Creating and integrating risk change programs, including redesigning end-to-end Risk, Control & Self-Assessment (RCSA) frameworks, using ‘Systems Thinking’ to bolster the Risk Management Framework and Group Operational Risk capital position.
Experienced Operational Risk and Compliance SME, skilled in enhancing risk frameworks, policy compliance, governance, automated reporting, and offering regulatory advice to senior stakeholders.
Operational Resilience SME with excellent understanding of the new regulation and the key requirements which are needed prior to the 2025 deadline, including Important Business Services, Self-Assessment etc.
Change / Project work – developing and embedding risk change / embedding programmes – including redesigning the end-to-end Risk, Control & Self-Assessment (RCSA) frameworks – applying ‘Systems Thinking’ logic to enhance the overall Risk Management Framework and Group Operational Risk capital position.
Operational Risk and Compliance SME with extensive knowledge and experience in improving and embedding enhanced risk frameworks, policy compliance, robust governance, automated reporting as well as providing regulatory advice & guidance to senior stakeholders.
Experience in leading the embedding of new compliance requirements for the Senior Managers and Certification Regime(SMCR), GDPR and the new Operational Resilience regulations.
Prior to joining Beyond Blue, Ed made significant contributions in guiding clients through their digital transformation journeys. He played a pivotal role in helping clients comprehend the intricate dynamics of technology and market trends, thereby facilitating the creation of value. Working closely with numerous senior leadership teams, he provided critical insights and modelled robust strategies to navigate their digital transformations successfully. Prior to this, Ed’s deep-seated cybersecurity knowledge was tapped into by governments, assisting them to shape their cyber roadmaps.
Ed brings a wealth of experience from a variety of sectors including technology, media, and acoustics, however, it’s his extensive involvement across various geographical regions for the UK government that truly stands out. Ed has made a significant impact through advising on essential cyber and data-driven technologies, all with the focused objective of protecting and fulfilling UK requirements on a global scale. His remit has encompassed large international areas, including East Asia and the Levant, where he has applied strategic thought and leadership to counter digital threats in some of the most physically and technologically challenging environments.
His advanced skill set covers a broad range of technologies from secure networking and technical security to data management, edge technology, and cloud services, illustrating his multifaceted technical proficiency.
Before stepping into the consulting world, Ed immersed himself in the realm of emerging technologies, earning recognition through numerous innovation awards. And beyond his professional life, he’s chosen to volunteer his time as a head advisor in the fight against cybercrime – a testament to his genuine commitment to the cybersecurity field.
Jodie works across multiple clients and industries, including financial institutions, to support their compliance to Operational Resilience regulations and continues to lead crisis exercises, enabling organisations to practice their response to a disruption in a safe environment. Jodie’s previous experience includes developing and delivering information and cyber security training programmes, focussing on embedding a resilient culture and influence positive secure behaviour in employees. Prior to this she worked for local police forces as Cyber Protect Officer, working proactively with organisations and the public and investigating cyber crime, and as HOLMES Supervisor in the Major Crime Unit investigating homicides, both playing a key role bringing offenders to justice.
Jodie has extensive knowledge around cyber security. She has created and delivered training programmes for organisations and to develop employees’ skills and confidence in dealing with the key threats. She provided support to victims of Cyber Dependent crimes, conducted security assessments and proposed actions to increase resilience and be better prepared to respond to incidents. She was a key player in the start-up of the East Midlands Cyber Resilience Centre; a not-for-profit organisation with Policing, Academia, the private sector and SME’s and was vital in stakeholder engagement and management.
Jodie possesses knowledge of the cyber security and fraud landscape, emerging threats, attack techniques and the potential impacts cyber attacks could have. She holds certifications in CISMP, Neurodiversity, Level 3 Teacher Training (PTTLS) and Springboard (Women’s Business & Persona Development).
With over 20 years of technical experience, Wasim has proven ability in defining strategies for technical challenges and delivering solutions in a secure, on budget and timely fashion. He has a natural aptitude for optimisation activities and risk reduction analysis. Experienced in extracting service metrics to feed continuous improvement and innovation operations.
Wasim is confident executing projects & championing security in challenging business environments that demand high standards of compliance, quality and precision..
