top of page

UBS | Director | Cyber Risk Management

London | 2023 - 2024

  • Led a global team of risk assessors (Analyst–Associate Director) across the UK, Switzerland, Poland, and India to deliver cybersecurity risk assessments for IT systems, business processes, and strategic programs

  • Advised the Group CISO and senior leadership on risk-based decision-making, regulatory engagement, and strategy development

  • Partnered with incident response to quantify post-incident residual risk and recommend remediation for critical third-party cybersecurity incidents

Aon | Associate Director | Cyber M&A

London | 2022 - 2023

  • Directed cybersecurity risk consulting for M&A transactions and private-equity portfolios, identifying, assessing, and quantifying vulnerabilities throughout each deal’s lifecycle

  • Crafted and delivered investor-facing management presentations to communicate findings and guide deal-making decisions

EY | Manager | Cyber Risk Advisory

London | 2021 - 2022

  • Led consulting engagements for major asset-management, banking, and consumer-goods clients

  • Oversaw the full advisory lifecycle, including solution design, implementation, and quality assurance of all client deliverables

  • Managed engagement P&L, delivery teams, and communications with both clients and internal stakeholders to ensure successful outcomes

Deloitte | Assistant Manager | Cyber Risk Advisory

Zurich | 2018 - 2021

  • Led consulting engagements for major banking, insurance, life-sciences, and sports clients

  • Designed end-to-end cybersecurity processes, policies, and solution architectures

  • Oversaw the full lifecycle of large-scale security technology implementation projects, ensuring on-time delivery, budget adherence, and stakeholder alignment

Procter & Gamble | Architect | Manufacturing IT

Frankfurt | 2016 - 2018

  • Designed and deployed core cyber security and resilience capabilities—including security policies, access-management controls, vulnerability-management processes, and awareness programs—across a decentralized IT environment covering 5 regional and 90 local data centers

  • Launched targeted security-awareness campaigns for IT administrators and business users, boosting policy compliance and embedding security-first operational practices

bottom of page