Kamil Erkadoo
Aldershot,Hampshire
Summary
A highly capable and versatile SC Cleared Security Professional with extensive experience in infrastructure and working with clients across public, private, and Government Critical National Infrastructure (CNI) sectors. Demonstrates a strong understanding of security processes, compliance, governance, and penetration testing practices. Notable achievements include certified information systems auditor credentials and expertise in cybersecurity leadership, cloud security proficiency, and security architecture designing. Adept at regulatory compliance, IT project lifecycle comprehension, strategic planning, attention to detail, stakeholder engagement, and overall cybersecurity. Committed to delivering scalable solutions with a focus on future growth while maintaining high standards of confidentiality and ethics in sensitive programmes and projects.
Seasoned professional with focus on security management and risk mitigation. Proven ability to implement robust security strategies and enhance organisational safety through proactive measures and advanced surveillance techniques. Adept at leading security teams and managing crisis situations to ensure secure environment.
Overview
12
12
years of professional experience
3
3
years of post-secondary education
1
1
Certification
Work History
Head of Security and Operations
UKHO
Taunton, Somerset
08.2024 - 03.2025
- Company Overview: As an executive agency of the Ministry of Defence, ensuring the safety and security of our waters is a vital part of what they do
- The Royal Navy and all UK defence vessels – from ships to submarines – currently rely on UKHO products and services for safe navigation
- Managed a team of security resources, from security principles, analysts to consultants
- Managed alerts from and working with external SOC provider for improved outcomes
- Used and maintained MDR, XDR, AV, Endpoint, Web, Proxy and other tools
- Converted findings into actions, tracking resolutions
- Worked with all other areas of Information Security and Digital including Vulnerability and Threat Management
- As an executive agency of the Ministry of Defence, ensuring the safety and security of our waters is a vital part of what they do
- The Royal Navy and all UK defence vessels – from ships to submarines – currently rely on UKHO products and services for safe navigation
Head of Cybersecurity
Livestock Information Ltd
04.2024 - 07.2024
- Company Overview: Livestock Information Ltd is owned by the Department of Environment, Food and Rural Affair (Defra) and the Agriculture and Horticulture Development Board (AHDB)
- The company was established in 2019, with the aim of building new products and services using modern digital techniques to improve the quality if livestock movement data
- The organisation IT platform and services reside within Microsoft Azure
- Livestock develops secure code in a PaaS environment working with key partners Capgemini and TCS (TATA Group)
- Livestock Information Ltd is owned by the Department of Environment, Food and Rural Affair (Defra) and the Agriculture and Horticulture Development Board (AHDB)
- The company was established in 2019, with the aim of building new products and services using modern digital techniques to improve the quality if livestock movement data
- The organisation IT platform and services reside within Microsoft Azure
- Livestock develops secure code in a PaaS environment working with key partners Capgemini and TCS (TATA Group)
Lead Security Assurance Specialist
Department for Education
12.2023 - 04.2024
- Company Overview: Department for Education is UK’s largest government department
- DfE requested that a residual risk assessment be carried out
- The new target platform is known as (EOD) ESFA online documentation service
- Its aim is to replace existing hard copy manual / documentation with a modern content delivery system
- The content is entered into contentless CMS and stored in a content database
- It is a platform that has been previously known to be difficult to navigate, and users felt they were unable to find information
- Department for Education is UK’s largest government department
Lead Security SAC
MOD
05.2023 - 12.2023
- Protector RG Mk 1 (MQ-9B) is the successor to Reaper (MQ-9A) and is the next generation of remotely piloted medium-altitude, long endurance (MALE) aircraft
