Will Atkins

Experienced security leader with technical depth, currently Head of Information Security for one of the UK's largest wholesale/retail foreign exchange providers. Delivered first-time ISO 27001 certification, strengthened PCI DSS assurance, and improved incident response and risk governance at exec/board level. Strong understanding of IT Ops, with experience building high-performing teams and partnering effectively with business stakeholders to address risk.

Head of Information Security at First Rate Exchange Services (2022-02 – Present)

• Set and delivered the information security strategy and roadmap for a 280-person financial services business, maintaining a modern security estate and meaningfully reducing risk.
• Delivered first-time ISO 27001 certification and successful recertification, owning ISMS governance, risk assessment, control remediation, audit readiness, and stakeholder engagement across the business.
• Led IT & Information Security risk management, presented results quarterly to Audit and Risk Committee.
• Delivered Cyber Essentials certification and ongoing PCI DSS compliance through transition to v4.
• Partnered with DevOps to embed secure-by-design principles across cloud workloads and improve policy enforcement processes.
• Owned internal cybersecurity incident response and the third-party SOC relationship, improving response readiness through tabletop exercises with technical teams, business units, and executives.
• Responsible for security awareness and training across the business to reduce exposure to internal and external threats.
• Contributed to company GenAI risk assessment activity, helping assess emerging AI use cases, security risks, governance requirements, and appropriate controls for responsible adoption.

Information Security Manager at British Heart Foundation (2020-10 – 2022-02)

• Responsible for all infrastructure and EUD vulnerability management, 6000 devices across 750 retail stores.
• Served as technical consultant for web application vulnerabilities and organised regular penetration tests.
• Started and led IT-wide initiative to identify and remove end-of-life infrastructure.
• Chaired Patch Management Board, meeting monthly to monitor KPIs and 3rd party patching and raise issues such as unpatchable and end-of-life services.

Cyber Security Analyst at First Rate Exchange Services (2018-09 – 2020-09)

• Led implementation of a managed SIEM & SOC solution, managed ongoing 3rd party relationship.
• Helped prepare and execute PCI DSS Level 1 audits, including risk assessment and treatment, regular evidence gathering (firewall reviews, data retention), and leading the physical security audit.
• Conducted gap analysis for ISO 27001 certification.
• Led Privileged Access Management project, replacing a legacy password vault with a modern solution.
• Created and ran information security awareness campaigns for information security, including presentations to the board.
• Ran monthly Information Security Forum, which gathered heads of departments to discuss security issues around the business.
• Responsible for vulnerability management, ensuring compliance requirements were met.
• Organised and managed all pen testing activity (infra, web, cloud etc.) and remediation.
• Closely involved in cloud transition project to Azure.

Analytical Chemist/IT Supervisor at Rebio Technologies (2016-12 – 2017-09)

• Took initiative to fix critical IT systems when they failed and took on the role of IT supervisor as a result.
• Continued to develop IT skills (Active Directory, Group Policy, PowerShell for administration and automation), eventually leaving to pursue an MSc in Information Security.

MSc in Information Security – Royal Holloway University (2017-09 – 2018-08)

BSc (Hons) in Chemistry with Biochemistry – Queen Mary University (2011-09 – 2016-07)