Mark Marcelin
Musselburgh,Scotland
Summary
Security Analyst with almost seven years experience across governance, risk and operations, currently focused on supply chain risk for complex environments. I have practical experience with NIST, ISO 27001 and DORA, alongside hands-on work in data protection, incident response, vulnerability management, threat intelligence and security awareness training. I bring a strong analytical approach and clear stakeholder communication skills to help embed safe, compliant and transparent use of technology in line with emerging regulations and industry standards.
Overview
31
31
years of professional experience
2010
2010
years of post-secondary education
1
1
Certification
Work history
Security Analyst
Origo Services
Edinburgh
01.2019 - 03.2026
- Own the third-party supplier risk lifecycle, maintaining and developing Origo’s Third-Party Cyber Risk Management Strategy.
- Work closely with technology teams and business units to identify, design and implement appropriate security controls for new solutions, products and operating models.
- Conduct cyber threat intelligence (CTI) analysis to identify, assess and mitigate emerging threats and adversary tactics.
- Lead vulnerability management activities, including scanning, analysis and remediation tracking, to improve the organisation’s security posture.
- Apply the NIST Cybersecurity Framework to assess and enhance security policies in line with industry best practice.
- Supported ISO 27001 implementation and ongoing compliance, driving continuous improvement of the Information Security Management System and maintaining strong audit readiness.
- Collaborate with cross-functional teams to develop and enforce security policies, incident response plans and risk management approaches.
- Support incident response (IR) activities, including investigation, containment, eradication and recovery of cyber incidents.
- Contributed significantly to the security due diligence of the organisation’s approved LLM based assistant, evaluating risks and helping to shape its phased rollout across the business.
- Coordinated disaster recovery plans; ensured business continuity during unexpected downtime instances or crises events.
Group Final Salary/Drawdown Team
Standard Life / Phoenix Group
Edinburgh
01.2017 - 01.2019
- Acted as Privacy Champion, enhancing endpoint protection by using antivirus/antispyware tools and promoting secure system use.
- Mentored colleagues on secure email use, including recognising phishing and spear-phishing attempts.
- Supported compliant storage and handling of multiple data media (paper, microfiche, DAT tapes and drive storage) in line with GDPR requirements.
- Developed and updated validation processes to improve accuracy and reduce processing errors.
- Completed training on UKGDPR and Information security best practices.
- Assisted colleagues with MS Excel queries and maintained accurate data handling within team processes.
- Supported customers with queries on Normal, Early and Late retirement GFS policies, including personal data updates and transfer values.
- Delivered training to new starters, monitored performance and identified where further coaching or training was required.
Technical Administrator
Standard Life plc (via First Source Consultancy)
Edinburgh
01.2016 - 01.2017
- Managed and distributed data workflows to multiple teams on the FCA (2016) Annuities Review Project.
- Maintained effective stakeholder relationships, contributed to decisions and ensured clear communication throughout all project stages.
- Identified and resolved system issues within the network, escalating where appropriate.
- Worked in a target-driven environment, consistently meeting individual and team deliverables.
- Retrieved and analysed highly confidential data from a range of in-house sources.
- Maintained and updated project documentation, including SharePoint sites and Excel trackers.
- Ensured project activities met organisational quality requirements and aligned with agreed standards.
Customer Service Advisor
Amazon UK (via Search Consultancy)
Edinburgh
01.2015 - 01.2016
- Handled high volumes of customer contacts while maintaining strong satisfaction and service quality.
- Identified and implemented improvements to the customer journey within own area of responsibility.
- Collaborated with support, billing and fulfilment centre liaison teams to resolve customer issues efficiently.
Clerical Officer / Office Administrator
Royal Bank of Scotland
Edinburgh
01.2013 - 01.2015
- Collected, updated and stored highly confidential customer payment information in line with internal controls.
- Delivered training to colleagues on new processes within the Subject Access Request (SAR) team.
- Helped reduce work volumes in the SAR returns phase by improving processing accuracy and efficiency.
- Maintained accurate records of customer financial data throughout all stages of the SAR process.
Sales Assistant / Security
Mona Liza Clothing Retail Store
Dundee
01.2006 - 01.2008
- Ensured that stock was displayed in an eye-catching way on the sales floor.
- Hanging stock, working with new product lines and working under pressure.
- Ensured a professional and courteous approach to work at all times.
- Supported staff members with stock ordering, merchandising and deliveries.
- Resolved customer complaints, managed refunds and resolved queries.
Assistant (part-time)
Dundee University Student Association
01.2000 - 01.2004
- Liaised with clients to maintain relationships and foster repeat business.
- Answered phone calls promptly, providing excellent customer service.
