Robert Dunn
Edinburgh
Summary
Collaborative and pragmatic risk and security consultant with a commitment to excellence, and with several years of experience. Experienced in third party risk management, information security management, business continuity management and operational risk management and looking to leverage my skills and experience to help organisations improve.
Overview
21
21
years of professional experience
3
3
years of post-secondary education
Work history
Senior Information Security Consultant
Aegon Global Technology Services
Edinburgh
11.2022 - 10.2024
- Conducted risk and control assessments on applications, processes, projects and technologies
- Assisted major projects to successfully identify and remediate risks
- Created risk training material
- Built and launched an improved intranet site
- Developed a risk culture programme
- Ran three risk committees
Supplier Assurance Manager
Metro Bank
09.2021 - 11.2022
- Performed supplier assurance reviews covering information security, business continuity, fraud, supply chain, records management, and physical security
- Assisted with preparation for compliance, reviewed methodology and toolset, integrated assurance reviews into risk framework, mentored colleagues, attended meetings with senior managers, established regular reporting on key metrics, involved in continuous improvement activities.
Supplier Assurance Manager
Lloyds Banking Group
02.2021 - 09.2021
- Conducted supplier assurance reviews relating to information security, resilience, and technology across the supply chain
- Documented internal processes, identified key process and risk indicators, implemented a continual assurance process.
Information Security Manager
Aegon Asset Management
02.2019 - 12.2020
- Involved in major projects including developing an integrated operational risk management solution, IT control framework project, and identity and access management project
- Worked closely with colleagues across different locations and lines of defence.
Sabis UK IT Risk and Control Manager
Sabis UK
06.2017 - 02.2019
- Built and maintained a risk management and reporting framework, aligned existing frameworks, identified control issues, managed audits and audit actions, introduced a risk and control self-assessment process, took on the role of supplier risk manager, served as Data Protection Officer.
State Street
State Street
08.2015 - 06.2017
- Improved the toolset and remodelled it to fit into a new GRC platform, mentored junior staff, carried out supplier security reviews.
Sainsbury's Bank Supplier Assurance Manager
Sainsbury's Bank
12.2014 - 08.2015
- Performed information security reviews on key suppliers, developed the process and toolset, closed audit actions, created and delivered a schedule of information security reviews, reported and tracked issues, managed the team.
Tesco Bank Information Security Manager
Tesco Bank
07.2012 - 12.2014
- Identified, assessed, and approved information security controls, reshaped the supplier risk management process, aligned information security strategy with business strategies, ensured risks were articulated and understood.
Tesco Bank IT Risk Manager
Tesco Bank
01.2012 - 07.2012
- Involved in risk management, external and internal audits, information security reviews of suppliers, improved the process and procedures.
RBS Supplier Assurance Team
RBS
10.2010 - 01.2012
- Performed security reviews of external suppliers, assessed and improved methodology and toolset, managed continuous improvement and change, involved in internal assurance program.
Information Security Analyst
AEGON UK
02.2009 - 10.2010
- Identified and addressed weaknesses in the information security management framework, aligned policies and procedures with ISO27001/2, managed policy exceptions, carried out supplier security reviews, implemented a risk assessment methodology, created an information asset standard, established asset registers, implemented a risk-based approach.
UK Financial Services, Business Continuity & Information Security Consultant
Standard Life
01.2007 - 01.2009
- Identified and addressed policy non-compliance, managed incidents, assessed and approved system and process alterations, provided continuity and security consultancy, involved in change advisory board and incident management.
Sales Risk, Risk Consultant
Standard Life
01.2004 - 01.2007
- Operational risk reporting, training, control assessments, business continuity, changed control self-assessment and risk reporting functions, established business continuity management and reporting structure.
Education
SVQ Level 3 - Business Studies with French and Spanish
Napier University
Edinburgh 08.1983 - 08.1986
Certified Information Security Manager (CISM) - Information Security Management
ISACA
12.2011 - 12.2011
BCI (merit) - Business Continuity
Business Continuity Institute
05.2011 - 05.2011
ISEB – Certificate in Information Security Management Principles - undefined
Skills
- Third Party Risk Management
- Technology risk assessment
- Process risk assessment
- Business continuity management
- Information security management
- Operational risk management
Custom
- Ability to see technical topics from an all-round perspective
- Open, honest, pragmatic and approachable
- Able to delegate where appropriate
- Good communication and interpersonal skills
- Experience of training, mentoring and coaching
- Experience across governance, risk and compliance activities
Affiliations
- I am an enthusiastic traveller who enjoys exploring new places, I also enjoy reading, walking my dog and watching football.
Accomplishments
I have recently received three company rewards and recognition of adding value from two senior managers.
References
References available upon request.
Timeline
Senior Information Security Consultant
Aegon Global Technology Services
11.2022 - 10.2024
Supplier Assurance Manager
Metro Bank
09.2021 - 11.2022
Supplier Assurance Manager
Lloyds Banking Group
02.2021 - 09.2021
Information Security Manager
Aegon Asset Management
02.2019 - 12.2020
Sabis UK IT Risk and Control Manager
Sabis UK
06.2017 - 02.2019
State Street
State Street
08.2015 - 06.2017
Sainsbury's Bank Supplier Assurance Manager
Sainsbury's Bank
12.2014 - 08.2015
Tesco Bank Information Security Manager
Tesco Bank
07.2012 - 12.2014
Tesco Bank IT Risk Manager
Tesco Bank
01.2012 - 07.2012
Certified Information Security Manager (CISM) - Information Security Management
ISACA
12.2011 - 12.2011
BCI (merit) - Business Continuity
Business Continuity Institute
05.2011 - 05.2011
RBS Supplier Assurance Team
RBS
10.2010 - 01.2012
Information Security Analyst
AEGON UK
02.2009 - 10.2010
UK Financial Services, Business Continuity & Information Security Consultant
Standard Life
01.2007 - 01.2009
Sales Risk, Risk Consultant
Standard Life
01.2004 - 01.2007
SVQ Level 3 - Business Studies with French and Spanish
Napier University
08.1983 - 08.1986
ISEB – Certificate in Information Security Management Principles - undefined
Similar Profiles
Viktor VörösViktor Vörös
Senior Procurement and Vendor Management Specialis at Aegon Global Technology ServicesSenior Procurement and Vendor Management Specialis at Aegon Global Technology Services
SREEDAS NAIRSREEDAS NAIR
Executive Assistant (On Contract) at Walmart Global Technology Services India Pvt Ltd.Executive Assistant (On Contract) at Walmart Global Technology Services India Pvt Ltd.
Sreenadh SreekumarSreenadh Sreekumar
Staff Data Engineer at Walmart Global Technology ServicesStaff Data Engineer at Walmart Global Technology Services
Tina SmithTina Smith
Associate, Global Compensation Accounting at BlackRockAssociate, Global Compensation Accounting at BlackRock
Hon Kit KwokHon Kit Kwok
Cleaning operative at The City of Edinburgh CouncilCleaning operative at The City of Edinburgh Council