Career
💼 My Career Journey
While I’m a strong believer in concise, single-page CVs, this page gives a richer view into my career for those who want to dig deeper.
I’ve always treated my career like a self-driven graduate programme—deliberately choosing roles that let me explore new markets, leaders, technologies, and challenges. I usually move on when things get comfortable—because that’s when I know it’s time to grow again.
🏢 Seccl
Platform Investment Infrastructure | Part of Octopus Group 📍 Jan 2025 – Present 🔐 Security and Infrastructure Manager
I lead both the Security and Technology Operations teams, covering areas such as identity and access management, governance, AppSec, and security operations. I’m focused on reducing operational risk, improving secure developer experience, and maintaining strong audit and compliance postures. This role allows me to apply a balanced technical and people-first approach to protect customer assets while enabling agility.
🏢 LRQA
Global Assurance Provider | 140+ Countries 📍 Jun 2023 – Dec 2024
👨💻 Head of DevOps (Jan 2024 – Dec 2024)
I initiated and led a DevOps transformation, targeting the root cause of cyber risk: underdeveloped engineering practices. I aligned DevOps teams under a unified strategy, deployed modern CI/CD pipelines, and helped establish a secure-by-default Azure landing zone. This work created scalable foundations for engineering and resilience.
🛡️ Head of AppSec & Resiliency (Jun 2023 – Jan 2024)
Hired to assess AppSec maturity, I performed a BSIMM assessment across a fragmented tech estate and uncovered key gaps. I built a narrative for executive leadership that led to additional investment. Alongside this, I delivered a code signing platform, advised on third-party security, and initiated cultural change in security accountability.
🏦 ClearBank
Cloud-Native Clearing Bank | BaaS + Agency Banking 📍 Jan 2021 – Jun 2023
👥 Senior Engineering Manager (Oct 2022 – Jun 2023)
Led 3 teams delivering security services and internal products while maintaining high developer engagement. Partnered with stakeholders to build case studies from security incidents and managed a smooth team transition. I prioritised scaling leadership and ensuring the team remained high-performing after my exit.
🧩 Engineering Manager (May 2022 – Oct 2022)
Scaled the team to 7, built a security product roadmap, and embedded secure development practices across business units. Delivered a major Snyk flaw remediation initiative and successfully rolled out a learning programme with over 80% voluntary adoption. I balanced strategic direction and tactical delivery, enabling infrastructure-as-code security at scale.
📈 Team Leader (Jun 2021 – May 2022)
Formed the security engineering function by securing funding and building the team. Delivered an effective first-year roadmap covering SAST, SCA, threat modelling, and standing access reduction. I focused on building strong internal comms and stakeholder trust to support security as a service model.
🔍 Senior Security Engineer (Jan 2021 – Jun 2021)
Scoped and built out the security tooling strategy from scratch, writing the first operating model for security engineering. Delivered internal DevSecOps platforms and helped lay the groundwork for the team’s growth. My work formed the foundation of ClearBank’s DevSecOps transformation.
🛡️ Veracode
Gartner Leader in Application Security Testing 📍 Feb 2020 – Jan 2021 🔐 Senior Application Security Consultant
I worked with major financial institutions, helping them remediate critical security issues in high-pressure environments. Delivered security architecture consultancy and supported vulnerability triage and developer coaching. I also built and published open-source tooling to improve platform adoption, contributing back to the Veracode ecosystem.
👟 Clarks
International Footwear Retailer 📍 Nov 2019 – Feb 2020 🛡️ Application Security Engineer
Built the application security programme from the ground up across 60 engineers and a multi-million-pound eCommerce platform. Rolled out SAST, SCA, and DAST tooling, created educational paths, and embedded security into agile ceremonies. I helped bridge the gap between engineering and security, fostering shared responsibility.
🌊 UK Hydrographic Office
MOD Trading Arm | Maritime Navigation Data 📍 Sep 2017 – Nov 2019
🧠 Lead Software Engineer (Aug 2018 – Nov 2019)
Led two delivery teams focused on GIS tooling and marine data pipelines. Played a cross-functional security lead role, coaching teams, introducing threat modelling, and chairing a champions initiative. This was my first real security leadership role, and where I began formalising a security engineering approach.
💻 Senior Software Engineer (Sep 2017 – Aug 2018)
Delivered production-grade GIS applications in Python and JavaScript, supporting Royal Navy operations. I contributed both to engineering and as an informal security advisor, helping shape future maturity initiatives.
🖨️ Xeretec
Managed Print Services & BI Solutions 📍 Aug 2016 – Sep 2017 💡 Senior Software Engineer
Built the company’s first software development team and took a BI product to market. Created internal apps for fleet management across 12,000+ printers. This role taught me how to bootstrap capability, wear many hats, and ship product in a lean setting.
⚓ Marine Technical Limits (MTL)
Asset Integrity & Offshore Repair Services 📍 Feb 2015 – Aug 2016 🎮 Software Engineer
Built immersive VR training environments for offshore engineers using Unity3D and Oculus Rift. This was a niche but pivotal experience—where I explored safety, human factors, and engineering in high-risk domains. Learned how to communicate risk in an intuitive, visual way.