Andrew is available for hire

Andrew Olson

Verified Expert in Engineering

Security Architecture Developer

Location

London, United Kingdom

Toptal Member Since

November 19, 2021

Andrew is a seasoned security leader covering the strategy and architectures of complex digital security, cloud, and enterprise initiatives. He has extensive experience working with multidisciplinary teams and C-suite leaders across the banking, finance, technology, and retail sectors. Experienced in leading, consulting, devising, and executing strategies, Andrew maintains a highly technical skillset and enjoys advising on digital and cloud platform security and transforming business security.

Security Architecture Information Security Cloud Security Application Security Software as a Service (SaaS)Amazon Web Services (AWS)Google Cloud Platform (GCP)Python SaaS Cloud Migration Data Loss Prevention (DLP)PKI Firewalls DMZ Networks Enterprise Resource Planning (ERP)Cloud Security Framework Certified Information Systems Security Professional (CISSP)

Portfolio

Enterprise Blueprints

Consulting, Architecture, Management

International Airlines Group (IAG)

Amazon Web Services (AWS), Snowflake, OAuth 2, Containers, Tokenization...

Lloyds Banking Group

Amazon Web Services (AWS), Google Cloud Platform (GCP), Azure, HashiCorp...

Experience

Security Architecture - 19 years Data Security - 19 years Enterprise Architecture - 14 years Certified Information Systems Security Professional - 12 years Application Security - 10 years Cloud Security - 10 years Software as a Service (SaaS) - 8 years Agile Practices - 6 years

Availability

Part-time

Preferred Environment

Windows, Visual Studio Code (VS Code), Office 365, Confluence, Amazon Web Services (AWS), Google Cloud, Azure, SaaS

The most amazing...

...I've accomplished is starting with a few simple ideas and building a foundational cloud security capability for a bank to deliver its services.

Work Experience

Consulting Security Architect

2023 - PRESENT

Enterprise Blueprints

Managed and built a security team of architects to provide consultancy to global clients.
Evolved internal controls to continue ISO 27002 accreditation.
Managed security architecture for Southeast Asian banking platform.

Technologies: Consulting, Architecture, Management

Security Architect

2021 - 2023

International Airlines Group (IAG)

Oversaw the security of the platform and its use by various brands within the group.
Spearheaded data security architecture within the group.
Developed the platform security strategy to meet the data demands across the group.
Managed the security engineering function to ensure alignment with security objectives.
Provided security leadership on automation, microservices, and event-driven architectures and platform integration security.
Defined and realized cloud security architecture for the group (AWS) to be adopted by multiple operating companies.

Technologies: Amazon Web Services (AWS), Snowflake, OAuth 2, Containers, Tokenization, Information Security, SAML, PingFederate, Platform as a Service (PaaS), SaaS, Web Application Firewall (WAF), Patterns, IT Strategy, APIs, Solution Architecture, DevSecOps, Cloud Security, Data Security, Security Architecture, Enterprise Architecture, Stakeholder Management, Leadership, Management

Enterprise Architect | Cloud Security

2020 - 2021

Lloyds Banking Group

Crafted a bank-wide strategy for cloud security and roadmap that balances aggressive adoption with “secure-by-default” thinking with Azure, GCP, AWS, and other SaaS.
Formulated capabilities such as key management, data leakage, and data exfiltration prevention.
Defined a solution balancing identity management concerns with IAM capabilities within the cloud.
Advocated cloud security priorities across the bank from engineering through technology and security leadership (CISO, CTO).
Developed security capabilities to support large-scale migrations to the cloud from data centers.
Refined a multi-cloud security approach to support portability and operational concerns.

Technologies: Amazon Web Services (AWS), Google Cloud Platform (GCP), Azure, HashiCorp, PingFederate, SaaS, Platform as a Service (PaaS), SAML, Containers, OAuth 2, Cloud Migration, IT Strategy, APIs, Patterns, DevSecOps, Cloud Security, Data Security, Security Architecture, Information Security, Enterprise Architecture, Stakeholder Management

Cloud Security Architect

2019 - 2020

HSBC

Provided a clear strategy for cloud security and roadmap including service consumption and integration, DevSecOps, response, and remediation.
Performed industrialized approaches for securing cloud services run by the bank based on the current threat landscape and risks.
Defined automation of security patterns and guardrails across cloud platforms (GCP, AWS).
Managed stakeholders across technology and business teams and leaders across the bank’s organizational units and technology vendors and consultancies.

Technologies: Google Cloud Platform (GCP), Amazon Web Services (AWS), Patterns, IT Strategy, Cloud Security, DevSecOps, Data Security, Security Architecture, Information Security, Enterprise Architecture, Stakeholder Management

Digital Security Architect

2018 - 2019

National Australia Bank

Uplifted API authentication methods within the bank.
Led the improvement of central DevOps security (DevSecOps) capabilities to increase agility and predictability.
Led security architecture for microservices and AWS cloud deployments.
Architectured a new compliance gate, enabling rapid automated deployments within the cloud.
Aligned security with divisional divestment strategies.
Spearheaded architectural governance and strategy across on-premise and cloud.
Performed technical leadership on application security strategies.
Acted as a stakeholder manager and liaisoned with senior business leaders, architecture, and delivery teams.

Technologies: OAuth 2, OpenID Connect (OIDC), APIs, IT Strategy, Application Security, Patterns, Solution Architecture, Cloud Migration, Cloud Security, Data Security, Security Architecture, Information Security, Enterprise Architecture, Stakeholder Management

Lead Digital Security Architect

2017 - 2018

Lloyds Banking Group

Developed fraud solutions to support customer enrolment journeys.
Developed transactional verification solutions that interacted with customers via apps and the web.
Defined the SaaS strategy for fraud and authentication platform integrations.
Oversaw and managed the delivery of featured teams to ensure alignment with architecture objectives.