- Provided customer service, delivering high levels of satisfaction.
- Support staff members with administrative tasks, reducing workload stress.
Supplementary Teacher
CEVES Spanish Learning Institute
, Venezuela
01.1998 - 01.1999
Stock Controller
MARCWILL Optical Laboratories
01.1995 - 01.1997
Education
Certificate in English Language Teaching to Adults (CELTA) -
University of Cambridge
Teaching English as a Foreign Language (TEFL) - undefined
ScotlandTeaching English to Speakers of Other Languages (TESOL) - undefined
ScotlandCertified Advanced Level in Spanish Language - undefined
Instituto Internacional Alhambra Sevilla
Sevilla, SpainHigher Certificates - Spanish (A), Economics (C), English Language (B)
Dundee College
Skills
- Governance, risk and compliance
- GRC, ISO 27001, GDPR, NIST Cybersecurity Framework
- Incident response handling, SOC core skills, cyber threat intelligence
- Vulnerability management, CIS Benchmarks, audit and compliance support
- Identity and Access Management
- Security policies development
- Technical and tooling
- Endpoint security: SentinelOne (professional use)
- Cloud and governance: AWS Security Hub (professional use), Microsoft Purview (homelab/self-study)
- Networking and tooling (homelab/self-study): Wireshark, Nmap
- Platforms (homelab/self-study): Linux OS
- Workflow and ticketing: Jira, ServiceNow
Certification
- AKYLADE Certified Cyber Resilience Practitioner (A/CCRP)
- AKYLADE AI Security Foundation (A/AISF)
- AKYLADE Certified Cyber Resilience Fundamentals
- Foundations of Operationalizing MITRE ATT&CK v13 Certificate
- Foundations of Cyber Threat Intelligence Certificate – Attack IQ
- Cyber Threat Intelligence 101 -arcX
- SOC Core Skills V2- Antisyphon Training
- CCSO Cybersecurity Officer- ICTTF- International Cyber Threat Task Force
- Vulnerability Management Foundation- Qualys
- Microsoft Certified: Security, Compliance and Identity Fundamentals
- CompTIA Cybersecurity Analyst (CySA+)
- AWS Cloud Practitioner
- Certified Wireless Technology Specialist (CWTS)
- ITIL Foundation Level
- CompTIA Security +
- CompTIA Network +
- CompTIA A+
Languages
Languages: English (native), Spanish (higher intermediate), Ukrainian (beginner).
Hobbies and Interests
Reading or listening to podcasts on Cybersecurity and Machine Intelligence, Astronomy, Palaeontology, nature treks and baking Caribbean rum cakes.
ADDITIONAL INFORMATION
- Regularly attend industry security conferences, including BSides (London, Krakow, Copenhagen, 2025), OWASP Scotland, Cyber Expo Ireland, the EU Cyber Summit Dublin (2025) and ISACA Scotland.
- Currently working towards CISSP certification.
Affiliations
- I served as a judge for the 2026 UK Cyber Leaders Challenge – Regional Qualifiers, held at the University of Edinburgh’s John McIntyre Conference Centre. In this role, I helped evaluate over 100 teams from across the UK, each showcasing the next generation of cybersecurity talent. It was an honour to contribute to such an inspiring initiative that promotes innovation, collaboration, and skills development within the UK’s cyber community, and as a keen believer in supporting the next generation of cyber professionals, I am proud to play an active part in their development.
Timeline
Security Analyst
Origo Services
01.2019 - 03.2026
Group Final Salary/Drawdown Team
Standard Life / Phoenix Group
01.2017 - 01.2019
Technical Administrator
Standard Life plc (via First Source Consultancy)
01.2016 - 01.2017
Customer Service Advisor
Amazon UK (via Search Consultancy)
01.2015 - 01.2016
Clerical Officer / Office Administrator
Royal Bank of Scotland
01.2013 - 01.2015
Sales Assistant / Security
Mona Liza Clothing Retail Store
01.2006 - 01.2008
Assistant (part-time)
Dundee University Student Association
01.2000 - 01.2004
Supplementary Teacher
CEVES Spanish Learning Institute
01.1998 - 01.1999
Stock Controller
MARCWILL Optical Laboratories
01.1995 - 01.1997
Teaching English as a Foreign Language (TEFL) - undefined
Teaching English to Speakers of Other Languages (TESOL) - undefined
Certified Advanced Level in Spanish Language - undefined
Instituto Internacional Alhambra Sevilla
Higher Certificates - Spanish (A), Economics (C), English Language (B)
Dundee College
Certificate in English Language Teaching to Adults (CELTA) -
University of Cambridge