// professional record

Cyber security & GRC.

Hands-on security operations in MSP environments, GRC programme delivery, and cloud security across Azure-native estates. Below is the working summary — full CV available on request.

─── current ───────────────────────────────────────────────────────────────

April 2026 — present

Bunker Technical Solutions

Security Analyst — GRC & Compliance

Lead Cyber Essentials audit delivery across the client portfolio: two first-attempt certifications delivered, three further audits in active pipeline for Q2–Q3 2026.
Built and maintain risk registers across ~20 managed Microsoft 365 client environments, covering administrative and technical controls.
Sole author of the firm's client-facing security baseline standard (identity, endpoint, cloud, policy) — presented to directors April 2026 for firm-wide adoption.
Aligning client and internal governance to ISO 27001, NIST, SOC 2, and Cyber Essentials; maintaining the supporting policy and procedure suite.
Incident response — led full-lifecycle containment of unsanctioned AI tooling deployed on a managed client endpoint, from detection through post-incident documentation.

June 2025 — April 2026

Bunker Technical Solutions

Service Desk Analyst (Security-Focused)

First- and second-line support across managed client environments: Microsoft 365, Entra ID, endpoints, networking, access, and application faults.
Identity & access governance across Microsoft 365 and Entra ID — privileged access administration, least-privilege enforcement, and auditable change records.
SOC alert triage using RocketCyber and AlertLogic: endpoint and network telemetry analysis, threat validation, and incident escalation.
Vulnerability risk tracking and remediation contribution across client environments.

May 2024 — November 2024

Computer Forensics Lab

Digital Forensics Analyst

Forensic acquisition and analysis of Windows systems — identifying persistence mechanisms, malware artefacts, and indicators of compromise.
Produced structured investigative reports translating technical findings into legally defensible documentation for non-technical audiences.
Maintained strict chain-of-custody and evidential integrity throughout the investigation and reporting lifecycle.

─── concurrent ────────────────────────────────────────────────────────────

2024 — present

Keele University

PhD Candidate — Cyber Security

Thesis: a novel agentic and generative AI model for autonomous vulnerability assessment and penetration testing in operational technology environments. Empirical component: Pathfinder AI, evaluated against a SWaT-inspired Modbus testbed.

Transferred from London Metropolitan University, April 2026.

ongoing

Seris Studio

Operations & Compliance Support

Supporting partner-led skincare and treatment business with operational infrastructure, financial planning, and compliance documentation. Launched December 2025.

─── education ─────────────────────────────────────────────────────────────

graduated

London Metropolitan University

BSc Cyber Security and Forensic Computing — First Class Honours

─── certifications ────────────────────────────────────────────────────────

Achieved · Feb 2025

Certified in Cybersecurity (CC)

ISC2 — entry-level cybersecurity certification covering security principles, network security, access controls, and incident response. Verify on Credly.

Training complete · exam pending

SC-100

Microsoft Cybersecurity Architect Expert.

Training complete · exam pending

AZ-500

Microsoft Azure Security Engineer Associate.