Wasim has extensive technical experience leading teams and delivering resilient, secure IT architectures across diverse landscapes and business sectors.
Whilst working for Paradigm Precision he spearheaded the direct operational delivery and vision of IT architecture across the International Sites located in the UK, Poland and Tunisia. He also provided executive system design leadership to a new expansion aerospace facility build. Developed strategic and operational vision and orchestrated the project on time and under budget satisfying stakeholders across the world and ensuring the site was primed for growth. Wasim virtualised the entire environment including the critical legacy infrastructure, applications & services. Deploying HP/Microsoft/VMware & cloud services/products to achieve goals of improving uptime, redundancy, stability and security. He has led on projects involving DoD & MoD data, adhering to security frameworks such as NIST & CAF in secure environments such as AWS GovCloud.
Prior to joining Beyond Blue Sam held the position of Security Product and Delivery Manager for one of the UK’s leading retail banks where he led on several key programs and deliveries in the Chief Security Office.
He successfully delivered against key milestones to enable the utilisation of cloud security products with Microsoft Azure and other offerings. In addition to Sam’s previous experience in the financial sector, Sam has worked with numerous financial institutions on the implementation of Operational Resilience Regulatory Requirements and supported the facilitation of several crisis management exercises with international insurance providers and financial institutions.
Delivery of a Cyber Recovery Vault to meet a key US Federal Government mandate milestone of giving an enterprise level Organisation a completely isolated secure recovery solution in the event of a critical outbreak of malware.
Successful delivery of Microsoft Defender For Endpoint in an enterprise level organisation.
Delivery of numerous cyber crisis management exercises with clients in the insurance and financial sectors across Europe, Southeast Asia and Australasia.
Coordination of disaster recovery scenarios and scenario tests for multiple different environments and business units across enterprise level organisations, identifying and supporting improvements in recovery capabilities and processes.
Delivery of key milestones and currently leading on key workstreams to implement Operational Resilience Regulatory Requirements for multiple UK leading retail banks within their change management lifecycles.
Nicholas draws on his background in academic research to lead delivery of precise, carefully constructed and diligently researched analysis to suit client needs. He has been heavily involved in delivering Operational Resilience programmes for major UK financial institutions.
Nicholas is responsible for Beyond Blue’s in-house tool for generating attack path models based on dependencies between elements of Mitre’s widely used ATT&CK framework. He is also the editor and primary author of Beyond Blue’s newsletters and longer-form thought pieces. Prior to entering the world of consulting, Nicholas completed his fully-funded PhD in Philosophy at University College London.
Nicholas led the development of a new initiative connecting Kant scholars across various London universities and the universities of Oxford and Cambridge through conferences and workshops.
Nicholas excelled as a Graduate Teaching Assistant for the philosophy departments at UCL and Kings College London over a 4-year period and was awarded the KCL Graduate Teaching award in 2020.
Experience with high-profile clients across the public sector and financial services.
Detailed understanding of UK financial services regulations, with a specific focus on scenario-based risk analysis and Operational Resilience.
Developed Beyond Blue’s tool for generating attack path models from Mitre’s ATT&CK framework.
Leah goes beyond surface-level insights, offering a deep understanding of threat groups by exploring motivations, target sectors, and geographical focus. This nuanced approach enables tailored defenses against specific threats.
In practical application, Leah’s expertise shines as she crafts intricate cyber scenarios. Developing a Linux environment and using Python scripts, she ensures precise control over exercises, enhancing participants’ response capabilities.
Her blend of technical proficiency and strategic acumen is evident in navigating complex attack paths, aligning seamlessly with industry frameworks like MITRE ATT&CK. Leah’s insights into threat actors’ software choices provide a dynamic and proactive perspective on cybersecurity challenges.
Excels in Open Source Intelligence (OSINT). Her comprehensive OSINT report is a result of extensive research and the utilization of a variety of tools.
Developed and configured a Linux environment, wrote python scripts that allowed users to send 80+ injects during a scenario exercising project. The scripts allowed the exercise to run smoothly while also maintaining full control over the injects.
Produced an in-depth Threat Intelligence Report that accurately detailed the attack paths, software, techniques and tactics that the selected threat actors would take.
She has crafted an array of sophisticated scenarios utilizing her proprietary internal scenario library. Combining creative ingenuity with technical expertise, she has developed a dynamic repository that authentically simulates complex cyber threats.
Successfully trained on Information Security Management Systems Auditor/Lead Auditor Training Course by BSI and during this process gained many skills that aid in achieving her career goals.
Formerly a senior psychiatric nurse with a first-class honours degree, Nicola recently transitioned over to cyber to follow her passion. Nicola brings a wealth of transferable skills such as risk and crisis management, decision making, and interpersonal skills.
Nicola has achieved industry-recognised certifications: Global Information Assurance Certification – Foundational Cyber Security Technologies (GFACT) and Security Essentials (GSEC) and two SANS training courses, as well as participation in skills development centralised around cyber security.
Delivered internal project ideas to Board and exec level for emotional intelligence and personal resilience awareness workshops within the cyber security industry to improve human responses to crisis.
Assisted with client work, supporting cyber exercising to assess impact, response and remediation activities.
Frequent encounters with elevated risk management scenarios, with additional time pressures requiring responsive action
Excellent communication and interpersonal skills, developing rapports with clients
Maintaining records to a high standard, ensuring data remains confidential and secure
Jennifer also worked as the Resilience Knowledge Coordinator for the Cabinet Office Emergency Planning College. Her comprehensive experience has allowed her to gain a depth of knowledge for crisis management exercising.
During her tenure in the port industry, Jennifer implemented a comprehensive business continuity management framework and management system for 13 sites throughout the UK. This initiative facilitated the attainment of ISO22301 accreditation for the entire corporate group.
Developed and delivered crisis management and business continuity training sessions nation-wide across a large organisation. Tailored these sessions to engage stakeholders at every organisational level, including the board of directors.
Amid the initial lockdowns in 2020, Jennifer spearheaded the implementation of a virtual exercise suite. This innovative technique was utilised to conduct business continuity exercises for the teams of a prominent insurance firm in the UK.
Prior experience at the Cabinet Office Emergency Planning College (EPC), where she provided support to the Civil Contingencies Secretariat. Her responsibilities were particularly focused on assisting with major exercises in for Government departments by acting as an observer and supporting the development of post-exercise reports. Along with this Jennifer also supported the EPC on their thought leadership program and created the Disaster Database, a free interactive tool for research purposes.
Represented a large organisation on the local resilience forum, strategic business continuity group and strategic emergency planning group.
Recently published in the ‘Bridge’ Magazine for an article on the importance of risk management for the port industry.
CIR Awards Shortlisted Newcomer of the Year
2nd Place in the Bill Blake Memorial Award and subsequently had her article published in the Alert Journal regarding ‘Lessons Identified becoming Lessons Learnt’
Rayhaan recently graduated at the top of his cohort with a 1:1 in Cybersecurity, an achievement marked by two awards for excellent performance on the Cybersecurity programme and the esteemed British Computer Society Professional Membership Prize for outstanding final year results.
Prior to joining Beyond Blue, Rayhaan excelled in a dual role during his one-year industrial placement at BAE Systems. Serving as an Operational Assurance Analyst and Security Operations Centre Analyst, Rayhaan honed his skills in protective monitoring and contributed to meaningful projects such as company-wide cybersecurity compliance assessments.
Planned and conducted compliance assessments of internal security controls and processes to identify improvement opportunities and provide recommendations to the relevant stakeholders.
Maintained cyber controls effectiveness by analysing reporting data to determine the effectiveness of security controls using established key performance indicators.
Lead meetings with remediation teams in areas such as hosting and networks to communicate cyber risks to key stakeholders and drive risk remediation.
Investigated security alerts daily using a dedicated SIEM and additional security tools to identify potential incidents, determine their severity and eliminate false positives.
Documented a range of security alert investigations such as malware, malicious emails and web proxy incidents.
Coordinated incident response by engaging with the relevant stakeholders to ensure complete remediation.
Researched cyber threat intelligence to conduct threat hunts by searching for known IOCs on the network and adding them to threat intel lookups.
Her most recent role was the strategic lead for the effective management of complaints across the local authority as well as the Health & Social Care Partnership. She also has prior experience as an office manager for a graphic design company as well as running her own outside catering business.
