Go to the top

Hello, I'm
Darren Simpson

Cyber Security Consultant


  •   Darren Simpson
  •   hello @ darren-simpson . com
  •   +44 (0) 1962 60 54 60
  •   CloudSafe Consulting Ltd, White Building, Cumberland Place, Southampton. SO15 2NP
  •   Operating Regions: EMEA (Predominantly)

Professional Profile

Over 20 years of proven cybersecurity experience focused on managing, auditing, architecting, testing, and reporting on significant cloud and on-premise environments for a diverse range of global corporations, public sector, and non-profit organisations. Enthusiastic and driven with global experience in a wide range of IS roles with responsibility for the successful creation and implementation of IS strategies to deliver operational improvement.

Combining a strong academic background (including continued links with research and academia), together with proven technical and analytical skills has proven beneficial when advising C-Level executives and senior management on cybersecurity principles, architectural designs, controls, processes, systems and opposing threats, promoting a culture of continual cyber security awareness.

I promote the use of technical guidance (ISO, CIS, NIST, NCSC, CPNI and CSA) when setting cyber security strategies and engage with external intelligence sources/agencies within the industry, ensuring any recommendations counter emerging threat vectors identified within trusted frameworks such as Mitre (ATT&CK).

I also provide guidance and oversight to government departments and agencies on risk and crisis management decisions for exercises involving the emergency services, armed forces, and organisations deemed Critical National Infrastructure. Periodically, I guest lecture at the University of Portsmouth, teaching risk and crisis management disciplines for postgraduate students, risk managers, and executives.


Qualifications / Certifications

Over the years, I have studied a variety of technologies from various vendors including Microsoft (MSCE, MCSA), Cisco (CCNA x 3, CCNP x 2), Alteon (ACA, ACE), Checkpoint (CCSA), AWS (SysOps, Architect) and EC-Council (CEH), providing foundational skills throughout the tech stack. In later years, focus was placed on additional security certifcates and qualifications aimed at strategic planning, not just tactical implementations:

  • MSc Risk Management (Distinction, Prize Winner and HPE Award for Innovation)
  • Certified Information System Security Professional (ISC(2) CISSP)
  • Certified Information Security Manager (ISACA CISM)
  • Cyber Incident Planning and Response (CIPR – NCSC Approved)
  • Mitre ATT&CK Certified (Cyber Threat Intelligence, Security Operation Centre Assessments)
  • Certificate of Cloud Security Knowledge (CSA CCSK)
  • The Open Group Architecture Framework Certified (TOGAF)
  • Amazon WebServices Solutions Architect Associate (AWS-AA)
  • ITIL Foundation (Version 3)
  • Qualys Certified Specialist (PCI Compliance, Vulnerability/Threat Management, Policy Compliance)
  • Zscaler Certified Cloud Administrator (Internet / Private Access, Security Specialist, TAC Associate)

Additional Training

Maintaining knowledge isn't all about certification; a variety of security related topics helps ensure advice is versatile and well considered.

  • ISO27001 2013 Certified ISMS Transition
  • ISO27005 Certified ISMS Risk Management
  • NCSC Cyber Incident Response
  • OWASP Risk Assessment
  • Mitre ATT&CK Defender (MAD)
  • CREST Threat Intelligence Analyst
  • Checkpoint Security Administration
  • Network Forensics with Wireshark
  • Reliability Engineering Concepts
  • Designing An Azure DevOps Strategy
  • Microsoft Azure Security Technologies
  • Agile Leadership (APMG)
  • Wardley Mapping


Over 20 Years Experience!

I have many years of experience managing security operations, identifying risks, designing solutions, and adhering to compliance standards across diverse and complex organisations, including retail, property management and managed security providers. Such work often involved supervising internal teams, managing supplier relationships, and addressing potential conflicts, all whilst ensuring clear and concise communication with senior stakeholders.

Furthermore, contracting for multinational organisations and central government departments provided me with the opportunity to broaden essential business skills. These include financial management, contract negotiation, departmental networking, and project management.

The Crown Estate

Director of Cyber Security
2021 - Present
Accountable for the effective execution of the strategic planning and operational security functions, including governance, risk and compliance, cloud security, privileged access management, threat and vulnerability management, and security monitoring and intelligence across diverse business sectors.

UK Police

Security and Risk Consultant
2021 - 2021
Approached by a university to assist with a business continuity and crisis management review initiated by a UK police force. Responsible for guiding technical risks, alongside managing the crisis communication review.

DfT / HM Coastguard

InfoSec Consultant
2017 - 2021
Initially awarded a five-month contract to determine the maturity of security governance, leading to a programme of works, including a complete security and architecture assessment of the emergency services environment, and development of continuity, threat, and risk management strategies.

Fyffes / Sumitomo

Interim Security Advisor
2016 - 2017
Contracted to assess the security requirements of core applications and infrastructure prior to planning a cloud migration strategy (following the €700 million acquisition by Sumitomo Corporation).

Freestyle Limited

Director (Technical Operations)
2012 - 2016
Promoted from Technical Services Manager to Director of Technical Operations after six months following the successful launch of the Managed Services team. Focus was placed on supporting and coaching team members to extend skillsets within the audit, security, and risk management domains.

BDO Global

Senior InfoSec Consultant
2011 - 2012
Responsible for aligning the organisation’s regional security strategy whilst defining roles within the cyber domain. Acted as an independent subject matter expert, providing advice and guidance on cyber security related activities.

TMCS Limited

Risk & InfoSec Manager
2004 - 2011
Combined architectural design and security management in a business-facing role, authoring high and low-level designs (HLD/LLDs) and creating business cases to secure appropriate funding. Responsible for researching new technologies and advising business and engineering teams on information security.

Cobweb / Vuzion

Security Operations Manager
2001 - 2004
Managed security and network reviews, troubleshooting of critical services, and emergency response planning. Responsible for the core network infrastructure, including the security and resilient routing for WANs, LANs, and a variety of communication systems for blue-chip clients.

RGC Jenkins

Senior Infrastructure Engineer
1999 - 2001
Supported the core infrastructure for Patent and Trademark attorneys whilst planning and implementing the migration for the Windows NT4.0 infrastructure.


Just My Education

On completing full time education, I attended college and studied electrical engineering before attending the University of Portsmouth many years later to study risk management.

HND Electrical


Four year, part-time course studying Electrical Principles, Information Technology, Three Phase Induction Motors, Power Electronics, Inspection and Testing of Low Voltage Electrical Installations, Programmable Logic Controllers, Electrical Systems in Hazardous Environments, Control Systems and Engineering Quality.

MSc Risk


Three year part-time course studying Organisational and Environmental Risk, Project and Research Methods, Crisis Management and Continuity, and Strategic Risk and Leadership. The final dissertation was based upon Quantitative risk assessments and whether they are an aid or hinderance to risk management. Awarded a Distinction, Faculty prize and Hewlett Packard Enterprise (HPE) Award for Innovation.


Organisations I Have Consulted For:

Working for various consultancies provided the opportunity to work for well-known, global orgnaisations in diverse sectors including Legal, Energy, Financial, Insurance, Media, Government, Retail, and Real Estate. The following illustrate some companies I have been fortunate enough to consult for.

For reasons of operational security, details of work undertaken for each client will not be documented on this website; however, examples of work undertaken can be found within the 'Projects' section.

