Consulting and Advisory
Senior Cybersecurity leadership, without the permanent headcount.
Financial institutions, fintechs, and scale-ups engage me when they need a senior security architect or CISO-level mind — to navigate a regulatory deadline, prepare for a quantum transition, or build the security function that reflects where the business is actually going.
Who I work with
How I engage
ONGOING RETAINER
Embedded senior security leadership on a part-time basis
Typically one to three days per week. I act as your CISO: owning the security strategy, engaging regulators, reporting to the board, and building the programme that fits the business you're building.
Right for fintechs and scale-ups that are growing into regulated environments, and for financial institutions that need senior coverage during a transition or vacancy.
Security strategy & roadmap. - Board & regulator reportingTeam build & oversight - Policy & governance framework
Vendor & third-party risk
ADVISORY ENGAGEMENT
A structured programme to assess your current cryptographic exposure, prioritise remediation, and build the transition roadmap to quantum-safe infrastructure. Designed for institutions that know Q-Day is no longer a theoretical concern.
Draws on my active work with the FS-ISAC Post-Quantum Cryptography Working Group and direct experience preparing systemically important financial institutions for NIST PQC standards.
Cryptographic inventory & risk assessment. - PQC transition strategy - Crypto-agility architecture. - Executive & board briefings. - Regulatory alignment (DORA, NCSC, NIST)