FAISAL AZIZ

Cardiff

Summary

Cybersecurity Professional & Information Governance Specialist A highly analytical Post-Graduate in Cyber Security with a proven track record in balancing technical infrastructure management with robust Data Protection and Governance frameworks. Expert in navigating the UK GDPR, Data Protection Act 2018, and risk mitigation strategies. Recognised for strategic volunteer efforts in developing the digital sector and advocating for standardized data privacy. Adept at leading multi-disciplinary teams, managing complex Subject Access Requests (SARs), and delivering high-impact staff training to ensure a culture of "Privacy by Design."

Overview

years of professional experience

years of post-secondary education

Work history

Information Governance & Security Lead

SyncFusion labs Ltd

Bristol

2024.06 - Current

Act as the primary source of expertise on Information Governance, providing specialist advice to staff on complex legislation including UK GDPR and the Confidentiality Code of Practice.
Lead the development and delivery of Information Governance Improvement plans, ensuring all information assets are identified and risk-assessed.
Work proactively with Senior Information Risk Owners (SIRO) to ensure the information risk management structure meets business and data security requirements.
Tools Used: Microsoft Purview for Data Loss Prevention, GRC Risk Registers.
Achievement: Successfully overhauled the organizational data-sharing framework to achieve PCI-DSS v4.0 and GDPR compliance, reducing data breach risks by 35% through the implementation of Zero-Trust protocols

Cyber security engineer

AboveMax

2022.11 - 2024.03

Led the assessment and action planning for Information Governance incidents using Datix-style methodologies, ensuring final sign-off and root-cause analysis.
Conducted Data Protection Impact Assessments (DPIAs) for new system deployments, ensuring 'Privacy by Design' was embedded in all technical projects.
Achievement: Directed a comprehensive security audit of over 100 web applications, identifying and remediating critical vulnerabilities that protected the records of over 50,000 users.

Education

MSc - Cyber Security

University of the West of England (UWE)

2021.01 - 2023.03

BSCS - Computer Sciences

Hajvery University

Lahore

Skills

Compliance Frameworks: UK GDPR, Data Protection Act 2018, Caldicott Principles, Freedom of Information (FoI)
Governance Tools: DSP Toolkit (DSPT), Information Asset Register (IAR), Data Flow Mapping, DPIAs

Information Security & Ops: Datix (Incident Management), e-Redact / Adobe Pro (SAR Redaction), Microsoft Purview (DLP), Rio / SystmOne (Audit & Access Control)
Technical Security: Burp Suite, Nessus (Vulnerability Scanning), OWASP ZAP, SIEM Log Analysis, Zero-Trust Architecture

VOLUNTEER LEADERSHIP

Led the Tech-Bridge ,planned and delivered regular IG training sessions, both online and face-to-face, to over 500+ participants.,

Curriculum Development: Redesigned the data security curriculum for seven campuses, simplifying complex concepts for non-technical administrative and staff.

Key Achievement: Successfully transformed the digital literacy and security awareness of over 500+ students and staff through pro bono training initiatives.

Accomplishments

Recognition from P@sha (Pakistan Software Houses Association) for volunteer efforts to develop the digital sector.

Collaborated with industry leaders to advocate for standardized data privacy frameworks and digital policy alignment.
Contributed to strategic initiatives aimed at scaling the national tech ecosystem through enhanced regulatory compliance.

Skills Development Council (SDC) Certification of Excellence

Distinguished Professional Recognition: Formally recognized by the Skills Development Council for exceptional contributions to professional practice and data literacy.
Knowledge Transfer Leadership: Certified for excellence in translating complex technical cybersecurity concepts into accessible, actionable guidance for non-technical stakeholders and the wider community.

Exceptional Professional & Academic Endorsements

Senior University Faculty: Highly recommended by senior professors within the MSc Cyber Security and BSCS departments for demonstrating "distinguished analytical capabilities" and a "rigorous approach to data ethics."
Executive Leadership (First Data Link & Abovemax): Supported by strong recommendation letters from former Directors, highlighting a "deep commitment to organizational integrity" and "expert-level navigation of complex compliance landscapes."

Timeline