top of page

Jay Baird

Cyber Security and Information Assurance Specialist

Phone:

+44 (0)1900 822 458 (Office)
 

LinkedIn:

Key areas of expertise:

  • Security Architecture, Risk Assessment and Security Assurance of IT/ OT/ Hybrid and Cloud Implementations

  • Establishing Cyber Security Transformation Programmes

  • Data Protection legislation and governance

  • Export Control legislation, regulation and governance

  • UK Critical National Infrastructure Sector Experience; Civil Nuclear (New build and Decommissioning), Defence Nuclear, Energy (Nuclear, Renewables), Transport (Rail, Highways). Defence (UK & International)

  • Cryptographic Custodianship

Certifications & Memberships:

NCSC Senior Information Risk Advisor
NCSC Practioner Information Assurance Architect
Foundation Degree: Police Studies
HMG Cyber Mobile Forensics

A Bit About Me

James is a highly experienced Information Assurance and Cyber Security Architect who can demonstrate an established track record in the implementation of holistic security solutions.
James has a combined experience of over 26 years working across a diverse portfolio of security related disciplines which enables a delivery focused holistic approach to cyber security architectural design, engineering, information/ system/ component level risk assessments and governance development for both IT, Cloud, Hybrid, IoT/ IIoT and OT solution-spaces.


James has extensive experience implementing risk-based cyber security architectural solutions within private sector, regulated industries, critical national infrastructure and HMG environments at up to HMG Top Secret Caveat.


Crucially, James is driven to ask ‘Who, What, When, Where, Why & How" to facilitate Cyber Security & Privacy transformation.

​

James strongly believes in the value of soft-skills augmenting technical skills and knowledge to information security and architecture. James has excellent written and communication skills and overall exemplars a passion and an infectious enthusiasm to implement solutions balancing security, privacy, functionality, cost-effectiveness against the over-arching business needs of his clients.

Download Pen Portrait
Download CV

Recent Assignments

2018 - 2025

Cyber Security & Information Assurance (CS&IA) Specialist, Sellafield Information Services Organisation, UK. Senior then Lead level Risk Assessor IT and OT Systems utilising HMG IS1+CSF bolt-on tooling, STPA-Sec & Security Architecture, including: 

  • Journey to Cloud (J2C) Cyber Security Technical Lead working alongside Microsoft Industry Solutions: Project 1 & 2: Tenant rationalisation and Security baseline, Azure Landing Zones/ SecDevOPs, Modern Service Management for Security, Tranche 4 Programme: OS:SNI: Store/Process Sovereign Data in Public Cloud, Programme nominated for the 2024 Best Cloud Project (Other) Computing: Cloud Excellence Awards.

  • Intelligent Client supporting Partnership Programmes: PPP, ISA and IDP.

  • Strategy Development: Cloud Adoption Strategy, ‘Security by Design’ and ‘Privacy by Design’, Cloud Forensics Strategy, Export Controlled Information Strategy, Cloud Information Risk Assessment Augmentation strategy.

  • Developing Governance where new capabilities necessitate, or legacy capabilities change.

  • Security Architecture Design and Information Risk Assessment of various PaaS and SaaS Cloud Solutions.

2016 - 2018

Deputy CISO, ITSO & Cyber Security Officer, Accreditor, Horizon Nuclear Power, UK. Design Authority Cyber SME supporting the Cyber and Information Assurance OT design of UK ABWR for the Wylfa Newydd (new build) nuclear power station. Additional roles included: Horizon Crypto Custodian, Export Control Technical Officer (ECTO); Horizon representative for NCSC Working Groups (CNITIE, SNI WG, Cloud Sy WG, CISO WG). Was Lead Cyber SME in the following work-packages/ activities:

  • Led and implemented the Horizon SIENA UK SECRET network achieving the successful accreditation of the system. Identified and implemented TEMPEST mitigation controls in accordance with HMG GPG 14 and NATO SDIP 27/29/30.

  • IA/Cyber and architectural review on behalf of the Horizon Design Authority for the Conceptual Security Arrangements of the UK ABWR for the GDA phase of the Wylfa Newydd new nuclear build.

  • Led IA risk assessments of cloud-based and on-premise solutions utilising HMG IS1/2, ISO 27001:2013, CIS Benchmark and NCSC cloud security principles supporting the implementation of the applications supporting Horizon Information Management Systems.

  • Led work package activities implementing GDPR and DPA compliance. Creating a GDPR compliance framework, authoring DPIA’s of key systems.

  • Developing Strategy, Policy & Procedures and ISO27000 ISMS.

  • Representing Horizon as a Cyber Security keynote speaker at an International Energy Event (Denmark).

2012 - 2016

Cyber Security Consultant, Cyber Security Architect and Systems Engineer roles, Thales, UK. Architectural design and development of large and medium scale cyber-physical security solutions. Design new systems and integrate new capabilities within retained legacy systems delivering security enhancements.
Undertake IA risk assessments, conduct Business Impact Assessments (BIA), Vulnerability Analysis (VA) and authoring Risk Treatment Plans (RTP’s) and Security Case’s compliant with HMG, MOD, International Standards, Policies and Regulatory requirements. Projects included:

  • Sellafield Security Enhancement Programme (SSEP):

  • Sellafield PES/SCADA Cyber Security Pilot Project

  • Sellafield IRAM Project

  • National Nuclear Laboratory: Central Laboratory

  • Kuwait National Guard (KNG)

Testimonial

 

​

bottom of page