$$$$
{{ $t($store.state.user.experience_value_in_dollars) }}
Expert
{{ $t($store.state.user.experience_search_name) }}
0
jobs
Senior Information Security Manager and Consultant
Andrew Fisk
,
Morpeth, United Kingdom
Experience
Other titles
Skills
I'm offering
Andrew has extensive experience of managing cyber security, significantly lowering organisational risk and improving security compliance in many organisations covering private and public sector, small and large. He has extensive experience in security program implementation, assessment of risk, selection of controls, policy development, compliance review, building relationships, team leadership, and driving change across people, process and technology. An ISACA Certified Information Security Manager (CISM) and ISACA Certified in Risk and Information Systems Controls (CRISC) with an MSc in Information Systems Management.
Markets
United Kingdom
Language
English
Fluently
Ready for
Larger project
Ongoing relation / part-time
Full time contractor
Available
My experience
2019 - ?
freelance
Cyber Security Risk and Compliance Manager
Growth Stage Startup.
Managing the establishment of policy frameworks, compliance processes and effective and efficient operational security processes including:
• Information security policy framework and associated operational procedures;
• Implementation of a governance, risk and compliance framework and solution;
• Information security awareness development, including phishing awareness campaigns.
• Ongoing review of security controls in operational and project environments.
• Third party assurance activities including leading reviews of high-risk suppliers.
• Information security policy framework and associated operational procedures;
• Implementation of a governance, risk and compliance framework and solution;
• Information security awareness development, including phishing awareness campaigns.
• Ongoing review of security controls in operational and project environments.
• Third party assurance activities including leading reviews of high-risk suppliers.
Information Security, Compliance, Security, Implementation, Development, Interim, Framework, Processes, Manager
2017 - ?
freelance
Governance, Risk and Compliance Executive Security Consultant
Red Canari.
Providing security consultancy services to a range of clients including strategy development, threat and risk management, policy development, project management, and managing all aspects of security operations.
Project Management, Operations, Risk Management, Management, Security, Development, Strategy development
2017 - 2019
freelance
Global Cyber Security Project Manager
Micro Focus Ltd.
Consulting on global cyber security during a time of significant change in the business:
• Developing and standardising information security policies and procedures to ISO27001 and Service Organisational Control (SOC) audit requirements.
• Implementation of SIEM and Governance, Risk and Compliance (GRC) solutions.
• Vendor risk evaluation and responding to customer enquiries, audits and assessments.
• Consultancy on the selection, implementation and review of security controls.
• Security awareness programme covering employees globally.
• Establishing a functional information security management system (ISMS).
• Developing and standardising information security policies and procedures to ISO27001 and Service Organisational Control (SOC) audit requirements.
• Implementation of SIEM and Governance, Risk and Compliance (GRC) solutions.
• Vendor risk evaluation and responding to customer enquiries, audits and assessments.
• Consultancy on the selection, implementation and review of security controls.
• Security awareness programme covering employees globally.
• Establishing a functional information security management system (ISMS).
Project Manager, Information Security, Consulting, Management, Service, Compliance, Security, Implementation, ISO27001, Audit, Interim, Manager
2015 - 2017
freelance
Information Security Consultant & Project Manager
Durham University.
Reducing risk, improving compliance and protecting income through the management of the implementation of appropriate and proportionate governance and security controls.
• Ensuring compliance with UK Government security standards including ISO 27001 and ISO 9001. Managing GRC activities including risk management consultation with executives.
• Implementing technical controls: end-point protection, vulnerability scanning and SIEM.
• Development of a comprehensive information security cultural change programme.
• Management of security activities: penetration testing, vulnerability scanning and SecOps.
• Ensuring compliance with UK Government security standards including ISO 27001 and ISO 9001. Managing GRC activities including risk management consultation with executives.
• Implementing technical controls: end-point protection, vulnerability scanning and SIEM.
• Development of a comprehensive information security cultural change programme.
• Management of security activities: penetration testing, vulnerability scanning and SecOps.
Project Manager, Information Security, Risk Management, Management, Compliance, Security, Implementation, ISO 27001, Testing, Development, Penetration testing, Manager
2015 - 2015
freelance
Interim ICT Manager
Children's Hearings Scotland.
• Headed team to implement CHS's digital strategy. Cloud-based services - Office 365.
• Implementation of security controls based on HMG Security Policy Framework and ISO 27001 with reviews using COBIT. Undertaking Data Protection Impact Assessments.
• Implementation of security controls based on HMG Security Policy Framework and ISO 27001 with reviews using COBIT. Undertaking Data Protection Impact Assessments.
Digital Strategy, Office 365, Cloud, Security, Data protection, Implementation, ISO 27001, Office, Interim, Framework, Manager
2014 - 2015
freelance
Cyber Strategy Consultant
SCRA.
Development of a joint cyber strategy. Leading workshops, roadshows and presentations.
Workshops, Development
2013 - 2014
freelance
Software Development Project Manager
Fifosys Ltd.
Managed of team developing a next generation online portal. SCRUM with .NET development.
Scrum, Project Manager, Software development, Net, Development, Software, Online, Portal, Manager
2012 - 2012
freelance
Mobile and Web Development Manager
Enterprise Software Engineering.
Managing the Development of a suite of mobile and web-based apps. Working with health care professionals and patients. Use of agile techniques (SCRUM) to manage the development.
Scrum, Agile, Apps, Development, Health, Web, Manager
2004 - 2012
job
Managing Director
Tagish Ltd.
Responsible for all aspects of running the business including: change control; quality and information security systems implementation (ISO9001/ISO27001); extensive web security implementation and penetration testing; staff and project management.
Project Management, Information Security, Management, Security, Implementation, ISO27001, Testing, Web, Penetration testing
2001 - 2004
job
Infrastructure Programme Manager
Home Group Ltd.
Infrastructure, Manager
1993 - 1995
job
Analyst Programmer
British Airways.
Analyst
1990 - 1991
job
Analyst Programmer Placement
Conoco (UK) Limited.
Analyst
1987 - 1990
internship
Student Trainee Vickers Shipbuilding and Engineering
unknown.
Engineering
My education
1998
-
2001
University of Northumbria
MSc, Information Systems Management
MSc, Information Systems Management
1988
-
1992
City University
BSc, Business Computing Systems
BSc, Business Computing Systems
1982
-
1987
King Edward VI High School
HighSchoolOrEquivalent, N/a
HighSchoolOrEquivalent, N/a
Andrew's reviews
Andrew has not received any reviews on Worksome.
Contact Andrew Fisk
Worksome removes the expensive intermediaries and gives you direct contact with relevant talent.
Create a login and get the opportunity to write to Andrew directly in Worksome.
are ready to help you
and get specific bids from skilled talent in Denmark