Cloud Controls Framework Implementation (CCFI) - Lead:
- Overall accountability for the test, transformation & readiness of the Group’s Public Cloud Platform Controls to host material workloads on multiple providers (i.e. Google, Microsoft Azure).
- Role involved the successful delivery of £1m Cloud Readiness Assurance Program covering key Cloud Controls (that would support material workloads). This was performed by managing a team of 20 (LBG & Supplier) staff that completed control effectiveness testing, daily MI , and SLT reporting at divisional committees.
- Gained understanding of key Cloud concepts - Data Dispersion, Guard-Rails, CI/CD, Immutable, Federated Identity Mgmt., CASB etc.
- Design Effectiveness assessments – Lead: Completed workshops with supplier team & engineers to ensure Design Effectiveness assessments on new Public Cloud Platform controls complied with Risk Mgmt. standards.
- Cloud Controls Framework development: Led the Cloud Engineering team to develop controls in alignment with the CSA Cloud Controls Matrix and Group Risk Management framework to ensure controls are auditable.
Head of QA, Methodology & Framework (QM&F) team:
- Supported the automation of manual controls to enable data driven assurance.
- Developed a new testing approach tailored for legal entities such as Corporate Bank, Insurance & Wealth – to support their risk posture.
- Lead a 7-member QA team to ensure first line testing outcomes comply with Group Testing Methodology.