| |
Allen, Paul
Actica Consulting Ltd |
Over 10 years information security consultancy experience, 5 as CLAS:
Understands business context
IA governance
Security strategy/ architecture
Accreditation planning for complex systems
Security requirements
Procurement support
Privacy Impact Assessments
SPF, IAMM, ISO27001, GSI/CJX
Mobile technology, PKI, identity/access management
Available via Buying Solutions |
|
| |
Arnold, John
Capgemini UK plc |
John Arnold is an experienced CLAS consultant with over 18 years in the security field. He specializes in architecting secure solutions - that is , in agreeing requirements with stakeholders and then leading the design, implementation and assurance work. He finds that having an understanding of the later phases of the lifecycle gives the best chance of defining feasible requirements early on. He has worked over the full range of assurance levels and protective markings. |
|
| |
Barker, James
Intelligent Consulting Services Ltd |
Dr Jim Barker is a CLAS Consultant with many years of experience working on Government systems.Jim has a detailed Knowledge of HMG security policy,gained working for Central Government,Mod and other Public Sector clients. Jim's broad experience spans IA, business change, policy development & review and options assessment. |
|
| |
|
|
| |
Birtles, Bob
Logica UK Ltd |
Over 25 years experience in a variety of computing disciplines. Bob now specialises in Information Security. His IT career has encompassed product management, consultancy, presentation and lecturing, technical training, operating system development, sales and marketing support, team management and the development of standards & policies for IT security. |
|
| |
Boyns, Richard
Heimdall Consulting Limited |
Richard Boyns has been working within the HMG Information Assurance arena since 1996. Starting as a trainee evaluator he quickly gained Qualified Evaluator status under the UK ITSEC Scheme. In October 2000 Richard joined CLAS, splitting his time between IA consultancy (e.g. Airwave) and evaluation related work (e.g. DFTS). |
|
| |
|
|
| |
Bridges, Lloyd
Adviza Consultants Ltd |
Lloyd has 21 years IT industry experience, 9 working in Information Assurance providing Penetration Testing, Risk Assessments, RMADS production plus assisting HMG departments and organisations comply with HMG Infosec Standards.
Lloyd is a Certified Systems Security Professional (CISSP), ITPC Government Practitioner and Associate of the Institute of Information Security Professionals. |
|
| |
Bright, Paul
Siemens Enterprise Communications Ltd |
Paul is a Principal Consultant with over 20 years experience within military intelligence and security and in the provision of risk analysis, business risk management solutions, Information Technology security advice and managing teams of security experts |
|
| |
|
|
| |
|
|
| |
Carr, John
Capgemini UK plc |
John has been with CLAS since the pilot and has deep and broad experience in the Infosec arena. He continues to provide advice and support to many HMG organisations. Areas of particular skills include risk management to HMG infosec standards, information assurance advice and programme level advisory and consulting services. |
|
| |
Clarke, Harry
Metrosky Limited |
Informatiom Security Professional with over 32 years IT experience. Extensive technical experience, including solutions architecture, security architecture, enterprise architecture. /li>VoIP, PKI, patch management HMG Policies, Standards, GSI/xGSI CoCo, PCI DSS, IS027001 RMADS Eur Ing, MSc, CEng, MBCS, CITP, CISSP, ITPC, M. Inst. ISP, Senior member IEEE. |
|
| |
Cole, Ian
Capgemini UK PLC |
Ian has over 12 years information security experience in both private and public sector organisations. His specialist areas include:
IS027001 implementation and compliance audits
Risk analysis and management
IDS design and implementation
IA policy development Qualifications: MSc IT Security, CISSP, CISA, BS7799 Lead Auditor, Prince 2. |
|
| |
|
|
| |
Coxe, Stewart
Logica UK Ltd |
25 years British Army (Systems Analyst and Security Advisor), 12 years IBM (employed as CLEF Manager, qualified Evaluator and IT Security Consultant); joined LogicaCMG September 2005 as Senior IT Security Consultant. Engaged on projects and bids for various government departments, mostly MOD. Produced SSPs, ADSs, Security Architecture documentation and SyOPs. Member of BCS. |
