Junior Risk Managers / Consultants:

Our junior risk managers are fully qualified and experienced in Risk Management and ongoing process of identifying these business risks and implementing plans via ISO 27001/27701 standards, implementation processes to address them.

Our junior team of risk managers/consultants understand that risk is determined by considering the likelihood that known threats will exploit vulnerabilities and the impact they have on valuable assets and know the benefits of developing a risk based strategy in (businesses e.g. Financial Services/FinTech/CRM systems…) and assist firms plan for security
threats and challenges.

Our risk managers assist and advise in making decisions to mitigate risk and assists risk owners in decision making, developing an accountability framework that provides oversight to ensure that risks are adequately mitigated, while management ensures that controls are implemented to mitigate risks. Assisting management controls and assisting governance with security strategies that are consistent with regulations across jurisdictions.

BRIADEE THORNTON

Experienced and qualified in ISO risk management, practiced in working with fintech companies varying in size and maturity – leading up the overall ISO 27001/27701 gap analysis, planning and risk management implementation, through to certification.

EXPERIENCE
Risk Expert 10/2019– present

Providing subject matter expertise in ISO Risk Management; leading trainings and awareness presentations.
Provide subject matter expertise in ISO Risk Management for junior colleagues; lead trainings and awareness presentations.
Assisting project managers/functional management to identify, assess and document risks to the IT environment.
Analyisng control environment of vendors providing various services – outsourcing.
Participate in initiatives to improve Risk Assessment processes and tools across the company.
Participating in initiatives to improve Risk Assessment processes and tools across the company.
Analyising network infrastructure change requests and raising potential risk issues
Perform due diligence in working with vendors to evaluate outsourcing vendor controls related to the services provided.
Provide assistance with penetration exercises and review penetration test reports, in conjunction.
Provide assistance and guidance with phishing and malware incidents.
Create and review Operational Security Guidelines.
Provide a summary analysis to Procurement and the business areas seeking to leverage the vendor for services identified.
Provide Security Awareness Training.
Application Security Reviews using CRM tools in firms.

Certified ISO practitioner successfully completed the ISO 27001:2013 Advanced Risk and Implementation Certification against the International Standard, undertaking Lead Auditor Certification.

DAVID O’SULLIVAN

Highly self-motivated, with excellent verbal and written communication skills with the ability to facilitate meetings, and to communicate and collaborate with multiple teams, while supporting the successful implementation of development programmes. Possessing the knowledge and understanding necessary to support an organization to effectively plan, implement, manage, monitor, maintain and update an information security management system (ISMS) policies and procedures via the ISO 27001 process to minimise security risks as the highest priority. Having successfully completed the ISO 27001:2013 Advanced Risk and Implementation Certification against the International Standard.

Possessing the technical skills to conduct ongoing comprehensive analysis of cybersecurity vulnerabilities and other cybersecurity investigations and risks assessments found on networks and systems. Having experience working with vulnerability management tools, inventory management tools, with static and dynamic testing background. With experience in reviewing the testing results with stakeholders while assisting and advising risk owners in the decision making process, with the design and implementation of security solutions and an accountability framework which remains in compliance with applicable regulations including evolving data privacy regulations, while continuously enhancing information security approaches and methodologies at manager discretion to mitigate risks.

Accomplished finance professional with Honours BSc. in Financial Mathematics and Actuarial Science from University College Cork. With years of real-world experience in leading financial services role within multinational investment bank, with proven ability to achieve business goals in a highly pressurised environment. Possessing a strong technical background in IT and understanding of security configurations together with the ability to
understand complex details of IT based systems.