• Led CBEST, TIBER, iCAST, FEER and CTRA Threat Intelligence across financial services, banking, government, nuclear, heavy industry and military contracting.
• AI and LLM-based development with CSIS and SecAlliance Artificial Intelligence Working Group, advising European finance leadership and developing in-house AI tools for the Cyber Threat Intelligence problem space.
• OSINT technical reconnaissance and automation supporting Red Team engagements including MITRE ATT&CK TTP specification.
• Threat analysis and landscape projection for European National Central Banking Generic Threat Landscape industry reporting
• Senior Consultant advising UK Government transportation sector and policy
• Lead research and RFI delivery on the impact of AI and Large Language Models, Digital Twins and Autonomous Plant

• Led Threat Intelligence delivery as Senior Analyst for dozens of CBEST, TIBER and STAR engagements across industrial manufacturing, healthcare, financial services, multinational commercial and investment banking including two major international stock exchanges.
• Led development of successful TI products including Threat Intelligence-based assessment and protection of key executives.
• Published commercial Threat Intelligence research relevant to Maritime & Offshore and Financial Services sectors.
• Developed active & enhanced CTI reconnaissance analysis packages
• Integrated 'Red Team' techniques into Threat Intelligence workflow and output
• Performed competitive evaluation and integration of commercial TI sources
• Developed automated TI data analytics, reporting and enrichment tools
• Subject Matter Expert, scoping and debriefing to senior stakeholders

• Primary Critical Incident Handler for Oxford University
• Line management of University of Oxford CERT
• Oversight of security operations business function
• Senior Supplier for six-figure deliverables
• SME to law enforcement and senior stakeholders
• Threat actor profiling & briefing to C-level
• Tender elicitation, specification and delivery

• Frontline SOC & IR technical leadership
• Network vulnerability assessment & digital forensics
• Bespoke SIEM & NSM engineering in Elastic Stack

CIO Recognition Award for SIEM development

• Managing multi-site IT infrastructure

Researching sensitive and secretive groups, advanced image and video analysis, dark web and criminal underground investigations, criminal blockchain tracking, Operational Security (OPSEC), OSINT collection and analysis automation.

Threat intelligence team leadership, engagement management, knowledge in all areas of threat intelligence and proven experience in operational security, data collection / analysis and intelligence production.

EnCase  ▪  FTK Imager  ▪  SANS DFF  ▪ Volatility 
SOC Leadership   ▪   Incident Management 

Incident Response   ▪   SOC Operations   ▪   ISO-27K

Faculty Excellence Award 3rd year