|
| |
Criddle, Stuart
NGS Software Ltd |
Stuart has extensive experience in delivering technically focussed information security services to the Police, Government, Military and Defence Contractors. Stuart is also a CHECK Team Leader and a CREST Certified Tester as well as a key member of the NGS CTAS team. Services include: Risk assessment/managementTechnical Architecture Designs and ReviewsCTAS Project ManagementPenetration TestingIS1, IS2 (RMADS)
ISO 27001/17799 Security policies/proceduresPhysical Security ReviewsPCI DSS Qualifications: MEng Information EngineeringITPC CertificatedISO 27001 Lead Auditor PCI DSS QSACheck Team Leader (since 2001) CREST Certified Tester |
|
| |
|
|
| |
Edwards, Mark
InfoSec Solutions Ltd |
Mark has 20+ years of experience advising on Information Security issues in the Government, Military (ex-RAF Police) and Commercial arenas. Specialist areas of expertise include: ISO 17799/ISO 27001 (BSI Lead Auditor)RMADS Development (IS2 and DIAN07/08)Information Security Policy Development Physical SecuritySecurity Awareness TrainingMark's services can be procured via Catalyst and DCSA |
|
| |
Elmellas, Jamal
Solunet |
Holistic Information Security Services, covering the following disciplines: Full RMADS life cycle management Risk assessment and management Technical Security Infrastructure design IS1, IS2, Infosec guidance IS027001 ISMS development/ auditing Existing security system analysis MoPS guidance Corporate wide information assurance management Syops development and guidance Qualifications: CISSP, IS027001 Lead Auditor, CCNP, CCSE, CCSA |
|
| |
Everett, Dr David
Microexpert Ltd |
An enthusiastic smartcard and cryptographic security architect with over 20 years experience in the government, financial and telecommunications areas covering: Smart cards, operating systems and applications eID and Citizen smartcards 2-F Authentication Cryptographic Tokens PKI architectures and implementations Tamper Resistant Modules and SAMs Biometric technologies Microcontrollers and embedded systems. |
|
| |
|
|
| |
Frith, David
Fujitsu Services |
David has 15 years security experience including: Risk Assessments and MPS Reviews and audits Security policies/procedures/guidelines IS0 27001 RMADS production and Infosec standards/guidelines GSi CoCo Experience includes providing strategic advice, selecting controls and systems integration experience including network security, remote access, VPN's etc... |
|
| |
Getliffe, Martin
Capgemini UK PLC |
Martin is an Information Security professional with 20+ years security experience in MoD, hmg, Local Government and Commercial sectors. Martin has broad security experience from cryptography to security policy development and within this has recent specialist experience of RMADS (IS1 & IS2), Federated Identity, SAML, PKI, IDS and Auditing. Martin is certified as an ISO27001 Lead Auditor. |
|
| |
|
|
| |
Hanvey, Mark
Adviza Consultants Ltd |
Skilled in leadership & transformation of security functions and comfortable liaising at all levels. Consistent and successful delivery of large, complex programmes. Security experience across a wide range of industry sectors. Worked with Departments including Downing Street,Cabinet Office,CESG,SOCA,MOD,DCSF,RAF on major complex, high-profile projects. Significant experience of BC and Risk Management. |
|
| |
|
|
| |
Haws, David
Actica Consulting Ltd |
Highly experienced Information Assurance consultant, member of CLAS since 1999 Experience includes: Development of HMG IA Policy and Good Practice GuildanceRequirements specificationRisk assessment and analysisRMADS review/ developmentsecurity Architecture review/developmentSecurity reviews/audits (e.g against SPF, ISO2700X)Has worked extensively for Government departments,Agencies, Defence and law enforcement organisations |
|
| |
|
|
| |
|
|
| |
|
|
| |
|
|
| |
|
|
| |
Keighley, Richard
Deloitte LLP |
Richard has over 20 years experience of leading and delivering complex CLAS assignments and has been responsible for operational security and accreditation activities across large IT delivery programmes. His particular strengths are in Departmental security strategy and risk management, IS27001 compliance/certification and security governance & operations. He is PRINCE2 qualified. |
