$$$$
{{ $t($store.state.user.experience_value_in_dollars) }}
Expert
{{ $t($store.state.user.experience_search_name) }}
0
jobs
Helping organisations manage their cyber security risk.
Darren Brooks
,
Royston, United Kingdom
Experience
Other titles
Skills
I'm offering
Dr Darren Brooks is a senior security leader who has over 20 years of experience in privacy, information security and cyber security gained from both Tier 1 consultancy and IT security management. Darren held senior security consulting leadership roles at Accenture, Deloitte, BAE Applied Intelligence, NokiaSiemensNetworks and Unisys.
His technical skills were honed by helping clients to manage technology risk, developing security strategies, writing security policies & standards, enabling clients to achieve compliance with security standards and implementing security infrastructure projects. He has been a Certified Information Security Professional (CISSP) since 2002, holds the CIPP/E and CIPM certifications in privacy management and completed the Cloud Security Certificate of Knowledge (CCSK) in 2020.
His technical skills were honed by helping clients to manage technology risk, developing security strategies, writing security policies & standards, enabling clients to achieve compliance with security standards and implementing security infrastructure projects. He has been a Certified Information Security Professional (CISSP) since 2002, holds the CIPP/E and CIPM certifications in privacy management and completed the Cloud Security Certificate of Knowledge (CCSK) in 2020.
Markets
United Kingdom
Links for more
Once you have created a company account and a job, you can access the profiles links.
Industries
Language
English
Fluently
Ready for
Larger project
Ongoing relation / part-time
Available
My experience
2020 - ?
job
Director
Cyber Risk Vane Ltd.
Founded a business to resell X-Analytics, a cyber risk economics solution from SSIC. Working with security consultancies to sell and deliver the solution either as CRV or as white-labelled service. The service enables customers to determine financial values for expected losses due to cyber risks and make business decisions on the effectiveness of existing security controls, review investments in new security controls or assess the options for risk transfer to cyber insurance.
Analytics, Service, Security, Insurance
2019 - 2020
job
Business Unit Head
Global Compliance Practice.
Led a cyber security team that helped organisations reduce the cost of information security compliance and the risk of data breaches by matching ColorTokens product control capabilities with compliance control requirements. Developed and took to market Xquantify, a cyber risk economic quantification service which translates cyber security risks into expected financial losses. Led a project providing PCI-DSS control remediation and monitoring for a US retail customer.
Retail, Information Security, Service, Compliance, Security, Monitoring, LED
2016 - 2019
job
Director - Security Consulting
Unisys.
* Global Governance Risk & Compliance Practice Lead, the duties of this role consisted of: business development; thought-leadership; development of new security offerings relating to Governance, Risk, Compliance and Privacy, including the TrustcheckTM cyber risk quantification platform; participation in marking relating to GRC; promoting Unisys services with sourcing analysts and representing Unisys in public speaking engagements.
* Developed and delivered the Unisys proposition for privacy compliance which encompassed personal data discovery, compliance gap assessment, security & privacy controls creation, security architecture design, and security monitoring implementation or improvement to enable effective breach reporting. Completed two General Data Protection Regulation (GDPR) remediation projects in 2018 reviewing security policies, processes, and controls to develop recommendations for remediation programmes.
* Responsible for the delivery of all security consulting and SI projects in EMEA as Security Consulting Lead for EMEA managing a team of thirty security consultants in seven countries. Worked with the project delivery teams to plan delivery and project approaches and led troubleshooting of delivery issues, particularly in two problematic biometric identity management and data security projects.
* Led the delivery of security consulting projects including: a security remediation programme for a large EU institution; a security strategy for a European manufacturing group: a core banking systems security assessment for a UK Bank; a security strategy and security assessment for a global air travel organisation, a security review against ISO27002 for an FinTech customer; and the implementation of data security through micro-segmentation for a UK bank to achieve PCI-DSS compliance.
* Represented Unisys: in several public speaking engagements per year including the 2018 Central Government Business & Technology Conference in London (https://whitehallmedia.co.uk/cgbtsep2018/speakers/); a Brighttalk virtual seminar - (https://www.brighttalk.com/webcast/14101/232057) and the Avasant GDPR Conference in Madrid (https://twitter.com/CruzEstadao/status/936180635395379202); in vendor security seminars with ServiceNow and LogRhythm; in Unisys marketing videos; and published a thought capital piece on the role of the CISO (https://www.infosecurity-magazine.com/opinions/the-ciso-insomniac-whats-keeping/) which was reprinted by a number of security publications.
