Visionary cybersecurity leader with over 13 years of experience in steering comprehensive security programs, integrating Threat Intelligence (CTI), Vulnerability Management (VM), Red Teaming, and Attack Surface Management (ASM) to protect global enterprises from advanced threats. Known for aligning cybersecurity initiatives with business goals, driving risk-based strategies, and fostering a culture of security excellence in top-tier organizations like M&S, TikTok, Tesco, and KPMG.
Proficient in building automation-driven workflows, scalable security architectures, and delivering actionable insights that reduce organizational risk exposure and enhance cyber resilience. Passionate about mentoring the next generation of cybersecurity leaders, contributing to global forums, and advancing the field through innovative solutions.
Core Competencies
Strategic leadership: Proven success in conceptualizing and implementing enterprise-wide security programs aligned with organizational objectives.
Threat intelligence & vulnerability management: Expertise in integrating CTI into vulnerability remediation and prioritization processes.
Stakeholder engagement: Adept at translating technical security challenges into executive-level strategies and driving informed decision-making.
Technical proficiency: Mastery of tools like MITRE ATT&CK, NIST CSF, OWASP Top 10, CVSS 4.0, CrowdStrike, Splunk, Recorded Future, and advanced ASM platforms.
Program innovation: Transitioned organizations from manual processes to automated, intelligence-driven workflows, achieving measurable efficiency gains.
Cloud security familiarization: Intermediate in both AWS and Azure from Security Management and Investigation point of view
Work Experience
Threat & Vulnerability Manager, Marks and Spencer (M&S) - UK
Oct 2023 - Present
Spearheaded a unified strategy combining Threat Intelligence and Vulnerability Management, enabling proactive identification and mitigation of threats.
Developed a comprehensive security framework integrating ASM tools, achieving 100% cloud coverage and reducing remediation timelines.
Introduced dynamic PowerBI dashboards, replacing manual tracking and improving stakeholder reporting by 50%.
Built a centralized repository detailing the mission, vision, and strategies of the VM team to foster alignment across stakeholders.
Global Senior Vulnerability Management Analyst, TikTok - UK
Nov 2022 – Oct 2023
Enhanced global vulnerability management operations by introducing automation tools and risk-based prioritization frameworks.
Conducted extensive vulnerability research, producing detailed analyses to guide patch and remediation management.
Designed and implemented threat modeling for complex architectures, addressing potential vulnerabilities proactively.
Automated validation processes using custom scripts, increasing efficiency in large-scale asset management.
Security Engineering Manager, Tesco - UK
Dec 2020 – Nov 2022
Architected and executed a comprehensive global vulnerability management program across 7 countries and 5 subsidiaries.
Pioneered attack surface management (ASM) and bug bounty programs, enhancing early detection of exploitable vulnerabilities.
Integrated advanced analytics into vulnerability workflows, reducing security incident rates by 20%.
Established cross-functional collaboration with SOC, SIEM, and red teams to streamline threat intelligence processes.
Manager (Cybersecurity), KPMG - New Zealand
Jul 2017 – Dec 2020
Designed tailored threat detection and incident response frameworks for high-profile clients across industries.
Conducted over 50 penetration tests and 10 red team exercises, improving clients’ security posture and readiness.
Delivered executive-level briefings, aligning cybersecurity strategies with organizational risk tolerance and business goals.