Amber Higgin

Im a passionate and driven cyber security professional with over 5 years' experience delivering and managing cyber projects. I've been able to make an impact across public sectors like the NHS and private sectors such as DXC, Avanade and Venator materials. I've built u the reputations that I am technically sound, strategic and collaborative using my own experiences and drawing on other people's knowledge and specialties.

I understand that cyber security is a fine line between ensuring an organisation is secure but allowing the business to operate smoothly.

I was recently responsible and accountable to architecting and delivering an email security solution. I had to ensure that that the correct resources were lined up. I held technical teams accountable for deadline but also there for support and to help alleviate blockers.

I've lead incident responses, developing playbooks, running table top exercise and taken the lead on decision making. A proud moment is when I built a vulnerability management from the ground up. Engaging the correct stake holders and increasing engagement to get people to understand why this is important. Then reporting key metrics to the board in a way that makes sense to them. I've improved Azure secure scores over 125% by targeted initiatives to get people involved.

The work I do is all based around frameworks such ad NIST and ISO270001 to ensure all organisations are working to a standard.

I've lead SEIM maturity projects to help to integrate feed of data to give better visibility it complex environments. Creating detection and protections based on red team and purple team engagements. Woking to strengthen detection capabilities.

Beyond the technical side Im really committed to user awareness and education to build a strong and inclusive security culture. I'm responsible for delivering engaging awareness activities, some of these include lunch & learns as well as a cyber security escape room. I have written security flyers to keep the users of businesses tips and tricks to keep themselves safe online as well as sharing real world stories to get people to think about behaviours and how to keep the company safe.

I treat everyone and every situation with integrity and aim to create a transparent environment where people feel safe to learn and contribute. I am ambitious and want to work in a place where there are a lot of progression and learning opportunities. I feel I would bring a lot of experience to the role but also be able to learn from my peers.

I am a previously SC/DV cleared IT professional with over 10 years’

experience in the industry. I am committed to protecting digital assets and driving a proactive security culture across the organization. With a strong foundation in cybersecurity principles and compliance frameworks, I take pride in identifying risks, implementing effective controls, and staying ahead of emerging threats. I bring leadership qualities to every project,

often taking initiative to guide cross-functional teams, mentor colleagues,

and influence strategic decisions that enhance security posture. My collaborative approach, combined with a keen eye for detail and continuous learning, enables me to lead by example and contribute meaningfully to a resilient and secure digital environment.

EXPERIENCE

2025

 SSCP - Systems Security

Certified Practitioner

2023

 Certified in Cyber Security

 NIST Training

2021

 Splunk Fundamentals 1

 Splunk Fundamentals 2

 Splunk Fundamentals 3

 Splunk Cloud

2021- Present

Security and Compliance Analyst – Venator

Venator has given me lots of opportunity to lead in the cyber security space.

I have taken on responsibility for all areas of security.

 Led major incident responses and coordinated investigations using IR playbooks.

 Monitored and action alerts across platforms.

 Delivered a phishing campaign that significantly reduced business-

wide risk.

 Improved Azure Secure Score through targeted initiatives.

 Supported Splunk maturity and optimization.

 Created and lead the Vulnerability Management Program.

 Advised on secure configurations and mitigating controls.

 Ensured new systems met compliance and introduced no additional risk.

 Reduced OT environment risk through focused security efforts.

 Produced board-level reports and contributed to security KPIs.

 Created and reviewed security policies annually.

 Designed and delivered engaging cyber awareness training, including an interactive cybersecurity escape room to promote learning through gamification.

 Assisting in purple team and red team exercises

 Led the design and implementation of advanced cybersecurity solutions, including Extended Detection and Response (XDR)

platforms and secure email gateways, to enhance threat visibility,

incident response, and overall organizational resilience.

 Working to NIST and ISO270001 frameworks

 Lead Compliance investigations and DSAR



Administration

2020

 Microsoft Azure

Fundamentals

 Microsoft 356

Fundamentals

2015-2017

Systems and Networking Apprentice

• HP

Completing a Level 3 Systems and networking apprenticeship has given me a broad

2018

• ITIL

2015-2016

• Level 3 System and

Networking

Apprenticeship – Distinction

Professional Memberships

 (ISC)²

 STEM Ambassador

2020- 2021

Cloud security Analyst – AvanadeAvanade created the opportunity for me to work on technical cloud projects.

Within this role I have supported clients through what kind of solution they want/need, creating the documentation and plan how to carry this out, then doing the technical work. I also supported BAU for over 10 different clients.

This has included solving a wide range of 3rd line issues with different infrastructure environments and ensuring they are secure. I have predominantly worked in Azure; I quickly picked up an understanding of the cloud. Especially cloud security.

• Supporting cloud services such as windows, log analytics, storage accounts, rbac, azure firewall, nsg’s and other cloud services.
• Contributing to daily meetings, highlighting trends, and upskilling on any new technologies where required.

2018-2020

It Technical Development Officer – NHS

IT Technical development has given me a deeper understanding of all aspects of IT. With this knowledge I have been able to build on these skills and have developed a new love for configuring, customising and building new technology from the ground up. The biggest project I have worked on while I have been in this role is creating a Windows 10 customised image and to roll this out to an estate of 3500+ machines.

I have been heavily involved with the security team. Helping to look at any security issues within windows 10 and how to manage them time and cost effectively. I have undertaken tasks to work towards being Cyber Security + accredited.

• Leading technical teams throughout the windows 10 roll out
• Participating in an on-call rota
• Managing and leading teams
• Testing security policies
• Supporting/ managing ATP

2017-2018

Server Infrastructure Apprentice – DXC Technology

I entered within my apprenticeship in Systems and networking. Within this role

I was often working as an individual to solve 2nd and 3rd line issues. I collaborated with different members of the team to achieve overall success and to stick to strict SLA’s. Cyber security is my passion so while in this role I voluntarily shadowed and helped the cyber security team. I assisted with ensuring the organisation was working towards achieving IS0270001

accreditation. This included doing new starter presentation and refresher courses on Information Governance.

• Supporting servers across multiple domains
• Completing technical changes and incidents
• Participating in cab meetings
• Taking on responsibility of being a lead local security officer for the site
• Network port tracing
• DHCP

SSCP - ISC2

CC -ISC2.