- Protector will be deployed in wide-ranging armed Intelligence, Surveillance, Targeting and Reconnaissance (ISTAR) operations where its ability to fly consistently for up to 40 hours will offer the RAF a vastly improved armed ISTAR capability
- Kamil as the Lead Security Assurance Coordinator was responsible for maintaining and improving all aspects of system security capability and compliance while also delivering continuous system and service accreditation
- The role meant working closely with the US Military and their partners GA (General Atomics), helping to provide a Security Case, adopting UK MOD SbD (Secure by Design), which adopts industry recognised steps in terms of Risk Management, NIST and CIS control sets for a platform classified at UK SECRET
Director Technical Security
Research Innovations
10.2022 - 03.2023
- Company Overview: Kamil’s role was to help set up a new division in the UK for Research Innovations (RI) providing services to MOD
- A Cyber Essentials security review had previously been conducted by IASME and uncovered several issues, including patching, risk management and non-adoption of industry good practice
- As the technical security director, he worked with MOD CyDR (Accreditation) to provide assurance that key controls would be in place
- He helped to setup a baseline of working groups, from a monthly SWG (Security Working Group), ARB (Architecture Review Board), to kick-starting a gap analysis against the NIST framework, in order to measure RI’s level of maturity
- Kamil’s role was to help set up a new division in the UK for Research Innovations (RI) providing services to MOD
Lead Security Advisor for UKRI
UK Research and Innovation
02.2022 - 08.2022
- Kamil helped to set up UKRI’s new CSDF (Cybersecurity Development Framework) for UK Research and Innovation (UKRI)
- The organisation had recently been consolidated from multiple councils into one, and there had been several concerns in meeting various government standards and frameworks
- UKRI had a number of issues around RBAC and general access control
- The task was to look at Zero Trust and adopt to help implement a PIM solution
- We reviewed and configured the Azure AD Privileged Identity Management (PIM) and privileged access control
- I had to ensure UKRI were only granting the access users need, limit number of subscription owners, limit privileged admin role assignments, and use MS Entra PIM
Head of Data and Risk
Adobe Plc
01.2021 - 11.2021
- Kamil was part of the EMEA Cybersecurity Support Team, providing advice and guidance to key customers and partners for Adobe Plc
- Kamil was tasked to review the DORA regulation, whilst interfacing with various financial institutes, covering various reviews around TPRM (Third Party Risk Management), Incident Response relating to Incidents reported
- Supported the Red Team exercises to understand the Threat Landscape
- Kamil supported customers that were looking to adopt the new Enterprise Storage Model – ESM as the lead responding to urgent concerns relating to general security issues (i.e.: published vulnerabilities, and also security incidents including data breaches
Chief Information Security Officer (CISO)
Nuclear (RWM)
06.2020 - 12.2020
- Kamil supported the Head of Cyber Risk as a Subject Matter Expert (SME) in Cyber Security risk for the delivery of risk specific elements of the CS&IA plan
- The Senior Information Risk Adviser (SIRA) was an autonomous risk role to support the Head of Cyber Risk with understanding the technology risks and propose mitigations to assist in establishing and maintaining an enduring cyber security and information assurance posture
- Kamil’s primary function was to conduct formal risk assessments on Sellafield Ltd’s and the suppliers’ cloud environments and to assist in developing a “secure by design” approach for the delivery of such environments that supported the business needs whilst satisfying Sellafield Ltd and ONR/ICO
- Collaborated with stakeholders to ensure compliance with regulatory requirements related OT security in CNI
- In addition ran and conducted gap analysis audit against IEC 62433
Chief Information Security Officer (CISO)
Survitec Group Plc
01.2020 - 06.2020
- Company Overview: Survitec Group is an organisation that protects lives in the air, on land and at sea, through the design, manufacture, and servicing of survival technology
