I am a driven and committed to the evolution of security, with excellent interpersonal skills and an open and honest personality. Career Information / I.T. security professional with circa 19 years experience within international banking security. My objective is to make the security function a business enabler; delivering security solutions that help enable the organisation to exploit opportunities which previously they would have been cautious to exploit. My approach to security is that of common sense; efforts must be equally focused on doing the basics flawlessly and driving systemic improvement through the broad exploitation of cyber & fraud intelligence.

Deputy Head of IT Security @ From September 2014 to Present (1 year 4 months) Global Head of Infrastructure Security @ Leading global a team that drives technology cyber security of the group in strong partnership with IT Operations and Software Delivery. The practice delivers three primary services: • Consulting and technical risk advice. • Policy and Controls. • Oversight & Assurance. From March 2008 to September 2014 (6 years 7 months) Senior Manager IT Security @ The role was a blended role which cover many aspects of I.T. and Information Security globally across HSBC the three main areas covered were :- • Developing and implementing a consistent and cost effective Information Security Architectural Strategy for the Group, and providing Group wide Information Security direction on global HSBC and industry issues (e.g. staff access controls, remote working, and use of portable storage devices). Through these efforts reduce the cost of security and incresase the effectiveness. • Leading global Information Security projects (e.g. Identity and Access Management, Single Sign on), as well as leading groupwide Information Security teams participation in global projects (e.g Global Premier, Group Payment System), ensuring that Information Security requirements are incorporated in the project throughout its lifecycle. • Driving solutions to fundamental global dilemmas including but not limited to Group vs local priorities, risk vs the cost of mitigation, security vs speed of delivery, etc. Developing global Information Security policies and standards that support Information Security’s mission and business goals. From December 2004 to March 2008 (3 years 4 months) Sheffield, United KingdomGlobal Head of IT Security @ Managing and organising the I.T. Security efforts within Bank of Bermuda. Prior to joining Bank of Bermuda, I.T. Security was seen as a hindrance to delivery. The Bank’s strategic objective was to expand the use of electronic delivery channels for banking services. I.T. Security was essential in that process. My role was to develop I.T. Security to ensure that the function was viewed as a business enabler and to offer value added consulting services. Offering a solutions based approach to assist the business in the secure delivery of new products and services had this desired effect. With the co-operation and assistance from infrastructure & applications teams I delivered new policies, practice and standards for the organisation. I drove the definition and delivery of re-usable security architecture components that were designed to deliver services globally. E.g. Secure File Transfer, Public Key Infrastructure, DMZ architecture and Privilege Management Infrastructure. Project delivery included ; SWIFT systems replacements, retail and corporate web banking, web funds and pension systems delivery & many others. From November 1999 to November 2004 (5 years 1 month) BermudaSecurity Consultant @ Key role in many high profile projects e.g. designed security for several internet banking applications and the infrastructure on which they run, high value payments systems, treasury and international systems. Other projects have included TCP/IP security standards, UNIX security Standards, CREST (national share dealing & settlement system) and VISA/Mastercard/Switch smartcard implementations. Role focused on delivering e-commerce solutions dealing with application, execution environment, operating system and network security. From May 1995 to November 1999 (4 years 7 months) Edinburgh, United Kingdom

BSc. (Honours) Information Technology with Applied Risk Management, IT Risk Management, IIi @ Glasgow Caledonian University From 1993 to 1995 Highers, O Grade and Standard Grades, Secondary Education. @ Boclair Academy From 1984 to 1990 Robert Rodger is skilled in: Information Security Management, Risk Management, PCI DSS, Information Security, Security, CISSP, Security Architecture Design, Computer Security, IT Audit, Vulnerability Assessment, Business Continuity, ISO 27001, Enterprise Architecture, Network Security, Application Security