Summary
Overview
Work history
Skills
Accomplishments
Certification
Affiliations
Timeline
Generic

Dariusz Synowiec

Llandudno,United Kingdom

Summary

With over 10 years of experience in information security and security engineering, I bring solid expertise in security governance frameworks and regulatory compliance. I apply this knowledge to support the design, planning, and execution of robust security programs aligned with business objectives. By working closely with stakeholders, I bridge the gap between technical requirements and business needs, using strong analytical skills and clear communication to ensure the organization understands, manages, and meets its security obligations.

My practical experience spans both strategic governance and hands-on cloud operations. I actively manage AWS security by responding to alerts from CNAPP tools, assessing cloud configurations, remediating vulnerabilities, and delivering compliance audits. I enjoy the balance of running structured governance programs while remaining involved in technical security engineering.

While I may not match every single requirement perfectly, I am a highly adaptable and quick learner who thrives when taking on new technical challenges. I am looking for a role that allows me to deliver immediate value while offering opportunities to further expand my skills.

Overview

16
16
years of professional experience
1
1
Certification

Work history

IT Security Officer

Trust Payments
Bangor, North Wales
2021.12 - 2026.06
  • Owned PCI DSS compliance function through implementation of security measures and flawless PCI Compliance delivery.
  • Collaborated with teams to secure PCI data and hosting environments effectively.
  • Monitored AWS environment using tools for vulnerability management, identity reviews and configuration assessment.
  • Implemented vulnerability programmes for workloads and CI/CD pipelines, ensuring compliance with security policies.
  • In collaboration with Developers and Platform teams increased cadence of patching reducing vulnerabilities by 90% in monolithic and microservices applications.
  • Conducted security checks and internal audits in line with PCI and CIS frameworks.
  • Performed internal segmentation and external security testing, communicating results to stakeholders working with them on resolution.
  • Contributed to Company Policy development.
  • Managing project of security tooling implementation
  • Developed junior security analysts, helping them set goals and gain knowledge.

Senior Technical Consultant

Advatek ICT Solutions
Wrexham, North Wales
2019.09 - 2021.12
  • Security Architecture & Design: Designed and delivered robust network security solutions utilizing Fortinet and Cisco portfolios across diverse sectors, including private enterprise, education, and Blue Light emergency services.
  • Technical Documentation: Developed comprehensive architecture and engineering documentation to streamline project execution, enhance stakeholder understanding, and maintain configuration standards.
  • Stakeholder & Scope Management: Collaborated with business and technical stakeholders to define project scope, clarify deliverables, and ensure technical designs directly aligned with organizational objectives.
  • Critical Infrastructure Delivery: Successfully executed complex firewall migrations on live, production networks, ensuring zero downtime and maintaining business continuity for high-availability environments.
  • Lifecycle Project Support: Partnered with project management teams from initiation through to final delivery, proactively resolving technical escalations to ensure milestones met quality and compliance standards.

Senior Security Consultant

Gaia Technologies
Bangor, North Wales
2016.10 - 2019.09
  • Public Sector Compliance Frameworks: Guided and supported public sector organizations in implementing the Cyber Essentials Plus compliance framework across all Welsh local governments.
  • ISO 27001 Audit Delivery: Assisted in the successful completion of the ISO 27001 audit for Gaia Technologies, ensuring all operational controls strictly aligned with established international standards.
  • Security Maturity Elevation: Contributed to the strategic enhancement of cybersecurity practices, risk posture, and governance frameworks within multiple public sector entities.

Managed Service 1st/2nd Line Support

Gaia Technologies
Bangor, North Wales
2010.07 - 2016.09
  • Infrastructure & Deployment Management: Managed the deployment of critical hardware and software assets, significantly enhancing operational efficiency and overall productivity.
  • Project Delivery & Reliability: Contributed to complex network and server project deliveries, directly improving core infrastructure reliability and resilience.
  • Strategic Analysis: Assessed organizational infrastructure and operational needs, identifying underperforming areas and delivering actionable recommendations to senior leadership.
  • Vendor & Partner Collaboration: Partnered with external IT service providers to integrate external services and support functions seamlessly, optimizing the end-user experience.

Skills

Security Governance, Risk & Compliance (GRC)

  • Security Frameworks: PCI DSS, CIS, CFS, OWASP Top 10, and OWASP SAMM
  • Policies & Governance: Development, implementation, and maintenance of information security policies and standards
  • Risk & Audit: Third-party and supplier risk management, internal and external security audits, and compliance assurance programs

Cloud Security, Engineering Application, Network Security

  • Cloud Platforms: Comprehensive AWS security management, with strong operational knowledge of Microsoft Azure and exposure to Google Workspace infrastructure
  • Cloud Platforms Security Tools: Working knowledge of GuardDuty, SecurityHub, Amazon Inspector
  • Cloud-Native Protection (CNAPP): Practical experience with enterprise platform security tools including Orca and Lacework
  • Systems Hardening: Infrastructure and endpoint hardening across Linux and Windows operating systems utilizing CIS Benchmarks
  • Vulnerability & Pipeline Security: Hands-on experience with vulnerability management, Software Bill of Materials (SBOM) analysis, and CI/CD pipeline scanning using tools like Trivy, Lacework agent, and Orca integration
  • Network & Identity Security: Implementation of Cloudflare Zero Trust Access, WARP, and DNS configuration
  • Security Operations (SecOps): Exposure to Azure Security Suite (Microsoft Defender, Microsoft Sentinel, and Intune), Sophos endpoint security, and Fortinet/Cisco network controls
  • Container Security: Foundational experience securing containerized workloads and Docker environments

Accomplishments

  • Delivered Multiple PCI Compliance Framework Projects: Enhanced the organization’s overall security posture by implementing tighter security controls and optimizing internal security processes.
  • Led PCI v4.0 Migration: Successfully managed the transition project to meet all new requirements of the latest regulatory framework on schedule.
  • Directed Enterprise CNAPP Implementation: Initiated and delivered a Cloud-Native Application Protection Platform (CNAPP) project, significantly improving vulnerability detection through continuous runtime monitoring, CI/CD pipeline policing, sensitive data discovery, and automated AWS compliance remediation.
  • Established Security Policies and Standards: Developed and implemented key organizational policies, including a Comprehensive Secure Software Development Policy, alongside the operational processes required to support full adoption.

Certification

  • CISSP #645250
  • AWS Solutions Architect Associate
  • AWS Security Specialty - In progress
  • DevSecOps Certified AI Security Professional
  • Multiple Cisco and Microsoft certifications

Affiliations

  • Swimming Coach in the local Development Club
  • Amateur runner

Timeline

IT Security Officer

Trust Payments
2021.12 - 2026.06

Senior Technical Consultant

Advatek ICT Solutions
2019.09 - 2021.12

Senior Security Consultant

Gaia Technologies
2016.10 - 2019.09

Managed Service 1st/2nd Line Support

Gaia Technologies
2010.07 - 2016.09
Dariusz Synowiec