I build, turn around, and implement security functions inside high-pressure regulated environments — most recently as Global Head of Cyber Strategy & Planning at Munich Re.
Throughout my career, I have consistently been brought in by organisations when a security function needs to be built from scratch, pulled out of a regulatory finding or scaled to match the size of the business. This has been the case at a Big Four consultancy, an oil major, two global investment banks, a regulator-remediating insurer and, most recently, a reinsurance group comprising over 50 business units with an annual security budget of €45 million, reporting to the board.
After spending seven years at Munich Re, I am currently seeking the right senior cyber leadership role, either permanent or interim.
Global Head with responsibility for enterprise strategy, P&L ownership, and direct Board reporting across Munich Re's global organisation — built and led a 20+ FTE team, owned a €45m annual cyber budget, and established board-level KPI/KRI reporting across 50+ business units.
Held enterprise accountability for a Board-sanctioned €12m global cyber programme portfolio, directing technical delivery of security controls and maturity assessments across all business units, with direct Board reporting on performance.
Led a regulatory-driven network segmentation programme across ~4,000 applications a year, reducing lateral movement risk across the bank's global application estate.
Appointed to lead a time-critical controls remediation programme under direct ICO and internal audit scrutiny, closing 30 critical control gaps and achieving full ICO compliance within six months.
Directed strategy and delivery of a €20m global Privileged Access Management programme, including the bank's 2016 PAM strategy and target operating model.
Provided security architecture and investment roadmaps for a $15m programme protecting structured and unstructured sensitive data across BP's global estate.
Stabilised a distressed security programme for a global technology client, delivering the ISMS, policies, and target operating model alongside broader financial services advisory work.
Senior cyber strategy and risk consulting for financial services and critical infrastructure clients.
Security architecture, risk management frameworks, and programme delivery across complex, multi-jurisdictional enterprise engagements.