|
| |
Kell, Neil
e-Volve Business Consultancy Ltd |
Neil Kell is a principal consultant with over 10 years experience. He is an experienced CRAMM practitioner and BS7799 Lead Auditor. Neil is also a certified PRINCE 2 practitioner. He specialises in designing and implementing BS7799 strategies, risk assessment techniques and has worked in both the public and private sectors. |
|
| |
|
|
| |
Lee, Janet
BT |
Janet is a consultant with over 12 years experience of information assurance, primarily on large government programmes. Janet specialises in the production of accreditation documentation, including performing risk assessments and producing security policies. She has managed a number of programmes to accreditation, working with accreditors and security working groups to achieve this. |
|
| |
Lewis, Christine
Logica UK Ltd |
Nine years experience in the review of all aspects of IT including Information Security. Has CISSP, CISA and ISO 27001 Lead Auditor qualifications. |
|
| |
Lobo, Colin
Atos Origin |
CESG approved as best qualified for assisting HMG/CNI with developing Manual V solutions. Over 15 years experience in both public and private sector. Specialising in secure architectures, designs and implementations. This includes perimeter, content, application, operating systems and authentication security. Have also undertaken numerous IT Heath Check |
|
| |
MacNaghten, Malcolm
Logica UK Ltd |
I have some fifteen years experience of IT security, with the majority of that time spent on government contracts. My experience includes BS7799, Common Criteria, ITSEC and CESG Memos related work for all types of government departments. I also have provided security architecture expertise on many occasions. |
|
| |
Martinez, John
Capgemini UK Plc |
John spent 11 years with the National Security Authority. He has proven experience in implementing HMG's IA-relevant policy pragmatically. John specialises in managing large, complex accreditation programmes. He delivered pan-government accreditation for the GSi and Managed Telecommunications Services (Mts) and helps departments address the Data Handling Review's Mandatory Minimum Measures. |
|
| |
|
|
| |
|
|
| |
Merrifield, Richard
Rubicon IA Solutions Ltd |
Richard Merrifield is an IT consultant with 35 years experience including 20 years in security and information assurance. Richard has extensive knowledge of Government and Military security standards, architectures, networks and risk management. His experienece includes Government, MoD and Military systems. Richard has a technical background in electronics and communications systems. |
|
| |
Morrison, Paul
Siemens Enterprise Communications Ltd |
Paul has been working in IT Security for over 7 years and has been responsible for planning, performing and reporting on a large number of Ethical Hacking and Independent Vulnerability Testing assignments, including a major vulnerability test programmes, network testing and perform application testing and reviews of web based applications. Paul is also a CESG qualified evaluator and has project managed numerous ITSEC evaluations within a CLEF environment. |
|
| |
Myers, Chris
Lockheed Martin UK Integrated Systems |
A CLAS (ITPC) consultant (formerly certified UK ITSEC and Common Criteria Evaluator) with a proven track record of IA delivery. Experienced in all aspects of the project life-cycle and information assurance consultancy (at all levels) who has represented his organisation on security forums and at international events. Primarily a defence COMPUSEC (as defined by JSP440) Engineer dealing with architecture design and development, documentation production, and assurance management of policy, procedure, personnel and technical solutions for products/systems. Currently employed by Lockheed Martin UK and member of IISP. |
|
| |
|
|
| |
Orchard, Tim
Activity Information Management Ltd |
