Oliver Johnson- Principal Cyber Security Project Manager
Principal Cyber Security Project Manager
Oliver is a diligent and versatile Cyber Security Project Manager with an excellent track record of delivering complex, transformational change within top-tier enterprises in the Financial Services industry.
Experience includes full lifecycles in multi-site, multi-national and multi-£m Cyber Security Project Portfolio’s. Substantial experience of project management methodologies coupled with comprehensive Cyber Security and IT knowledge developed over a 16 year career. Delivery focused with the ability to manage risks and issues in a structured and pragmatic manner.
Organisational qualities are excellent; punctual and well-mannered.
Details about Oliver
Where does your passion currently lie within Cyber Security?
I have a strong financial services background having mainly provided consultancy to Investments Banks and Central Banks over the course of my career. In the past 5-6 years I have focussed specifically on Data Security and I have a particular energy for assisting organizations in enhancing their Data Security capabilities through transformational change. Essential security strategies such as data classification coupled with complementary technologies (such as DLP) are hugely challenging but rewarding undertakings. I’ve gained excellent experience of managing delivery of large and complex projects in very challenging environments and it’s really what I enjoy doing best.
Why do you like working with JAW Consulting UK?
A primary driver in my professional career has always been to work with talented and passionate people and that is what you get at JAW Consulting UK. They provide a fresh, inspiring and professional approach to Information Security Consultancy.
What do you find most interesting about Cyber Security architecture?
To my mind, the most interesting aspect of Cyber Security Architecture is the establishment of that clear link between the business strategy and the information security strategy. It is vital that wherever possible, security becomes a business enabler. Too often, it can be viewed by those in the business as a red-tape exercise, only there to slow others down. A sound, well-structured and well executed IS Architecture should demonstrate real value, focussing on the business needs and enabling others to do their job in a safe and secure environment
What certifications do you currently hold?
I currently hold ISACA CISM, ISACA CISA, ISO27001 Lead Implementer, and the PRINCE2 Practitioner Project Management certification. I also hold current SC Government Clearance
How do you deal with the human factor in Cyber Security?
This is always going to be one of the most critical aspects of Cyber Security. No matter how sophisticated and elegant an enterprises security controls and capabilities are, the human factor will always present a weakness. Fundamental to any Cyber Security Strategy worthy of the name is a strong user education & awareness programme. One of the most common methods of exploiting vulnerabilities is still phishing and spear phishing attacks. The best defence against these for every company is to have present minded employees who understand the risks and know what to look out for.
What products do you enjoy working with?
In line with my Data Security focus, I’ve built up a good working understanding of Data Classification technologies and in particular Boldon James Classifier. I’ve also had a great exposure to DLP products (such as Symantec) and Data Governance tools like Varonis. As my primary role is to manage the delivery of solutions, I now have less time at the sharp end of such technologies, however I still take a keen interest.
What do you like doing in your spare time?
Outside of work my main hobbies are sport related. I’m a keen runner and cyclist although my real passion is white collar boxing!