Martin Henry
Wildmill, Bridgend, Mid Glamorgan,Wales
Summary
Strategic security consultant with 20 years in information security, focusing on security architecture and governance risk compliance. Delivered security solutions across central government, banking, and telecommunications. Expertise encompasses risk management, cloud migration, and secure-by-design principles. Holds ISC2 CISSP certification and ISO 27001 lead auditor qualification, with full membership in the Chartered Institute of Information Security Professionals.
Overview
20
20
years of professional experience
1
1
Certification
Work History
Senior Security Architect
Bridewell Consulting Ltd
01.2024 - 03.2026
- Delivered security architecture and risk management services for UK Home Office, Cabinet Office, and DEFRA, ensuring compliance with security standards.
- Developed risk assessments for new technology adoption, reporting to senior stakeholders on inherent risks and recommending secure implementation strategies.
- Conducted threat modelling for onboarding project, assessing multiple systems' integration into Splunk and developing use cases to address identified risks.
- Provided an assurance process to ensure that secure-by-design and privacy-by-design principles were embedded in the design process for legacy system migration to the cloud.
Senior Security Architect
Stratia Cyber Ltd
01.2020 - 12.2023
- Delivered lead security architecture services to UK Ministry of Justice (MoJ) His Majesty’s Courts and Tribunal Service (HMCTS) for successful legacy application migration to cloud.
- Directed security architecture for Vodafone Datacentre Exit Programme, overseeing migration of all HMCTS applications from legacy hosting to cloud-based managed services on Microsoft Azure and Amazon Web Services (AWS).
- Led security architecture for organisations' legacy systems, conducting risk assessments and advising on remediation strategies to mitigate identified risks.
- Managed cybersecurity operations for the UK Royal Household, ensuring protection of sensitive information.
Enterprise Security Architect
Target Group Ltd
08.2019 - 01.2020
- Established Security Architecture function, creating technical security standards and architecture patterns to enhance company's security posture.
- Contributed to recent major cloud migration projects, ensuring alignment with security requirements and best practices.
- Monitored network traffic for suspicious activity to prevent cyberattacks and data breaches.
- Prepared and presented reports on security incidents and trends to senior management.
- Managed incident response activities, including investigation and reporting of security breaches.
Freelance Information Security Consultant (Contractor)
SD-6 Consultancy Services Ltd
01.2015 - 08.2019
- Jan 2015 - Jan 2017 Contracted to provide Senior Security Architect consultancy for the Department for Work and Pensions (DWP). I was the Lead Security Architect for the project which delivered the Personal Idependance Payment (PIP) system.
- Jan 2017 - Aug 2019 Contracted to provide Senior Security Architect consultancy for Lloyds Banking Group where I was the lead Security Architect for the Cash Management & Payment programme for both International and Domestic Payments.
Senior Information Security Consultant
Capgemini UK
01.2014 - 01.2015
- Advised on risk management strategies to enhance organisational security posture.
- Directed crisis management efforts during security incidents, minimising impact and guiding swift resolution.
- Spearheaded special projects by developing, implementing and analysing effective emergency strategies.
- Conducted background checks and due diligence investigations, ensuring integrity and security of client workforce and partnerships.
Senior Information Security (CLAS) Consultant
Hewlett-Packard Information Security
01.2011 - 01.2014
- Advised UK Public Sector clients on Information Security issues, ensuring compliance and risk mitigation.
- Led DWP Desktop Security efforts for Desktop 21 Project, facilitating transition to thin-client desktops for enhanced security and efficiency.
- Handled complex problems and issues by understanding root causes and implementing solutions.
- Facilitated workshops and training sessions to upskill team members and improve service delivery.
- Interfaced with client leads and became trusted advisor or confidant to client.
Force Information Security Officer
South Wales Police
01.2006 - 01.2011
- Established governance board, developed Information Security Policy, introduced asset marking scheme, and implemented Accreditation regime.
- Provided pragmatic advice and guidance to the Chief Officers on all aspects of information security.
- Developed a HMG Security Policy Framework (based on ISO27001) compliant ISMS.
Education
BSI ISO 27001 Lead Auditor -
BSI Training Course
Cardiff, CRF01-2017
TigerScheme Qualified Security Test member (QSTM) -
University of South Wales
Pontypridd01-2017
SABSA – Security Architect – Foundation Course -
SABSA Learning Institute
London, ENG01-2016
CyberArk Professional Partner (CyberArk Privileged Account Security V8.0) -
01-2014
CESG Listed Advisor (CLAS) -
01-2013
CESG Certified Professional – Security Information Risk Advisor Practitioner -
01-2012
Tiger Scheme Qualified Security Tester (QST) -
01-2010
Full Member of the IISP with ITPC Certification -
01-2010
Certified Information Systems Security Professional (CISSP) -
01-2009
CompTIA Security + Certification -
01-2009
PRINCE2 Practitioner (P2R/239907) -
Skills
- Security architecture and risk management
- Cybersecurity strategy and vulnerability management
- Threat modeling and security by design
- Privacy by design and technical security standards
- Architecture patterns and cloud migration
- Governance, risk, and compliance
- Cloud security
Certification
- ISC2 Certified Information System Security Professional (CISSP)
- Full Member of the Chartered Institute of Information Security Professionals (MIISP)
Timeline
Senior Security Architect
Bridewell Consulting Ltd
01.2024 - 03.2026
Senior Security Architect
Stratia Cyber Ltd
01.2020 - 12.2023
Enterprise Security Architect
Target Group Ltd
08.2019 - 01.2020
Freelance Information Security Consultant (Contractor)
SD-6 Consultancy Services Ltd
01.2015 - 08.2019
Senior Information Security Consultant
Capgemini UK
01.2014 - 01.2015
Senior Information Security (CLAS) Consultant
Hewlett-Packard Information Security
01.2011 - 01.2014
Force Information Security Officer
South Wales Police
01.2006 - 01.2011
BSI ISO 27001 Lead Auditor -
BSI Training Course
TigerScheme Qualified Security Test member (QSTM) -
University of South Wales
SABSA – Security Architect – Foundation Course -
SABSA Learning Institute