ITPC Certified, technical consultant with 10+ years experience including:Secure System DesignManual T and V Protective Monitoring, IDS system design and implementation (Memo22)RMADS ProductionRisk Assessment (IS1, CRAMM)Corporate Compliance (gap analysis, compliance/certification against ISO27001 and BS25999) Tim has significant experience in the strategy, design and execution of all types of Penetration Testing services. |
|
| |
Page, Andrew
Northgate Information Solutions Ltd |
I have over 12 years InfoSec experience covering Physical, Personnel, Documentary and IT. Throughout this time I have gained extensive experience of JSP440, MPS, QinetiQ DBSy and have passed the BS7799 Lead Auditors course. Practical experience of the HMG accreditation process including risk assessment, secure architecture design and ADS preparation. |
|
| |
Pay, Christopher
Digital Consultancy Services Ltd |
Christopher John Pay is a senior consultant with over 20 years of experience in public and private sectors. Specialising in InfoSec strategy, risk, supplier and security management. Strengths include accreditation, technical skills, contract management, policy and document writing, and people management. Practiced in HMG Policy, ISO/IEC 27002:2005 (BS7799) and ITIL. |
|
| |
Preston, Andy
Mentis Management Consultants Ltd |
CLAS since 2000, ICT experience over 20 years across:Central and Local Government NHSLaw Enforcement (Police,Prison,& Probation services)EducationNuclear Engineering Services Skilled in risk management, accreditation, RMADS production, testing specification and review, business and privacy impact assessment, compliance and systems audit. Prince project manager practitioner, procurement, IA and ICT governance experience. BSc,A.Inst.ISP (ITPC),MBCS,CITP. |
|
| |
|
|
| |
Quintin-Baxendale, Alexander
Logica |
As a systems architect, specialising in the field of application security, Dr Baxendale has over 8 years experience providing support to large-scale development projects covering all aspects of the development life cycle and has historically worked closely with CESG, MoD and a wide range of systems integrators and accreditors. Dr Baxendale is CISSP certified. |
|
| |
Schofield, Tim
Atos Consulting |
Tim's involvement with computer security started in 1986, after 10 years as an analyst/programmer. He has experience of the implementation of secure systems to meet Government standards, and has recently been involved in security design and review of large distributed systems for both Government and commercial clients. |
|
| |
Seaman, Toby
Lateral Thought Ltd |
Toby Seaman is an IT consultant with 20 years experience including 10 years in security and information assurance. Toby has extensive knowledge of Government and Military security standards, architectures, networks and risk management. His experience includes Government, Law Enforcement and Military systems. Recent work includes PKI and Network Crypto implementations and RMADS production. |
|
| |
Shah, Rishi
SAI IT Consulting Ltd |
Rishi has over 8 years in depth experience in Information Assurance. Working as an Infrastructure and Security Architect, he specialises in designing solutions and entire systems that are secure, especially in the higher end of the Protective Marking. He takes keen interest in Networking, Penetration Testing, VoIP, PKI, RBAC, IPS. |
|
| |
|
|
| |
|
|
| |
|
|
| |
|
|
| |
Thirlaway, Ray
Steria Limited |
An Information Security professional (ITPC, CISSP Certified); with 10+ years experience primarily within HMG, Police and HMPS. Practised in working with Projects, Security Groups, Accreditors. Well versed in Accreditation Management; production of Accreditation documentation,Security Policy, GSI Accreditation, Bid submission, Risk Analysis. Skilled in the application of Infosec Standards, CESG Memoranda. |
|
| |
|
|
| |
|
|
| |
|
|
| |
|
|
| |
|
|
| |
|
|
| |
Waters, Alec
Dataline Software Ltd |
Specialises in Incident Detection and the design, implementation and operation of "defensible" networks. Has practical experience of InfoSec Manuals V and Y, and has worked with defence and healthcare clients. |
|
| |
|
|
| |
|
|
| |
Wilson, Piers
Adviza Consultants Ltd |
Piers' areas of expertise are Information and IT security and Government Information Assurance at business and strategic levels as well as the translation of this into technical, security review, audit and vulnerability testing work. |
|
| |
|
|
| |
|
|
| |
|
|
