(+44) 07712293729
9AM - 9PM

James Tyson

Information Security Professional

  • CONTACT FOR : Career Opportunities, Networking, Projects, Consultancy
  • EMAIL : hello@jamestyson.co.uk


I am an experienced postgraduate information security professional, currently working for a UK insurance company providing project security consultancy and security risk identification and analysis.

My main focus is on Microsoft cloud technologies and how to support businesses in embracing the cloud whilst maintaining a strong security and compliance posture. Whilst not every workload is suitable for the cloud, I am a believer that the cloud is a great enabler for businesses and provides organisations with the latest and greatest tools and services, the ability to scale both up and down, and better cost management.

Being a Father and a Husband I rarely have any spare time, but when I do get the chance I have a number of projects I am currently working on, details of which you can find below or on my blog.

I'm also a bit of a Trekkie.


Work Experience


Covea Insurance - Halifax, UK

Providing information security and risk consultancy to a wide range of Agile and Waterfall projects.

  • Collaborate with stakeholders to identify, assess and treat internal and third party information risks; tracking the risks and the associated controls
  • Manage, develop, and maintain the information risk register, information asset register, and support continuous improvement and maturation of information security risk management processes
  • Provide advisory support to business function and IT teams in understanding risk and security considerations of business operations, new projects, and third party suppliers
  • Ensure that the security requirements for new and change business projects are defined, based on the assessment of risk within the framework provided by Group Policy
  • Contribute to the definition and maintenance of a practical and comprehensive Risk Assessment methodology, with supporting tools
  • Ensuring that appropriate controls assurance, compliance and reporting activities are conducted to enable effective identification and management of related issues and exceptions

Information Security Manager

Cloud Direct - Bath, UK

Responsible for overseeing and controlling all aspects of security within the business.

  • Development of new products and services alongside Practice Area Leads and Senior Management
  • Responsible for the creation of a 24/7 SOC Team, based across the UK and RSA
  • Responsible for all elements of internal security, working closely with specialist teams within the company
  • Successful projects include rollouts of Azure Information Protection, Intune, and Privileged Identity Management
  • Completion of risk assessments and reviews of internal systems and customer projects
  • Maintain awareness of current and emerging threats and vulnerabilities
  • Accountable for the development and testing of the company Business Continuity Plan
  • Responsible for all elements of the company ISO27001, ISO20000, Cyber Essentials, and Data Protection compliance programme
  • Responsible for increasing information security and data protection awareness through continued staff training and other development activities
  • Company Data Protection Officer, responsible for dealing with internal and external data protection requests. Also hold the roles of Risk Manager, Change Manager, and Problem Manager
  • Holding management reviews and leading security, risk and IT service management committees

2nd Line Support Engineer

Cloud Direct - Bath, UK
APRIL 2015 - JANUARY 2017

Role involved providing remote support to customers and working closely with project and specialist teams. I was responsible for providing customers with high level support either as a point of escalation from Tier 1 support engineers or in conjunction with other specialist teams within the Operations department. Ensured that service level agreements were met whilst delivering reliable resolution of customer technical issues when raised via support channels.

  • Troubleshoot and resolve customer issues with Microsoft technologies and other 3rd party providers
  • Work with 3rd Line Engineers on complex customer issues
  • Specialising in Microsoft technologies (Office 365, Exchange) but able to provide support for multiple technologies and product types including backup and storage, VoIP, networking, and communication and collaboration tools

IT Trainer

Aspire Achieve Advance - Bristol, UK
AUGUST 2014 - APRIL 2015

  • Created engaging lessons and lesson plans, with additional resources to ensure that apprentices engage and achieve to the best of their abilities
  • Continually monitored and updated apprentice progress, putting in place any support mechanisms that maybe required
  • Carried out reviews with apprentices, to provide feedback, listen to apprentice feedback, identify potential support requirements and create/implement an action plan should one be required
  • Timely marking/assessment of apprentice submissions, giving detailed feedback
  • Built key relationships with apprentices and employers, ensuring strong and positive lines of communication
  • Met with the Delivery Manager weekly to feedback on current apprentices and their progress, along with what support has been put in place and ensure constant, clear and timely communication at all times



Computing (Information Security & Digital Forensics) - The Open University

Completed part-time over three years whilst working in the IT industry. Completed modules in digital forensics, information security, project management and management of technological innovation.

Completed a research thesis addressing my own hypothesis, "Is e-learning or traditional classroom-based training more effective in increasing information security awareness within an SME?". Achieved a Merit for information security research and the useful business applications I discovered.


Computing (1st Class) - University of Bath

General computing degree covering a wide range of modules and themes. Covered complex areas such as computer multitasking systems and advanced web technologies. Also completed modules in management subjects including finance, marketing, information, and performance.

Undertook a research project addressing my own hypothesis, "Can a smartphone be consensually data-mined in order to establish a demographic profile of the smartphone user". Achieved a 1st for research project due to the "significant potential real-world applications" of the research I undertook.


PRINCE2 Foundation
Microsoft Certified Professional (Exam 70-346 Managing Office 365 Identities and Requirements)
ITIL V3 Foundation
Certificate in Information Security Management Principles (CISMP)
Splunk Fundamentals
CISSP (working towards)