Open to opportunities

Laura Palmer

@laurapalmer

Message

Strategic cyber security leader with over 10 years of experience.

Zimbabwe

Message

What I'm looking for

I am looking for a role that challenges me and allows for professional growth in cyber security.

I am a strategic and results-driven cyber security leader with over 10 years of experience in defining, assessing, implementing, and maturing cyber security frameworks and standards. My expertise lies in leading cross-functional teams, improving cyber maturity, managing incidents, and fostering a culture of security and collaboration.

Currently, I serve as the IT Business Planning & Cyber Security Manager at Northern Trains Ltd, where I have designed and executed a comprehensive cyber security strategy aligned with NIS compliance. I lead a team of cyber professionals and work collaboratively with key stakeholders to enhance our cyber capabilities. My previous roles have equipped me with a robust understanding of regulatory compliance, risk management, and incident response, allowing me to effectively manage security threats and ensure organizational resilience.

With a strong focus on education and awareness, I strive to embed a security culture across organizations, empowering users to seek support and understand their roles in maintaining security. I am passionate about leveraging my skills to drive continuous improvement in cyber security practices and contribute to the overall success of the organization.

Experience

Work history, roles, and key accomplishments

Current

IT Business Planning & Cyber Security Manager

Current

Northern Trains Ltd

Jul 2024 - Present (1 year)

Designed and currently executing a strategy for cyber security at Northern, driven from a cyber capability maturity framework, aligning with NIS compliance. Built and currently leading a team of 3 cyber professionals, a data protection officer and a planning support analyst with a strong focus on development and coaching.

NIS Compliance Team Leadership Data Protection Stakeholder Engagement

Cyber Security & Compliance Manager

Northern Trains Ltd

Apr 2022 - Present (3 years 3 months)

Ensured compliance with the Network and Information Systems (NIS) Directive and implemented the Cyber Assessment Framework (CAF). Developed a supply chain assessment process and contractual schedules, reporting compliance progress to the Department for Transport (DfT).

NIS Directive Cyber Assessment Framework (CAF)Supply Chain Security PCI DSS Vulnerability Management

Business Information Security Officer

Sky Betting & Gaming

Sep 2021 - Present (3 years 10 months)

Collaborated with multiple stakeholders to integrate security into project delivery and supported teams in understanding policy frameworks and compliance regulations. Defined information security technical requirements for products and applications based on regulatory and industry best practices.

Information Security Stakeholder Management ISO GDPR Risk Assessment

Senior Information Security Officer

Skipton Building Society

Dec 2019 - Present (5 years 7 months)

Managed and conducted audits of third-party suppliers, ensuring adherence to ISO27001 requirements and tracking findings. Conducted control audits for PCI DSS annual compliance and integrated PCI regulations into projects.

ISO 27001 PCI DSS Cloud Security Incident Response

Information Security Officer

Skipton Building Society

Sep 2017 - Present (7 years 10 months)

Provided management oversight as deputy and developed junior team members, representing Information Security in various meetings. Conducted control reviews aligned to ISO27001 and SWIFT attestation of compliance, and created Cyber Playbooks for incident response.

Information Security ISO 27001 SWIFT Compliance Policy Development

Securitisation Associate - Structured Finance & Reporting

Target Group Ltd

Sep 2008 - Present (16 years 10 months)

Managed the relationship with the third-party IT Servicer Provider, working to align the organization to the ISO27001 framework. Responsible for reviewing financial information to ensure adequate cashflow for securitisation payment requirements and preparing reports for board and investors.

IT Security Management ISO 27001 Financial Reporting Stakeholder Management

Education

Degrees, certifications, and relevant coursework

The Open University

BSc Economics and Mathematical Sciences, Economics and Mathematical Sciences

Studied a comprehensive curriculum in economics and mathematical sciences, developing strong analytical and quantitative skills. Gained a deep understanding of economic principles and their application, alongside advanced mathematical concepts.

Frances Bardsley Sixth Form College

A Levels, English Literature, Psychology, Music

Completed A Levels in English Literature, Psychology, and Music, demonstrating a diverse academic background. Developed critical thinking, analytical, and creative skills across these subjects.