Know Me More
I’m a Certified Cyber Security Professional with a passion to make the world a safer place. Since 2003, I’ve been helping global organisations juggling between ever-growing cyber threats, compliance and security of their most valuable assets. I performed hundreds of consultative engagements globally for retail, banking, transport and government sectors in majority of cyber security domains.
Years of Experience
Consulted in over:
350+ Security Projects
EU | UK Passport Holder
10+ Security Certifications
What do I do?
How I can help your next project
Helping organisations to stay compliant with regulations and standards in their industry, such as PCI DSS, CSA STAR, GDPR, ISO, FedRAMP, ISF, NIST, CIS, SWIFT and many others.
Assisting organisations to establish effective governance structures and processes, including policies, procedures and controls to ensure accountability, transparency and ethical behavior.
Helping organisations to identify, assess, and prioritize risks to their business operations, develop strategies and plans to mitigate these risks.
Assisting organisations to design and implement a security architecture that aligns with an organisation's business objectives, IT infrastructure and compliance frameworks.
Providing internal and external audit services to help organisations evaluate their internal controls and processes, identify areas for improvement and mitigate risks.
Helping organisations manage the risks associated with third-party relationships, including vendors, cloud providers, suppliers and business partners.
A summary of My Resume
Master of Science (MSc) in Information Security
University of Plymouth, UK / 2005 - 2007
Final Thesis: ‘The pattern analysis of the IPS sensors across the campus network.’
Bachelor of Engineering (BEng) in Computer Science
University of KW, Poland / 2000 - 2005
Final Thesis: ‘Simple picture recognition using Artificial Intelligence (AI).’
Cyber Security Certifications*:
CISSP - Certified Information Systems Security Professional (ISC)²
CISSP-ISSAP - Information Systems Security Architecture Professional (ISC)²
CISA - Certified Information Systems Auditor (ISACA)
CDPSE - Certified Data Privacy Solutions Engineer (ISACA)
CEH - Certified Ethical Hacker (EC-Council)
PCI QSA - Qualified Security Assessor (PCI DSS, SSF, P2PE, 3DS, TSP)
PCIP - PCI Professional (PCIP)™
*Credly hosts the largest and most-connected digital credential network. Please click the icon below to verify my cyber security certifications.
My Previous Experience
Head of Compliance Services (Europe)
NCC Group / 2015 - 2023
Reporting to the Global Head of Compliance – point of contact (SME) for the compliance service line development and management in Europe, including strategy, growth and the service line’s team members development.
Principal Security Consultant
Ambersail Audit Experts / 2010 - 2015
Reporting to MD – security team lead, conducting a full range of security assessments and consultancy services globally in over 50+ countries. This includes but not limited to security audits, risk assessments, security architecture (including cloud), incident response planning, acting Virtual CISO and many others.
Information Security Specialist
NMI Group / 2008 - 2010
Reporting to CISO – designing, deploying and maintaining an enterprise class network across multiple physical sites (USA/UK) with 200+ nodes, including hardening OS, IAM systems, DLP systems, backup solutions, anti-malware solutions and many others.
My Cyber Security Skills
Frameworks & Standards 95%
Application Security (SDLC) 85%
Risk Assessment 88%
End-user Awareness Training 90%
Compliance and Audit 100%
Security Architecture 82%
Physical Security Controls85%
Have any questions?
GRC consulting firms help organisations protect their information assets from cyber threats by assessing their cybersecurity posture, developing security strategies and policies and implementing security controls and technologies.
I offer cost effective services at the highest quality. My global experience, gathered over the last 20 years across many sectors, maniftests itself in high level of knowledge in most of the cyber security domains. I value detailed and professional deliverables. A PDF brochure highlighting core services offered by Cipherlex can be downloaded from here.
Cipherlex is all about consultancy, without any added complexities. A simple project flow is used for small projects that have relatively straightforward requirements and minimal complexity.
However, it can be adapted and scaled up for larger and more complex projects by adding additional stages or breaking down each stage into more detailed sub-stages.
Clients & Colleagues Speak
“At NearPay we had a requirement to get our PCI DSS done to meet regulatory approvals. We previously had done the PCI DSS however were not pleased with the process. When Jake came onboard as our QSA, we knew we had the right person. His expertise, knowledge and experience in the payments industry and more specifically the PCI standards clearly showed. He was able to help us understand and navigate through complex flows and situations. Not only was his knowledge and expertise wonderful but he was also very professional and was happy to jump on a call at any time.”Adil Riaz Head of Product at NearPay, Saudi Arabia
“We hired Jake's services to help us acheive PCI Compliance. His expertise on the subject was bang on and very reliable right from the initiation of the project until the final delivery of the ROC. I would certainly consider utilizing his services again in future because of his capabilities which are a rare mix of high technical knowledge and Compliance/Regulatory knowledge.”Dinesh Ranade Senior IT Security Consultant at Direct Line Group, UK
“I know Jake from my former role as the Head of IT Security at a major credit card processor in Switzerland. He was our PCI DSS Auditor (QSA) for several years. Apart from his deep technical expertise he understands to communicate well on all levels. Jake was always open to share his knowledge with the team and helped to improve the security posture sustainably. I would work with Jake anytime.”Christian Grob Head of Security Services, AVANTEC AG, Switzerland
“I've been working with Jake for over a decade now covering PCI related security and i can honestly say I've been in very good hands. Jake is a pleasure to work with and has a collaborative approach which leads to smooth and successful projects.”Colin Parr Senior Project Manager, KAL, UK
"I first met Jake when he interviewed for a role at NCC Group. I was immediately impressed by his knowledge, professionalism and commitment to his clients. Over the years at NCC Group Jake gained even more insight and expertise and was a highly valuable member of the senior consultant community.
Should any organisation be looking for a cyber security consultant to help them build and improve cyber resilience I would wholeheartedly recommend Jake.”
“I've had the pleasure to work with Jake for nearly 8 years, within the consultancy team at NCC Group. His Cybersecurity knowledge and experience, client-centric attitude, collaborative approach and general excellence all around (as a consultant and as a human being !!) have always resulted in very satisfied clients and with him being a huge asset to our team during his time here.”Keith Jelliman Executive Principal Consultant, NCC Group, UK
“We had the chance to work together with Jake for many years (> 5 years) in the field of payment security, be it for QSA (PCI Audit) and consultancy assignments during his time at NCC Group. Jake is a pro-active person who always strives for the best possible service towards his clients. He helped us in many challenges regarding implementing PCI-DSS controls and assessing solutions against current PCI Security Standards.”Lorenzo Tomasina IT Security & Risk Manager, UBS CC, Switzerland
Note. All testomonials included above have been published on the LinkedIn platform.
Let's get in touch
I enjoy discussing new projects and design challenges. Please share as much info, as possible so I can get the most out of our first catch-up.
Cipherlex is a registered legal entity under the EU Company Law (CRN 5542412753)
Full Terms and Conditions can be downloaded from here.
Estimate your Project?
To estimate a project accurately, I need the following information:
1. Project Scope: Detailed description of what you want to achieve.
2. Project Timeline: Desired deadline or timeline for project completion.
3. Technical Specifications: Any specific technical requirements or platforms involved.
4. Communication and Collaboration: Preferred communication channels and availability for meetings.
5. Budget: Understand your budget or range of financial expectations.
6. Project Constraints: Identify any limitations or factors that may impact the project.
Having these details will help me provide a more accurate project estimate.