top of page
Dan Steel, lead information security & data protection consultant

Dan Steel

Information Security Consultant 

Certified Information Security Systems Professional (CISSP)
Certified Information Security Manager (CISM) badge logo by ISACA
00193.png

A Bit About Me

Trust is fundamental and it's the core of information security. I've been fortunate enough to spend the past decade of my career being trusted by some incredible household names to build provable information security functions within their organisation, to in turn grow trust with their customers.

​

I'm passionate about helping small organisations early in their journey to define, build, and operate an appropriate cyber security and data protection programme that's pragmatic and won't tie their business up in red-tape. 

​

Starting with the questions "what are we trying to protect? From who? And why?" I can help design a information security management system that is appropriate for achieving your goals of reducing material risk to the organisation and proving to your customers that data is secure.

Work Experience

April 2023 - March 2024

Airtime Rewards

July 2021 - April 2023

X-Lab
NHS Test and Trace

November 2019 - July 2021

Purple WiFi

May 2019 - November 2019

THG

April 2015 - March 2019

Missguided

Migration of compliance programme to new RegTech solution

Delivery of level 1 Service Provider compliance for PCI DSS 3.2.1

Designed, implemented and operated a security programme across Governance, risk, and compliance (GRC), Security Operations, and Product Security for the UK"s Test Trace Contain Eradicate (TTCE) programme for Covid-19

Defined the business' compliance and certification strategies for new products and new geographies

Built initial Cyber Security & Data Protection function

Managed integration of acquired business into group security programme

Worked with clients on 7 continents ensuring GDPR compliance of their use the SaaS tool

Implemented first SIEM & MSP partner

Managed Detection & Response sub-functions of the Security Operations Centre

Assessed M&A targets for security maturity

​

​

Designed and built inaugural cyber security department

Delivered 4 years of PCI DSS compliance

Ensured security of AWS migration

Design and operation of GDPR programme at inception of regulation

Book a chat with Dan

click below for a free consultation on your cyber security & data protection challenges

bottom of page