Allen & Overy LLP is an international law firm (and is the second largest law firm headquartered in the UK) with reported revenues of £1.96 billion. The firm has 580 partners and over 5,600 people worldwide.
Allianz is a German multinational financial services company headquartered in Munich. The company is one of the world's largest insurers and financial services groups which focuses on asset management.
Barclays is a British, multinational bank, headquartered in London. Barclays operates as two divisions, Barclays UK and Barclays International, supported by Barclays Execution Services (a service company).
BBC News is an operational division of the public funded media company, the British Broadcasting Corporation. It is responsible for the gathering and broadcasting of news and current affairs in the UK, and around the world.
Binder Dijker Otte (commonly known as BDO) is an international network of public accounting, tax, consulting and business advisory firms. BDO is the fifth largest accounting global network.
BHP Billiton (now known as BHP Group Limited) is a $108 billion multinational mining, metals, natural gas petroleum public company that employs 80,000 staff and is headquartered in Melbourne, Australia.
BNP Paribas is a French international banking group which was founded in 2000 from the merger between Paribas, formerly known as the Banque de Paris et des Pays-Bas, and Banque Nationale de Paris. The company employs 190,000 people and is valued at €2.6 trillion.
The Department for Transport (DfT is a department within the United Kingdom government which is responsible for the English transport network and a limited number of transport matters in Scotland, Wales and Northern Ireland.
Founded in 1988 by Tim Slade and Jules Leaver as a business selling T-shirts at ski resorts, Fat Face is a British lifestyle clothing and accessories retailer, based in Hampshire. The company opened its first retail shop in 1993 and there were 142 Fat Face stores in the UK and Ireland as of 2010.
First Direct is a telephone and internet based retail bank division of HSBC Bank plc. It has 1.45 million customers, is based in the United Kingdom and has headquarters in Leeds, England.
Gatwick Airport, also known as London Gatwick, is a major international airport near Crawley, West Sussex, England. Founded in 1958, it is the third-busiest airport by total passenger traffic in the UK, servicing approximately 45 million passengers a year.
GSK plc, formerly GlaxoSmithKline plc was established in 2000 by a merger of Glaxo Wellcome and SmithKline Beecham. It is a British multinational pharmaceutical and biotechnology company with global headquarters in London.
HPE was founded on November 1, 2015, California, after splitting from the Hewlett-Packard company. HPE is an American multinational information technology company based in Texas, United States.
HSBC's international network comprises of approximately 7,500 offices in over 80 countries and territories in the EMEA region, the Americas, the Middle East and Africa. A subsidiary, HSBC Bank plc, is a British multinational banking and financial services organisation.
LV= was founded in 1843 and initially offered a ‘penny policy’ service, a simple form of life insurance. Based in Bournemouth, England, the company employs 1,300 people 1.16 million customers and is valued at £637 million.
The Maritime and Coastguard Agency is an executive agency of the Department for Transport, established to prevent the loss of lives at sea and is responsible (through the Secretary of State for Transport) for implementing British and international maritime law and safety policy.
The Ministry of Defence is the British government department with 60,000 civilian staff and approximately 198,000 military personnel. It is responsible for implementing the defence policy set by His Majesty's Government, and is the headquarters of the British Armed Forces.
Founded in 1948, the National Health Service is the publicly funded healthcare system in England, and one of the four National Health Service systems in the United Kingdom.
Nominet UK is currently delegated by the Internet Assigned Numbers Authority (IANA) to be the manager of the .uk domain name. Nominet directly manages registrations directly under .uk, and some of the second level domains such as .co.uk, .org.uk, .sch.uk, .gov.uk, .ltd.uk and .plc.uk.
Law enforcement in the United Kingdom is organised separately in each of the legal systems of the United Kingdom: England and Wales, Northern Ireland and Scotland. The majority of law enforcement is carried out by regional police services (known as territorial police forces) within one of those jurisdictions.
Promega Corporation is an American-based manufacturer of products for biotechnology and molecular biology with a portfolio covering the fields of cellular analysis, genomics, protein analysis and expression, drug discovery and genetic identity.
Rabobank is a multinational banking and financial services company headquartered in the Netherlands. The group comprises 89 local Rabobanks, a central organisation, and a number of specialised international offices and subsidiaries.
Rackspace Technology, Inc. is an American cloud computing company headquartered in Texas. It has approximately 6,600 employees and annual revenues totalling over $3 billion.
Founded in 1804, Schroders plc is a British multinational asset management company. It employs over 5,000 people worldwide in 32 locations around Europe, America, Asia, Africa and the Middle East, and manages assets totalling £615 billion.
Siemens AG is a German multinational corporation, founded in 1847 and headquartered in Munich. It is the largest industrial manufacturing company in Europe with revenues totalling €86 billion.
Founded in 1760, The Crown Estate is a collection of lands and holdings (valued at £15 billion) in the United Kingdom belonging to the British monarch as a corporation sole. This makes it "the sovereign's public estate", which is neither government property nor part of the monarch's private estate.


