Architecture & Security Experience

Core expertise

Areas of practice.

Deep, applied experience across the full breadth of modern enterprise security architecture.

Cloud Security Architecture

Designing and reviewing secure cloud architectures across AWS and Azure, from initial platform design through to enterprise-scale deployment and ongoing security assurance.

Secure landing zones

Identity and access management

Network segmentation

Cloud-native security controls

Platform security assurance

Secure hybrid connectivity

Enterprise cloud governance

API security architecture

Zero Trust & Identity Security

Applying Zero Trust principles across complex enterprise environments, with a focus on identity as the primary security boundary and layered access controls across workloads, devices, and networks.

Identity-centric security design

Conditional access strategies

Privileged access management

Secure remote access

Device and workload trust models

Enterprise segmentation

Security Architecture & Assurance

Supporting organisations with architecture reviews, threat modelling, and security assurance across enterprise transformation programmes, from secure-by-design to continuous validation through Breach Attack Simulation.

Secure-by-Design implementation

STRIDE threat modelling

Architecture risk reviews

Breach Attack Simulation (BAS)

MITRE ATT&CK mapping

Regulatory and governance alignment

AI Governance & Emerging Technology Security

Helping organisations adopt AI and emerging technologies securely, through practical governance frameworks, security architecture for LLM systems, and risk management approaches grounded in real-world enterprise requirements.

AI governance frameworks

LLM security architecture

RAG pipeline security

AI risk management

Data governance considerations

Secure AI integration patterns

OT Security & Network Segmentation

Providing security architecture guidance across operational technology and enterprise network environments, with particular experience in Critical National Infrastructure and regulated industrial settings.

Secure OT/IT separation

IDMZ design and implementation

Network zoning and segmentation

Operational resilience design

Infrastructure security architecture

CNI security governance

Selected engagements

Enterprise and public sector.

A cross-section of enterprise and public sector engagements spanning cloud transformation, security architecture, and regulated environments.

Government · AWS

HM Land Registry

Senior Security Solution Architect

Delivered security architecture across APIs and middleware within a fully AWS-based enterprise platform. Strengthened API security controls and implemented structured STRIDE threat modelling across cloud services and integrations, with a focus on secure-by-design across a large-scale government transformation programme.

AWS API Security STRIDE Threat Modelling Enterprise Architecture

Government

Government · Cloud Security

Ministry of Justice

Lead Cloud Security Architect

Lead Cloud Security Architect within MOJ Digital and Technology, supporting secure-by-design principles across enterprise cloud platforms. Contributed to cloud assurance, threat modelling, Breach Attack Simulation, and API security across a portfolio of digital services and transformation programmes.

Cloud Assurance BAS Zero Trust API Security AWS Azure

Government

Critical National Infrastructure

Smart DCC

Enterprise Security Architect

Security architecture activities supporting regulated CNI systems. Defined AWS-based PKI cloud architecture, strengthened threat detection capabilities, and improved security governance across enterprise platforms operating within a tightly regulated national infrastructure environment.

CNI PKI AWS Threat Detection Security Governance

CNI

Manufacturing · Enterprise

Jaguar Land Rover

Senior Solutions Architect

Enterprise architecture and security governance across complex manufacturing environments. Delivered improvements to third-party access controls, reduced Shadow IT exposure, and strengthened the overall security posture across enterprise systems supporting global automotive operations.

Enterprise Architecture OT Security Governance Third-party Risk

Enterprise

Financial Services · Enterprise

AIG

Cloud Security & Solution Architect

Security architecture and cloud security support across enterprise platforms and transformation initiatives. Contributed to secure design, governance frameworks, and modern security architecture practices across a global financial services environment with complex regulatory obligations.

Cloud Security Governance Secure Design Enterprise Architecture

Enterprise

Manufacturing · Distribution

Amer Sports

Lead Security Architect

Security architecture and operational technology security within enterprise distribution and logistics environments. Delivered network segmentation, infrastructure security design, and secure operational architecture across a global sporting goods enterprise with significant OT and logistics infrastructure.

OT Security Network Segmentation Infrastructure Security Logistics

Enterprise

Professional certifications

Qualifications & continuous development.

Maintaining rigorous professional development across cloud security, enterprise architecture, and emerging security disciplines.

Microsoft

Azure Solutions Architect Expert

Enterprise Azure architecture, governance, secure cloud design, and hybrid infrastructure strategy across complex enterprise environments.

Azure · Expert

Microsoft

Azure Security Engineer Associate

Implementing robust security controls across Azure environments, with a focus on identity, data, and infrastructure protection by design.

Azure · Security

Microsoft

Azure Network Engineer Associate

Designing and securing complex cloud networking, covering hub-spoke topologies, private endpoints, and secure hybrid connectivity.

Azure · Networking

Amazon Web Services

AWS Certified Cloud Practitioner

Foundational understanding of AWS cloud services, security principles, cloud architecture, and governance supporting enterprise transformation.

AWS

CompTIA

Advanced Security Practitioner (CASP+)

Advanced enterprise-level security thinking across cloud and hybrid environments, focused on risk reduction and real-world defensive architecture strategies.

CASP+

EC-Council

Certified Ethical Hacker (CEH)

Understanding attacker techniques and operations to design and test systems against real-world attack patterns, improving resilience and reducing exploitable weaknesses.

CEH

Built across the sectorsthat cannot afford to fail.

Areas of practice.

Enterprise and public sector.

Qualifications & continuous development.

Built across the sectors
that cannot afford to fail.