
Security & BCM Solution Leader at PricewaterhouseCoopers
United Kingdom

Security & BCM Solution Leader at PricewaterhouseCoopers
United Kingdom
Steve Wright, Senior Manager in PricewaterhouseCoopers information security practice, has been appointed to lead the firm's security offering for all its FTSE 100 clients. His new role will involve client engagement at all levels (COO, CIO, CISO, CSO) by providing strategy direction for both the firm's clients and its security practice. Steve views security holistically and frequently speaks at events on some of the firm's client engagement 'war stories' and will be demonstrating how his team can add value in a busy and complex market. Steve's new team takes in all security disciplines from the firm's existing experts in areas such as; IDAM, Risk and Governance, Data leakage prevention and Privacy Protection, Strategy & Vision, Security Awareness, BCM and DR Assurance and legal compliance.
Before joining, Steve headed up the Security Practice at Siemens Insight Consulting and had spent time in the past 10 years in a CISO role, where his knowledge and skills in business and IT Transformation led him to become an all round security and risk specialist.
Responsible for responding to all aspects of security. A balanced, holistic, seasoned and business focused leader in the Information Security and BCM fields. Takes ownership of issues, problems, with good conflict resolution skills.
(Partnership; Accounting industry)
January 2009 — Present (7 months)
I have now taken on responsibility for Security and Business Continuity for PricewaterhouseCoopers London top FSTE 150 clients. This includes a new team and responsibility to establish a new and dynamic security practice within PwC RAS.
(Partnership; 10,001 or more employees; PwC; Accounting industry)
May 2008 — Present (1 year 3 months)
(Management Consulting industry)
2007 — Present (2 years)
(Management Consulting industry)
2005 — Present (4 years)
(Management Consulting industry)
2004 — Present (5 years)
(Public Company; 10,001 or more employees; Security and Investigations industry)
2003 — Present (6 years)
Currently have management responsibility for Security Management Practice. This includes many senior and junior consultants who report to me. My judgement, good motivation skills and management / leadership qualities (lead by example = 2nd in organisation for highest utilisation, most profitable and amount of new business won) have allowed me to shape this part of Siemens Insight Consulting into a serious contender for exceptional growth in both existing, new and emerging UK and oversees markets.
(Public Company; 10,001 or more employees; Management Consulting industry)
January 2003 — Present (6 years 7 months)
Involved with the entire security design process of RMADS, IS1 & 2, information asset risk assessment, production of ADS and supporting SyOps, comprehensive planning and subsequent implementation of all elements of security up to and in line with the BS7799 standard. After project ‘go live’ (Feb 2003), subsequently completed all ‘scheduled’ IT and business audits and risk assessments, in line with BS7799 requirements. This also involved all aspects of Change Management / Impact Assessment approval process (to do with security)
(Public Company; Management Consulting industry)
February 1999 — January 2003 (4 years)
Worked as a Security Consultant providing Professional Services in relation to Information Security/Technology/Management to meet BS7799, ITIL, Tickit and ISO13335 compliance. Working with best practices in Risk assessments methodologies like CRAMM, COBRA, OGC M_o_R, ISF Risk Assessment methodology IRAM. This also includes working in the Business continuity management spectrum with emerging standards such as PAS 77 and PAS 56.
(Public Company; 1001-5000 employees; Management Consulting industry)
January 1997 — January 1999 (2 years 1 month)
BS7799 Implementation Project
Integration of Loot & Scoot IT Infrastructure Project
Implemented Citrix XP
Migration of Scoot/Loot databases into a single repository
Set up a new Call Centre & Helpdesk, including Pro-active IVR solution.
(Privately Held; 201-500 employees; Information Technology and Services industry)
January 1994 — January 1997 (3 years 1 month)
1990 — 1994
Professional Services in relation to Information Security Assurance/Technology/Management to meet ISO27001, ITIL, ISO20000, PCI DSS, PAS99, Tickit and ISO13335 compliance. Working with best practices in Risk assessments methodologies like CRAMM, COBRA, OGC M_o_R, ISF Risk Assessment methodology IRAM. This also includes Business continuity management spectrum with emerging standards such as BS25999 & PAS 77. ISO9001 and BS25999 systems. Security Architecture in compliance with COSO, COBIT and SOX, BASEL 2, HIPPA, DPA, FOIA.
MBCS CITP, M.Inst.ISP, CISSP, CISMP, HISP, BA.