Over 20 Years Experience!

I've been fortunate to work for large corporations and various consultancies over the last 20 years, meaning no two projects were ever the same! I can't list all the projects or provide too much detail (for obvious reasons) but hopefully the following gives some idea of how I've assisted companies with their security challenges.

National Retailer

PCI DSS (Tier1)
National retailer with aggressive expansion plans required a successful audit to be completed within an extremely challenging deadline. Having undertaken a gap analysis of existing controls, a detailed plan was formalised to address network segregation, end-user device control, enhanced encryption standards, and revised security policies.

UK Police

BCP / Crisis Management
Approached by a UK University to assist with a business continuity and crisis management review initiated by a UK police force. Responsible for guiding technical and BCP risks, alongside managing the crisis communication reviews. Co-authored the final report for the Regional Gold Command (extracts incorporated into the revised National Digital Policing Strategy).

Retailer / Developer

Well Architected Framework
A national organisation migrated their entire on-premise infrastructure to the Microsoft Azure cloud but failed to address the Reliability, Cost Optimisation, Operational Excellence, Performance Efficiency, and Security benefits. A review established a Critical rating in all areas and a subsequent schedule of work was formulated detailing how architecture, infratsructure and network teams could address the issues over the course of 10 months.

Retailer / Developer

Microsoft Defender Suite
A retailer had migrated their on-premise infrastructure into the Microsoft Azure cloud but retained the incumbent anti-malware software. The lack of integrated security meant overall visibility of their security posture affected their ability to effectively manage their potential threat surface. A program of works was undertaken to implement Defender for Office 365, Defender for Endpoint and Cloud App Security (Defender for Identity was delayed whilst an IAM/PAM review was undertaken) In addition, Azure Defender was implemented for servers and storage, reducing operational costs, simplifying management and improving the reporting capabilities of the platform.

Insurance Company

Data Protection Consultancy
The introduction of GDPR legislation was proving challenging for an insurance company; a lack of awareness regarding where data was stored, coupled with limited controls was determined as an unaccpetable risk. A program of works was created to audit all of the company's data (including initial discovery), determine its utility, categorise it, and establish a robust data processing lifecycle. This included automating PIA and DPIA requirements, managing ROPA, automating DSAR requests and creating an Incident and Breach Response plan.

UK Government (DfT)

SCADA Controls
A UK government department with 158 remote sites required sensitive control systems, located in unmonitored buildings, to be secured against unlawful access. Following configuration audits and sampled penetration tests (including RTU/PLC/IED Firmware, Node Service, Encryption and Application Security), a report containing a technical and managerial overview of findings was provided, together with detailed remediation advice. Furthermore, remediation support was provided to internal teams and external suppliers.

UK University

Guest Lecturer
Guest lecturer for risk, resilience, and crisis management undergraduate and postgraduate courses. Solely responsible for the design, development and management of the crisis management simulation exercises.

Finance / Banking

MDR / Threat Hunting
Following an external audit, the investment subsidiary of an APAC bank required a Managed Detection and Response service to be onboarded within challenging timescales. A review of the core infrastructure established the quantity of collectors, agents and bastion hosts necessary for the intial reporting (audit) phase to function correctly. Encrypted feeds were then configured into an xDR detection platform providing full visibility of user, endpoint, cloud, and network activity.


SOC Integration
A Managed Service Provider required a white label SOC service to be integrated into their existing management platform. This process was complicated by the fact the client was part-way through migrating from Kaseya to N-Able and was struggling with resource management. A gap analysis of the migration identified incorrectly defined success criteria, culminating in multiple workstreams, each contributing to unnecessary technical debt. A DevSecOps adoption framework was implemented to formalise activities whilst ensuring the transformation continued at pace.

Security Consultancy

A client had initiated an Identity and Access Management / Privilege Access Management program of work across on-premise and Microsoft Azure cloud environments. Work undertaken by internal teams provided minimal gains and the client subsequently sought external assistance with defining a program of works. The initial tranche of consultancy focused upon core technical systems, HR, Finance and the JML process. Once all the processes and entities had been mapped, a 24-month plan was developed to implement the appropriate controls across 72 critical services; this also included significant configuration changes to Active Directory and DNS.

Technical Consultancy

Insider Threat
A client reported puzzling activity on their network; meetings were being cancelled, data was missing and core services were randomnly rebooting. Whilst an initial investigation by the internal technical department failed to identified the cause, there was general consensus that all the issues were caused by a 'random' malicious actor. Further investigation of logs, staff interviews and forensic analysis of AD accounts identified an ex-employee as a possible suspect. Police checks of ISP logs confirmed the identification of the malicious actor was a disgruntled employee who had left the company over eight months ago. A detailed report was compiled for the courts together with expert witness testimony, culminating in a successful prosecution.

Energy Supplier

An energy supplier required ISO 27001 compliance for all their UK based datacentres. Whilst the physical controls were robust, the company's policies and procedures failed to reflect actual operations and were generic in nature. A six-month program of work identified and remediated the gaps, culminating in a successful audit.

UK Government (DfT)

£300m Tender
The Department for Transport required the creation of a tender document pack for the outsourcing of a 10-year service contract. Working with external authoritative stakeholders, operational cyber security requirements for the fixed/rotary-wing emergency services were defined, culminating with a £300 million award.

Media Company

Attack Surface Management
Following the broadcast of a controversial news story, a renowned global media company was subjected to a significant Distributed Denial of Service Attack (DDoS) that was subsequently determined to have contributed to 12% of European traffic over a 17 hour period. Once the scale of the problem was established, technical measures were implemented to successfully counter the threat. Furthermore, an exercise was undertaken to re-evaluate potential threats and the associated attack surface to identify and mitigate additional risks.

HM Coastguard

EUD Policy Advisor
HM Coastguard sought to adopt the ISO27001 framework and seek accreditation; however, following 18 months of work, the project stalled with only two policies being published. A review was subsequently undertaken, success criteria defined and policies, risk assessments, training, and an ISMS were implemented.

Global Distributor Acquisition

Interim CISO
A Fortune 500 global trading and business investment corporation acquired an international produce company and required tactical security plans to augment existing policies whilst long-term strategic options were considered. Activities of Information Security Officers was coordinated to define and establish a unified approach to address security issues and mitigate information risks. Furthermore, an effective information resource management programme was established and maintained, including the development of a strategic information security plan.


Building Management System
A national company was seeking to leverage their building portfolio by improving Management Information (MI) reporting regarding capacity, running costs, and green levy metrics. An audit of the existing systems identified where existing security for BMS (IoT) devices required enhanced protective controls. A program of works was developed to implement a 'test' system (encompassing five office buildings) which provided a repeatable process for the remaining 187 commercial buildings within the portfolio.

Global Bank Division

Transformation Program
Responsible for driving the implementation of the organisations strategies the group's business strategies and goals relating to Cyber Security. Also defined roles and responsibilities within the Cyber Security sphere and acted as a dedicated subject matter expert and business partner, providing advice and guidance on all aspects of Cyber Security.


Can I Help? Feel Free To Get In Touch

If you have a project that you think I can assist with, please feel free to get in touch - if I can help, I will tell you and if not, I may be able to put you in contact with someone else who can.

Darren Simpson
CloudSafe Consulting Ltd,
White Building,
Cumberland Place,
Southampton, SO15 2NP.
+44 (0)1962 60 54 60

I'm also on Social Networks

I'm not a huge participant with social media but you can find me on the following:

Follow on LinkedIn

Drop Me a Line

Darren Simpson