- Survitec has a global community of 3,000 staff
- Kamil held the Chief Information Security Officer (CISO) role at Survitec Group
- The organisation had grown recently through mergers and acquisitions and there had been very little maturity around cybersecurity
- Kamil’s role was predominantly remote, hence the title vCISO
- Survitec needed to win further MOD contracts via BAE systems and was required adopt NIST CSF
- Kamil led improvements across various pillars including CMDB improvements (Identify - ID), patch management Protect - PR), adopting an effective patch management process to address CVS scoring outputs and remedial activities
- To effectively capture and analyse of security incidents (Detect - DE), log analysis to ensure effective event triage and escalations (Respond - RS), to BCP/DR formulation, approval and testing (Recover - RC)
- Survitec Group is an organisation that protects lives in the air, on land and at sea, through the design, manufacture, and servicing of survival technology
- Survitec has a global community of 3,000 staff
Head Security Advisor
DBS (Home Office)
06.2019 - 12.2019
- Kamil role’s was to review and provide assurance around various workstreams that DBS were engaged with, partnering with CGI, ATOS, IBM, Vodafone and QinetiQ
- One of Kaml’s key deliverables was to on-board a new SIEM tooling platform, defining clear DBS requirements and providing assurance that the tool integrated effectively with infrastructure, network and application layer components
- One of the key deliverables was reviewing the approach to onboarding and working with MOD’s Third Party and Supply Chain
- Their approach to the SAF (Supplier Assessment Framework) and outdated SAQ (Supplier Assessment Questionnaire) needed to be supported further, by risk assessing the findings and using such platforms CRQ and NCSC’s Risk Ledger
ITSO Accreditation Advisor
MOD Whitehall
01.2019 - 06.2019
- Kamil was the MOD’s Security Accreditation Advisor
- He established lines of communication right from the start of each project, defined and agreed Terms of Reference (ToRs), and chaired a Security Working Group (SWG)
- Key tasks included: Frameworks and Standards for MOD: As part of his role as ITSO on the CRP Programme, Kamil had to interact with the MOD’s DSO and provide levels of assurance relating to products and services aligning security good practice, specifically the Security Manual JSP440
- He worked on various workstreams to ensure JSP440 was factored in and referenced
Chief Information Security Office (CISO)
SSE Enterprise Telecoms
01.2018 - 06.2019
- Company Overview: SSE Enterprise Telecoms is one of the UK’s leading connectivity providers
- Kamil led on all aspects of cyber security, covering Governance, Risk and Compliance (GRC) for SSE Enterprise Telecoms
- SSE operated a 12,000+km private telecoms network and 15 data centres across the UK
- Kamil helped to build a team and support it as the organisation decoupled from SSE Plc
- Kamil helped to transition the way SSE Telecoms operated, adopting new Health & Safety, CRM, ERP and BSS/SS applications to maintaining access to legacy data
- He supported the migration to MS Azure for O365 and AD, AWS and also adopting SSO and MFA where applicable
- The key tasks were the continual support of telecoms in terms of maintaining and supporting its customers connected via the CNI (Critical National Infrastructure)
- Kamil attended a number of NCSC and DCMS meetings, which became more regular as SSE Telecoms had to meet the Telecommunications (Security) Bill that recently came into place
- Key areas that needed further understanding was continual assessment and management of third-party risks, supporting audits to maintain certifications such as ISO27001 and CE+
- SSE Enterprise Telecoms is one of the UK’s leading connectivity providers
Chief Information Security Officer (CISO)
Motorola - ESN
01.2017 - 01.2018
- Company Overview: The Emergency Service Network (ESN) is owned by the Home Office and will be an integrated 4G voice and broadband data services, serving over two-hundred thousand users across police, fire and emergency medical services will benefit from mission critical data that is both reliable and secure
- Kamil led on all aspects of cyber security, covering Governance, Risk and Compliance
- The ESN Program started in 2016, and had been plagued with numerous security issues, from incidents to non-conformance
