Martin Leigh
Bromley,Kent
Summary
Cyber and Technology Audit Lead with a proven track record of leading complex audit engagements across cloud, infrastructure, DevOps, cybersecurity, and operational risk domains. I specialise in translating deep technical issues into clear, business‑aligned risk insights for senior stakeholders, and I have extensive experience assessing Azure cloud architectures, platform resilience, vulnerability management, identity and access governance, and incident management frameworks.
I operate at VP level, leading scoping, planning, fieldwork oversight, and drafting high‑impact audit reports presented to senior business and technology leaders. I bring a strong blend of audit discipline, cybersecurity knowledge (CISSP), and hands‑on technical development including CLI‑based cloud testing, DevOps pipeline analysis, and progressing toward OSCP to deepen offensive security and practical cyber capability. I am passionate about delivering high‑quality, actionable audit outcomes that drive meaningful improvement in security maturity and resilience across critical platforms.
Overview
9
9
years of professional experience
2
2
years of post-secondary education
Work history
IT Internal Auditor
Investec
City of London
2025.06 - Current
- Acted as the SME for the Internal Audit team for cybersecurity and cloud security audits
- Led end‑to‑end cybersecurity and technology audits across Azure cloud platforms for client web and mobile applications, delivering high‑quality findings on resilience, monitoring, vulnerability management, and security governance.
- Identified systemic resilience weaknesses across multi‑team dependencies (Cloudflare, APIM, ACR, ExpressRoute), highlighting absence of coordinated DR ownership and unified recovery assurance.
- Exposed critical architectural risks such as non–zone‑redundant NAT gateways and Public IPs forming single points of failure for outbound APIM connectivity.
- Challenged the maturity of vulnerability management by identifying lack of timestamp visibility in Wiz/GHAS, optional GHAS scanning, insufficient triage evidence, and inability to validate the true ageing of high‑risk findings.
- Evaluated DevOps pipelines end‑to‑end, revealing security scanning gaps, secrets governance issues, and areas where CI/CD processes allowed unvalidated code to merge into protected branches.
- Assessed identity and secrets management, including Key Vault configuration, network segregation, service account lifecycle issues, and PAM gaps within CyberArk/BeyondTrust environments.
- Produced clear, executive‑ready audit reports explaining complex cloud and cyber risks in business‑focused terms for CTO‑level stakeholders.
- Led scoping meetings, walkthroughs, and fieldwork activities across multiple engineering, cybersecurity, and infrastructure teams, driving alignment on risk ownership and remediation expectations.
- Introduced improved cloud assurance techniques (zone redundancy checks, dependency mapping, network ACL review, APIM flow analysis) into the audit methodology to raise audit technical capability.
- Mentored junior auditors on cloud, cyber, and DevOps assurance techniques, helping uplift the overall team’s technical competence.
IT Audit Assistant Manager
EY
Canary Wharf
2016.10 - 2025.06
- Led IT General Controls (ITGC) audits across major financial‑services clients, assessing access management, change management, privileged access, backup and recovery, and IT operations, delivering clear, risk‑aligned findings to client technology leadership.
- Performed deep‑dive cyber governance reviews, evaluating security policies, cyber frameworks, incident response procedures, and alignment to regulatory expectations, identifying thematic weaknesses in governance structures, roles, and escalation processes.
- Specialised in SOC1 / SOC2 testing, performing walkthroughs, control design assessments, and operating effectiveness testing for service organisations, ensuring evidence sufficiency and alignment to AICPA/ISAE assurance standards.
- Assessed incident response maturity, reviewing detection, escalation, and containment processes, and identifying gaps in SIEM monitoring coverage, alert triage, root cause analysis (RCA) documentation, and incident closure workflows.
- Evaluated BCP and Disaster Recovery frameworks, analysing DR readiness, RTO/RPO alignment, backup integrity, and failover capabilities, highlighting deficiencies in recovery testing, dependency mapping, and governance oversight.
- Delivered a year in Technology Risk, supporting enterprise risk assessments, control optimisation, and thematic reviews across cyber, infrastructure, and operational risk domains.
- Executed detailed control testing and remediation validation, improving the efficiency of testing scripts, identifying control failures early, and strengthening client readiness for internal/external audit scrutiny.
- Led optimisation of RCSA (Risk & Control Self‑Assessment) frameworks, improving control descriptions, testing methodologies, evidence requirements, and risk scoring models to increase accuracy and auditability.
- Provided advisory support on control uplift programmes, including segregation of duties, privileged user monitoring improvements, and enhancement of security configuration baselines.
Education
Bachelor of Arts - Economics
Coventry University
Coventry 2011.09 - 2014.03
CISSP (exam passed, awaiting approval for work experience)
ISC2
LondonCISA
ISACA
LondonSkills
- Cloud Security
- Cybersecurity
- IT Audit & Risk
- DevOps & Secure SDLC
- Operational Resilience / DR
- Technology Risk Management
- CLI & Hands‑On Technical Skills
- Stakeholder & Senior Management Engagement
Timeline
IT Internal Auditor
Investec
2025.06 - Current
IT Audit Assistant Manager
EY
2016.10 - 2025.06
Bachelor of Arts - Economics
Coventry University
2011.09 - 2014.03
CISSP (exam passed, awaiting approval for work experience)
ISC2
CISA
ISACA