Summary
Contact Details
Mobile - 07889 183 207
Skype - andrewbarratt
[email protected]
Andrew is an experienced IT and Information Security Consultant, PCI DSS advisor and QSA. As a partner in the consulting practice at Pen Test Partners he leads the the delivery of PCI DSS compliance services Europe. Andrew has worked with some of the worlds largest organisations as well as some of the smallest. Andrew regularly advises on the complexities that are involved with the PCI DSS self assessment or audit processes and can work with you to help you manage your IT/Information security whilst also maintaining compliance.
Andrew has a pragmatic approach and bases advice on a business' appetite for risk, and knowledge of good practice across multiple industry sectors rather than pre-conceived ideas of what can/should be done. Whether it is compliance with standards such as the PCI DSS, ISO27001, Data Protection or just where to start with tackling the latest cyber threats, Andrew brings a wealth of experience to the table.
Maintaining links with a number of Universities has given Andrew the opportunity to give technical presentations as well present on careers in information security, professional development and to mentoring undergraduates in his spare time. Alongside this Andrew has spoken at conferences about various information security issues.
Technical experience:-
Information Security, PCI DSS, Windows, Linux, Citrix, the .NET framework, web services, unit testing, agile methods,
Public Speaking Events
London - E-crime conference -- Coming up!
@AthCon 2012 - Better Breach Disclosure = Better Risk Management
DeepINTEL 2012 - Better Breach Disclosure = Better Risk Management
IsacaNorth - 2012 - Better Breach Disclosure = Better Risk Management
University of Bradford - 2010 - What Employers Want
Royal Holloway - 2007 - Covert Channels
Blog - http://makeitcompliant.blogspot.co.uk
Market Sector Experience
Retail, e-commerce, Oil/Gas, Financial Services
Technical Skills
PCI DSS, ITIL, ISO27001, ISO27002, Information Security, Cyber Defence, Ethical Hacking - Penetration testing, Forensic analysis, IT audit, Cyber liability insurance assessments, IT due diligence, IT / Information Security due diligence
Expertise
Market Sector Experience
Retail, e-commerce, Oil/Gas, Financial Services
Technical Skills
PCI DSS, ITIL, ISO27001, ISO27002, Information Security, Cyber Defence, Ethical Hacking - Penetration testing, Forensic analysis, IT audit, Cyber liability insurance assessments, IT due diligence, IT / Information Security due diligence
Experience
-
Coalfire Systems
Managing Director
100+ Employees 2012 - Currentwww.coalfire.com
-
Trustwave
Managing Consultant - UK/I, Europe, Middle East
100+ Employees 2009 - 2012Managing Consultant for Trustwave responsible for delivery in UK/Ireland, Europe and Middle East regions. -
KPMG
Advisor
100+ Employees 2006 - 2009 -
iSoft plc
Technical Consultant
100+ Employees 2004 - 2006
Education History
-
Computer Science BSc(Hons)
The University of Bradford
1998 - 2001
Qualifications
PCI DSS - Qualified Security Assessor (QSA)
PCI DSS - Point to Point Encryption Specialist (P2PE QSA)
ISO 27001 Lead Auditor
Microsoft Certified Professional
Chartered IT Professional registered with the British Computer Society
Clubs and Associations
PCI DSS - Qualified Security Assessor (QSA)
British Computer Society - MBCS CITP - Chartered IT Professional
British Computer Society - MBCS CITP - Chartered IT Professional
Interests and Hobbies
Cycling
Public Speaking
Blogging
Public Speaking
Blogging