- Motorola Solutions won the Lot 2 contract to deliver the core network which sits on the LTE EE network
- Kamil was the interim Director of Security and Operations, then as CISO, with a remit to look at the Project plan, incorporating an agile approach with numerous phases
- Kamil built a team to support these phases, from Security Architecture, Operational Security Management, Security Project Manager, and external suppliers
- Each one of the multiple drops have needed numerous artefacts to be written, assessments undertaken and defining a life-cycle framework for Accreditation
- The Emergency Service Network (ESN) is owned by the Home Office and will be an integrated 4G voice and broadband data services, serving over two-hundred thousand users across police, fire and emergency medical services will benefit from mission critical data that is both reliable and secure
Interim ISO/ Lead Assurance
Metropolitan Police Service
01.2013 - 01.2017
- Kamil conducted an audit for DWP, one of their trusted partners are Reed Specialist Recruitment, based on the work he delivered, their customer Met Police head hunted Kamil to assist them in London for projects within LCS (Language Cultural Services) and CC&F (Command and Control Futures)
- During his time there he had provided valuable work within LCS which had covered Initial Contact, MS CRM and Video Conferencing services
Education
HND Diploma - Computer Science
Computer Science
01.1988 - 05.1990
City and Guilds - undefined
Computer Studies
01.1987 - 01.1988
Skills
- Incident reporting and documentation
- Security and IT systems audit
- Vulnerability identification
- Cybersecurity leadership
- Cloud security proficiency
- Security architecture designing
- Regulatory compliance expertise
- IT project lifecycle comprehension
- Strategic planning
- Attention to Detail
- Stakeholder engagement
Certification
a. Certified Chief Information Security Officer (C-CISO)
b. Certificate in Information Security Management (CISM)
c. Certificate in Risk and Information System Control (CRISC)
d. Certified Information Systems Auditor (CISA)
e. Certified Cisco Network Associate ((CCNA))
f. ISO27001 Lead Auditor (ISMS LA)
g. Senior Cybersecurity Certified Professional (SCCP – NCSC - SIRA)
h. CompTIA Security +, Cloud Professional (CSCP)
i. CREST Certified Security Testing Professional (CSTP)
j. SABSA – Security Architecture
k. Cybersecurity Incident and Response (CSIRT – NCSC)
l. NIST Foundation (itSM)
m. CUI DCSA – US DoD Foundation Certificate
n. AWS Certified Cloud Practitioner
o. Azure Certified Cloud Fundamentals
Affiliations
- Martial Artist
- Keep Fit
- Sport cars and Bikes
Timeline
Head of Security and Operations
UKHO
08.2024 - 03.2025
Head of Cybersecurity
Livestock Information Ltd
04.2024 - 07.2024
Lead Security Assurance Specialist
Department for Education
12.2023 - 04.2024
Lead Security SAC
MOD
05.2023 - 12.2023
Director Technical Security
Research Innovations
10.2022 - 03.2023
Lead Security Advisor for UKRI
UK Research and Innovation
02.2022 - 08.2022
Head of Data and Risk
Adobe Plc
01.2021 - 11.2021
Chief Information Security Officer (CISO)
Nuclear (RWM)
06.2020 - 12.2020
Chief Information Security Officer (CISO)
Survitec Group Plc
01.2020 - 06.2020
Head Security Advisor
DBS (Home Office)
06.2019 - 12.2019
ITSO Accreditation Advisor
MOD Whitehall
01.2019 - 06.2019
Chief Information Security Office (CISO)
SSE Enterprise Telecoms
01.2018 - 06.2019
Chief Information Security Officer (CISO)
Motorola - ESN
01.2017 - 01.2018
Interim ISO/ Lead Assurance
Metropolitan Police Service
01.2013 - 01.2017
HND Diploma - Computer Science
Computer Science
01.1988 - 05.1990
City and Guilds - undefined
Computer Studies
01.1987 - 01.1988
Similar Profiles
Elizabeth ThomsonElizabeth Thomson
Study Advisor/Learning Development Tutor at UCA FarnhamStudy Advisor/Learning Development Tutor at UCA Farnham
Oliver WalkerOliver Walker
Front of house team member at The Duke of CambridgeFront of house team member at The Duke of Cambridge
YSABELLE BHATIAYSABELLE BHATIA
Support Worker at NorwoodSupport Worker at Norwood
Peter KapetanPeter Kapetan
Head of Security Operations at Mary Seat of Wisdom ParishHead of Security Operations at Mary Seat of Wisdom Parish
SALIHU ABDULMAJID SULEMANSALIHU ABDULMAJID SULEMAN
Head of Security Operations at (1) GHPHAHead of Security Operations at (1) GHPHA