* Developed and delivered the Unisys proposition for privacy compliance which encompassed personal data discovery, compliance gap assessment, security & privacy controls creation, security architecture design, and security monitoring implementation or improvement to enable effective breach reporting. Completed two General Data Protection Regulation (GDPR) remediation projects in 2018 reviewing security policies, processes, and controls to develop recommendations for remediation programmes.
* Responsible for the delivery of all security consulting and SI projects in EMEA as Security Consulting Lead for EMEA managing a team of thirty security consultants in seven countries. Worked with the project delivery teams to plan delivery and project approaches and led troubleshooting of delivery issues, particularly in two problematic biometric identity management and data security projects.
* Led the delivery of security consulting projects including: a security remediation programme for a large EU institution; a security strategy for a European manufacturing group: a core banking systems security assessment for a UK Bank; a security strategy and security assessment for a global air travel organisation, a security review against ISO27002 for an FinTech customer; and the implementation of data security through micro-segmentation for a UK bank to achieve PCI-DSS compliance.
* Represented Unisys: in several public speaking engagements per year including the 2018 Central Government Business & Technology Conference in London (https://whitehallmedia.co.uk/cgbtsep2018/speakers/); a Brighttalk virtual seminar - (https://www.brighttalk.com/webcast/14101/232057) and the Avasant GDPR Conference in Madrid (https://twitter.com/CruzEstadao/status/936180635395379202); in vendor security seminars with ServiceNow and LogRhythm; in Unisys marketing videos; and published a thought capital piece on the role of the CISO (https://www.infosecurity-magazine.com/opinions/the-ciso-insomniac-whats-keeping/) which was reprinted by a number of security publications.
Public speaking, LED, SI, Processes, ISO27002, Organization, Development, Assessment, Monitoring, ServiceNow, Implementation, Twitter, Fintech, Security Assessment, Marketing, Banking, Security, Compliance, Sourcing, Technology, Architecture, Data protection, Consulting, Management, GDpr, Leadership, Business development, Design
2015 - 2016
job
Senior Principal - Digital Security Practice Lead
Infosys Consulting.
Practice Lead responsible for: creating new security consulting capability; undertaking business development in existing customers; and creating thought leadership around security within the business. This included a six month on-site security transformation project for a Swiss based commodities company as part of an IT divestment, leading an onshore/offshore security team of ten people to create and operationalise a full range of new security operations to protect the new IT systems.
Business development, Operations, Leadership, Consulting, Security, Offshore, It, Transformation, Development
2014 - 2015
job
Practice Director
Enterprise Security Services.
Practice Director leading the Wipro Enterprise Security Services business development for the Energy, Natural Resources and Utilities Sector. Responsible for business development, order intake, revenue management and project delivery for all Wipro EMEA projects in the sector.
Business development, Management, Security, Natural, Development, Energy, Enterprise, Utilities, Energy
2013 - 2014
job
Executive Manager - Cyber Prepare
BAE Systems Applied Intelligence.
* Executive Manager leading the Cyber Prepare business for commercial customers in the in the UK, Middle East and North America. Responsible for cyber security consulting business development and project delivery across all commercial sectors. Delivered double digit sales and revenue growth in 2013 and 2014 and consistently beat target margins for security consulting work during delivery.
* Responsible for project delivery assurance and practice management, leading a team of five Senior Manager direct reports and a wider commercial security consulting pyramid of twenty-five consultants. Contributed to an IRM publication entitled "Risk in the Extended Enterprise". Regularly represented BAE in public speaking engagements including a presentation for the ACCA on Cyber Security at a conference of internal auditors (http://accaiabulletin.newsweaver.co.uk/accaiabulletin/fiyf5oawbzt?a=1&p=48219414&t=28194290).
* Responsible for project delivery assurance and practice management, leading a team of five Senior Manager direct reports and a wider commercial security consulting pyramid of twenty-five consultants. Contributed to an IRM publication entitled "Risk in the Extended Enterprise". Regularly represented BAE in public speaking engagements including a presentation for the ACCA on Cyber Security at a conference of internal auditors (http://accaiabulletin.newsweaver.co.uk/accaiabulletin/fiyf5oawbzt?a=1&p=48219414&t=28194290).
Business development, Management, Consulting, Sales, Security, Public speaking, Growth, Development, Http, Enterprise, Manager
2009 - 2012
job
Head of Security Consulting
Nokia Siemens Networks.
