Meet the Compliance Team

Heading up our compliance team is Nicky Whiting. With over 20 years’ experience in the IT and cyber security sector Nicky brings an unrivalled breadth of knowledge and value to our customers.

Nicky says her main driver is delivering above and beyond what is expected. In previous roles, she has devised a number of training courses including CISMP, GDPR Practitioner and Cyber Security Foundation. Throughout her career, she’s helped customers achieve valuable success through GDPR, ISO 27001, Cyber Essentials and PCI DSS.

The shift to remote working and delivering compliance consultancy virtually hasn’t halted Nicky in her compliance mission:

Luke joined us as our first Compliance Officer and apart from being able to name all 151 original Pokémon’s in under 7 minutes (seriously – he can), he’s also pretty nifty with GDPR and data protection.

Luke has several certifications under his belt including GDPR Practitioner, Certified Data Protection Officer and Cyber Essentials Assessor.

Luke's passion lies in developing engaging training programmes for our clients which is why his role has now expanded to Consulting and Training Team Lead. When speaking about his role, Luke says that he strives to conquer the label that compliance training is boring.

His mission is to get people excited about their training, rather than roll their eyes. He’s even delivered webinars with magicians to get his audience excited about data protection and put into practice what they’ve learnt.

His advice to anyone that wants to work within compliance consulting is to be able to make a connection with the customer:

Vera is one of our dedicated GDPR Consultants and has had a long and varied career. She first graduated in Economics, then moved into roles that included programming and project management, before making the move to cyber security and compliance. Her breadth of experience enables her to better understand the complicated challenges that our clients face with their compliance and data protection.

Vera is always looking to add to her wealth of knowledge, and enjoys attending ID and Blockchain meetups in her spare time.

With her exciting and refreshing approach to her work, Vera says:

Michael joined us in September 2020 as our first Graduate Cyber Security Consultant. He came armed with a BSc in Computer Systems and a Masters in Cyber Security. With such an aptitude for learning, it’s no surprise that within a month of joining Bulletproof he passed his GDPR Foundation course and Cyber Essentials Assessor exam, then went straight on to pass his GDPR Practitioner course.

A main focus for Michael is helping organisations achieve their Cyber Essentials certifications. He claims it’s a great feeling when a customer attains their certification.

He believes that cyber security and data protection are constantly evolving, so it’s important to pay close attention and have a lot of patience:

Rebecca joined Bulletproof as a GDPR expert, helping our customers to meet and maintain their GDPR compliance. This includes ongoing data protection support as a qualified DPO. With experience in both a Fortune 500 company and an NHS trust, Rebecca is well equipped to combat a range of GDPR and data protection challenges.

Rebecca believes that prevention is always better than cure. She says organisations who invest in their compliance can avoid the reputational and financial repercussions that come from data breaches.

The longest standing member of the team, Bradleigh, initially started at Bulletproof as a Security Operations Centre Analyst. However, with a keen interest in guiding people through the complexities of compliance, it was a natural progression for him to become one of our consultants.

Bradleigh has always had a passion for technology, completing diplomas in IT, ICT and a BSc in Forensic Computing and Security. He’s also a Certified Information Systems Security Professional. With this in mind, it’s no surprise that his area of expertise is put to good use helping organisations through the technical complexities of security standards, including ISO 27001, ISO 9001, PCI DSS and GDPR (If there’s an acronym for it, he knows it).

The most common compliment said about Bradleigh is how his enthusiasm helps to embed compliance as a standard part of company culture. He puts this down to having his previous SOC experience before joining the compliance team: