Brian Stephens

SC Cleared
Cyber SecurityCloud Architecture & GRC

Securing Cloud environments for Regulated and Critical Infrastructure Organisations:

  • • Security architecture that works in production.
  • • Azure & M365 security aligned to NCSC, NIST, ISO 27001
  • • Governance that withstands external audit.
  • • Audit readiness for Cyber Security Frameworks.
  • • AI Security Governance and Audit.
Get in TouchView Experience
Cybersecurity operations centre with compliance dashboards for Cyber Essentials, ISO 27001 and NIST CSF

Cyber Security Specialist

Cyber Security project delivery across Azure cloud environments.

Cloud Security

Delivery of robust protection and resilience across Azure and Microsoft cloud environments.

GRC Expertise

Outcome-focused GRC expert aligning security with business goals, compliance, and real-world resilience.

CNI Experience

Assuring high-stakes environments through structured risk management and defensible architecture.

Audit & Control Validation

Evidencing control maturity for internal audits, regulatory assessments, and external certifications.

Threat Detection Readiness

Microsoft Defender Suite and KQL-driven insights to stay ahead of emerging threats.

Security Strategy & Engagement

Translating complex security challenges into board-level outcomes with clarity and confidence.

Audio Introduction

Listen to a brief overview of my background and approach.

Consulting Expertise & Technical Capability

I deliver specialist cyber security and risk consultancy to enterprise and Critical National Infrastructure (CNI) clients, combining deep technical capability with strategic security expertise. My skillset is built on a proven foundation across Cloud Environments — including Azure Security Center, Sentinel, and Policy — and Microsoft 365 security Suite of tools and the securing of AI-driven automation including Copilot. This is underpinned by extensive experience aligining to recognised security frameworks including Cyber Essentials Plus, ISO 27001, and NIST CSF/CAF — ensuring organisations meet their regulatory obligations that demonstrate security maturity to stakeholders and regulators alike.

My GRC experience encompasses the design and implementation of policy, standards, and procedures, risk assessments and treatment plans, Information Security Policy, Security Controls assurance, framework alignment, and management of third-party Security Risk Assessments (SRA) — evaluating supplier and partner security postures to minimise organisational risk exposure. This end-to-end approach ensures clients maintain Defensible, Auditable Security Postures across their entire supply chain. Across SIEM & monitoring, I have deployed and optimised Microsoft Sentinel, Tenable One, and Azure Monitor & Log Analytics, leveraging KQL to deliver actionable Threat Intelligence and continuous visibility. My endpoint security expertise spans Microsoft Defender for Endpoint (MDE), Microsoft Purview, Data Loss Prevention (DLP), and Intune MDM — protecting devices, data, and identities at scale.

For clients requiring infrastructure resilience and automation, I have designed and implemented Infrastructure as Code solutions via Azure Resource Manager (ARM), automated patch management pipelines, and CIS-hardened builds. I deliver scripting and automation across PowerShell, Logic Apps, BASH, Python, SQL, and KQL, and translate complex security data into executive-ready reporting through Power BI, Power Automate, and AI Prompt Engineering.

Delivering end-to-end cyber security consultancy across governance, risk, and compliance — underpinned by deep technical capability across Microsoft security platforms, cloud infrastructure, and critical national infrastructure environments.

Governance

3rd Party Security Risk Assessments100%
Security Governance & Policy Design85%
Audit Evidence & Control Validation90%
Site Assurance & On-Site Security Reviews100%

Microsoft 365

Defender for Endpoint100%
Defender for Cloud100%
Purview Compliance100%
IAM100%

Security Frameworks

Cyber Essentials+100%
NIST CSF/CAF100%
ISO 27001100%
ONR SyAPS85%

Client Projects

My history of Enterprise Client security projects.

Cyber Security Specialist

Sizewell C | Nuclear CNI

  • Engage with internal and external partners to ensure services are secure by design.
  • Audit vulnerabilities and provide actionable mitigation strategies.
  • Conduct security reviews, risk assessments, and audits.
  • Ensure compliance alignment with recognised industry frameworks.
  • SC Cleared - Comfortable working in Highly Regulated Environments.

Security Consultant

Northern Power Grid | Electricity CNI

  • Endpoint security controls within OT pre-production environment using Carbon Black EDR.
  • Authored (HLD/LLD) security designs, contributing to defensible architecture.
  • Delivered tailored application control baselines and custom EDR rule sets.
  • Mentored internal teams on secure operations, post-project handover.

Infrastructure Security Engineer

Ineos Oil & Gas | Oil & Gas

  • Delivery of a NIST-aligned cyber security program across IT and OT infrastructure.
  • Oversaw onboarding of MSSP, SIEM (Dell SecureWorks), and tuning of IDS/IPS policies.
  • Deployed enterprise EDR, DNS security (Carbon Black, Cisco Umbrella), and IAM controls (OKTA).
  • Azure and O365 security architecture with hardened image deployments and automated patching.
  • Projects delivered despite the covid shutdown.

Infrastructure Security Engineer

Kobalt Music Publishing | Media & Entertainment

  • Deployed global EDR and SIEM solutions (Carbon Black, Splunk), enhancing detection and response.
  • Onboarded IAM solutions (OKTA) and drove secure integration with AWS, Confluence, and JIRA.
  • Hardened systems using CIS benchmarks, with automation of secure Windows 10 builds.
  • Developed and enforced global security policies, procedures, and vulnerability management processes.

Network Systems Analyst

ACCOR Hotels UK & Ireland | Global Hospitality

  • Delivered secure infrastructure support across 250+ sites during a major digital transformation, contributing to PCI DSS compliance across UK & European hotel networks.
  • Migrated legacy Exchange to Office 365, enabling secure and scalable email infrastructure.
  • Decommissioned legacy VPNs and coordinated secure firewall upgrades across 200+ Cisco devices.
  • Implemented secure scripting, patching automation, and compliance monitoring using PowerShell, SCCM, and event log auditing.

Explore More Resources

Dive deeper into cybersecurity implementations, live monitoring, and expert guidance.

Case Studies

Visual showcase of cybersecurity implementations, security architecture diagrams, and project outcomes.

  • Security architecture diagrams
  • Compliance framework mappings
  • Threat intelligence dashboards
  • Real-world implementation examples
Explore Case Studies

AI Assistant

Chat with an AI assistant trained on Brian's cybersecurity expertise. Discuss your project, assess fit, and get expert guidance.

  • Ask about skills and experience
  • Discuss your project requirements
  • Pre-screen project fit
  • Leave your contact details
Ask Brian

Get in Touch

Interesting projects?
Get in touch to discuss how I can help in designing and implementing effective security controls across cloud environments and implementing effective GRC.

Please use the contact form or connect on LinkedIn.

Contact Me

Get in touch to discuss your cybersecurity needs or ask questions about my services.

Kent Wildlife Trust logo
ACCOR HOTELS logo
KURT GEIGER logo
Kobalt Music logo
INEOS Oil & Gas logo
Sizewell C logo
Sizewell C logo
Brian Stephens

© 2026 Brian Stephens. All rights reserved.

Privacy Policy