- CSI Security Practice - Nokia Siemens Networks
* Built the security consulting business in NSN. Led nine senior direct reports in the global security consulting team developing security capability, delivery methodology, and thought leadership. Worked with NSN customer relationship managers to build new relationships with buyers of security services at customers.
* Sold and managed the delivery of security consulting projects for telecoms customers in five key areas of focus: Security Assessments, Identity & Access Management, Security Compliance & Governance, and Business Continuity. Specific projects included: security assessments for customers in Albania, India, Indonesia, Saudi Arabia, and Spain; Security Strategy in China, and Security Compliance in India.
* Built the security consulting business in NSN. Led nine senior direct reports in the global security consulting team developing security capability, delivery methodology, and thought leadership. Worked with NSN customer relationship managers to build new relationships with buyers of security services at customers.
* Sold and managed the delivery of security consulting projects for telecoms customers in five key areas of focus: Security Assessments, Identity & Access Management, Security Compliance & Governance, and Business Continuity. Specific projects included: security assessments for customers in Albania, India, Indonesia, Saudi Arabia, and Spain; Security Strategy in China, and Security Compliance in India.
Leadership, Management, Consulting, Compliance, Security, China, Access management, LED
2005 - 2009
job
Senior Manager
Security Domain of Accenture Technology Consulting.
* Accenture Technology Consulting Security Sales Lead for Products and Communications & High Technology client service groups. Responsible for maintaining sales pipeline, managing relationships with clients, responding to RFI/RFP requests, planning, pricing, and managing the delivery of programmes/projects.
* Opened a relationship with a global pharmaceutical company that resulted in over £2M security consulting revenue for Accenture in 2009/10.
* Led the security component of a successful $1BN application outsourcing deal for an Oil company. This deal was one of the biggest in Accenture's history and security questions were a significant part of the RFP.
* Managed the security work stream of a $50M IT transformation programme for a Global Energy company, which was focused on collaboration-oriented architecture and identity management.
* Led security transformation programme for a high street retailer. Developed programme plan and business case and managed five work streams which reduced information risk and saved 15% from the security budget.
* Security Lead for a $100M application migration programme for a Global Telecoms provider. Responsible for security requirements for each application and the design of security controls in the new environment.
* Opened a relationship with a global pharmaceutical company that resulted in over £2M security consulting revenue for Accenture in 2009/10.
* Led the security component of a successful $1BN application outsourcing deal for an Oil company. This deal was one of the biggest in Accenture's history and security questions were a significant part of the RFP.
* Managed the security work stream of a $50M IT transformation programme for a Global Energy company, which was focused on collaboration-oriented architecture and identity management.
* Led security transformation programme for a high street retailer. Developed programme plan and business case and managed five work streams which reduced information risk and saved 15% from the security budget.
* Security Lead for a $100M application migration programme for a Global Telecoms provider. Responsible for security requirements for each application and the design of security controls in the new environment.
Security, LED, Manager, Planning, Energy, Transformation, Outsourcing, It, Pharmaceutical, Design, Business Case, RFP, Technology, Service, Architecture, Sales, Consulting, Management, Budget
2001 - 2005
job
Global Information Security Officer
Tullett Liberty Plc.
Global Information Security Officer responsible for all aspects of information security strategy and policy. Led security control implementation projects. Managed the process of implementing security policies, configurations, and patching for Windows, UNIX and network environments with BAU teams.
Unix, Information Security, Windows, Security, Network, Implementation, LED
1999 - 2000
job
Senior Engineer
Canon Voice & Data Ltd.
Buckinghamshire
1997 - 1999
job
IT Manager
MLM Consulting Engineers Ltd.
Cambridge
It, Manager
My education
1994
-
1998
University of Wales College of Cardiff
Doctorate, Engineering Management
Doctorate, Engineering Management
1989
-
1993
University of Wales College of Cardiff
Masters, Civil Engineering Design and Management
Masters, Civil Engineering Design and Management
1981
-
1988
Ingatestone Anglo European School
Secondary, O & A Levels
Secondary, O & A Levels
Darren's reviews
Darren has not received any reviews on Worksome.
Contact Darren Brooks
Worksome removes the expensive intermediaries and gives you direct contact with relevant talent.
Create a login and get the opportunity to write to Darren directly in Worksome.
38100+ qualified freelancers
are ready to help you
Tell us what you need help with
and get specific bids from skilled talent in Denmark