- Cyber Essentials
- Security training and user awareness
English
Native or bilingual
Spanish
Conversational
Can work on-site
Barcelona (up to 50km)
Experience
- Leeds Building SocietyTechnical Information Security OfficerBANKING AND INSURANCEJanuary 2015 - September 2017 (2 years and 9 months)Leeds, United KingdomIt was at Leeds Building Society where I truly became a stand-out Information Security professional. I learnt security is all about basic fundamentals, processes, being pragmatic, and doing the right things in a risk based, prioritised approach, instead of just doing things.My job duties widened, deepened and my responsibilities increased to an exceptionally high level considering my non-senior role; including full responsibility for arranging and managing regular red team exercises and holding subsequent meetings with executive directors, to discuss results and improvement recommendations.As part of a diverse team, I learnt to independently manage a high workload in my specific role and provide periodic updates and suggestions to the Head of Information Security & IT Risk. This freedom gave me the ability to thrive and work in a way which suited me best, helping contribute my greatest levels of value to the organisation.
- ProficioCyber Security AnalystDIGITAL AND ITNovember 2018 - May 2019 (6 months)Barcelona, SpainLearning to become a top-class security operations center analyst:- Thoroughly analysing security alerts for a variety of technologies, companies and sectors- Providing accurate, actionable information on incidents and recommendations on how to respond- Making suggestions to create and improve SIEM content rules- Understanding real-world attacker techniques, tools and procedures- Making recommendations to customers to improve their security posture against their specific threat actors
- Banco SantanderCyberSecurity Strategy SpecialistBANKING AND INSURANCEJune 2019 - November 2019 (5 months)Madrid, SpainMain responsibilities:- Contributing to the creation of and continuous development of the global group's cyber security strategy- Collaborating with other cyber functions within the group to better understand their activities, problems and how we can help- Researching the development of emerging technologies, threat actor activities, best practice etc. to understand how the group can best prepare for the future from a cyber perspective- Understanding and helping steer how cyber security can directly impact the bank's ability to digitally transform and achieve growth in line with appetite- Analysing risk data, metrics and other outputs to prioritise control improvements in a pragmatic manner
Recommendations
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- BSc Computer Security and ForensicsSheffield Hallam University2014
Certifications
- GIAC Certified Incident Handler (GCIH)SANS2015
- GIAC Critical Controls Certification (GCCC)SANS2016