Technologies: APIs, OpenID Connect (OIDC), JSON Web Tokens (JWT), Solution Architecture, Enterprise Architecture, Cloud Security, SaaS, Fraud Prevention, Data Security, Security Architecture, Information Security, IT Strategy, Stakeholder Management

Lead Security Architect

2016 - 2017

Natwest Markets

Led the delivery of architecture for an enterprise data classification and data leakage solution.
Aligned security solutions with divestment and ring-fencing goals.
Performed stakeholder management of multi-disciplinary teams: senior leadership and C-suite, programme management, the architectural leadership team, and delivery teams in engineering, support, and security assurance.

Technologies: Classification, Architecture, Information Security, Security Architecture, IT Governance, Data Loss Prevention (DLP), Data Security, Cloud Security, Enterprise Architecture, IT Strategy, Stakeholder Management

Senior Digital Security Architect

2011 - 2016

Lloyds Banking Group

Performed strategic leadership on resourcing for third parties and internal bank staff to deliver key programs.
Provided security architecture for a new retail online banking service.
Delivered solutions for card fraud prevention systems.
Provided stakeholder management to ensure solutions are fit for purpose and pragmatically balanced security and business needs. This also involved identifying and assessing concerns and reusable assets such as patterns, standards, and roadmaps.

Technologies: APIs, Application Security, Application Architecture, Fraud Prevention, Security Architecture, Stakeholder Management, IT Governance, Data Security, Cloud Security, Information Security, Enterprise Architecture, IT Strategy

Senior Security Consultant and Technology Specialist

2006 - 2010

Microsoft

Performed architectural and business leadership for broad and complex technical issues to customers and partners.
Provided architectural and specialist guidance on using Microsoft security technologies, including DLP, antimalware, and secure application publishing.
Developed and implemented an end-to-end security solution for the British Library's turningthepages.com project, allowing the public to view rare manuscripts online.
Designed Microsoft security architecture for a major bank’s mortgage lending application, minimizing costs and operational overhead.
Designed the architecture and led the security team for the national health provider email migration to Microsoft Exchange Online to scale up to 1.2 million users.
Created a global PKI for one of the largest pharmaceuticals headquartered in the UK.
Built a PKI and supervised its implementation for a major emergency service in London.

Technologies: Windows, APIs, Security Architecture, Presales, Stakeholder Management, Public Speaking, Sales Presentations, Architecture, Client Success, PKI, Data-level Security, Information Security, Antivirus Software, Application Security, Data Security, Enterprise Architecture, IT Strategy

IT Security Consultant

2004 - 2006

IBM

Architected DMZs and a malware solution for DMZ for a retail company and an institutional bank in the Asia Pacific.
Built a remote access VPN solution for the same businesses.
Architected and implemented a PKI to be used by those companies.

Technologies: Firewalls, PKI, Windows, VPN, Computer Networking, Security Architecture, Data-level Security, Application Security, Antivirus Software, Virtualization Technology, DMZ Networks, Data Security, Information Security, Enterprise Architecture, IT Strategy, Stakeholder Management

Systems and Security Architect

2002 - 2004

Campbell Soup Company

Owned all security-related activities for the Asia Pacific region.
Mentored and provided technical leadership to the IT team within the Asia Pacific, spanning multiple countries and cultures, including Australia, New Zealand, Indonesia, Japan, and Vietnam.
Managed system and network security compliance, including security compliance of regional applications and infrastructure.
Developed, planned, and delivered the architecture for major systems (e.g., ERP, manufacturing) to support the overall business requirements for the Asia Pacific region.
Built and maintained global security policies and procedures together with the worldwide security team.

Technologies: Firewalls, Enterprise Resource Planning (ERP), DMZ Networks, Antivirus Software, IP Networks, PKI, Security Architecture, VPN, IT Governance, Data Security, Information Security

Experience

Continuous Compliance (aka Deputy)

This project delivered the first version of an automated governance platform and framework. The platform assessed and enforced compliance and initiated continuous integration pipelines for every build.

Skills

Other

Certified Information Systems Security Professional, IT Strategy, Enterprise Architecture, Security Architecture, Information Security, Stakeholder Management, Cloud Security, IT Governance, Data Security, Leadership, Application Security, Software as a Service (SaaS), Agile Practices, OpenID Connect (OIDC), APIs, Solution Architecture, Containers, Tokenization, Platform as a Service (PaaS), SaaS, Web Application Firewall (WAF), Cloud Migration, Patterns, Fraud Prevention, Compliance, Classification, Architecture, Data Loss Prevention (DLP), Presales, Public Speaking, Sales Presentations, Client Success, PKI, Data-level Security, Antivirus Software, Firewalls, Computer Networking, Virtualization Technology, DMZ Networks, Enterprise Resource Planning (ERP), IP Networks, Consulting

Platforms

Amazon Web Services (AWS), Google Cloud Platform (GCP), Azure, Windows

Languages

Python, Snowflake, SAML

Frameworks

OAuth 2, JSON Web Tokens (JWT)

Tools

HashiCorp, Microsoft Teams, VPN

Paradigms

DevSecOps, Application Architecture, Management

Storage

PingFederate, Google Cloud

Certifications

SEPTEMBER 2017 - PRESENT

AWS Solutions Architect Associate

Amazon Web Services

JANUARY 2002 - JANUARY 2014

Certified Information Systems Security Professional (CISSP)

ISC2

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring