Sean is an experienced information security, privacy, and technology-risk professional who helps clients effectively identify and manage risks posed by the ever-developing cybersecurity threat landscape. He has more than 12 years’ experience across the USA and Europe as a chief information security officer and security leader. Having worked in heavily regulated industries such as investment and retail banking, Sean is well versed in the development of security programs that not only are compliant with strict regulations but also align with and facilitate the achievement of core business objectives. Sean is an advocate of pragmatic, sensible solutions that enhance an organization’s security posture and maturity—without impeding business operations.
Sean has a Master of Science in information security from Royal Holloway, University of London, as well as a range of technical and managerial certifications in information security and privacy.
Key Engagements:
- Served as an Interim CISO for a major chemicals company, maturing their information security program with the delivery of a multi-stream program including:
- Security Operations Centre transformation to transition to a new vendor with comprehensive use case monitoring.
- Development of third-party risk management function to enable visibility and management of supply chain risks.
- BC/DR program overhaul ensuring all critical systems had defined and tested recovery plans aligned with business requirements.
- As chief information security officer of a major investment bank, led the design and implementation of a multiyear maturity improvement program.
- Achieved compliance with NYDFS500 through the delivery of a 2LoD control framework and repeatable processes, effectively remediating multiple MRAs.
- Delivered a comprehensive technology-risk management framework that was rolled out globally.
- Implemented a privacy program to facilitate compliance with regulations in the USA, Canada, and Latin America; the program delivered policies, data discovery, business process mapping, data classification, and processes to enable individuals to exercise their rights.
- Built a third-party risk function to provide visibility and management of supply chain information security, business continuity, and privacy risks.
- Served as head of security architecture, assurance, and consulting at a leading UK retail bank.
- Selected and implemented security technologies including SIEM, Risk Management, Data Inventory/DLP and Privacy Management.
- Delivered a comprehensive privacy program to facilitate General Data Protection Regulation compliance for 4 million customer records.