Matt Adams

Enterprise Security Architect

Home Blog CV View on GitHub


I’m a CISSP and CCSP certified Enterprise Security Architect, with expertise in assessing and implementing cyber security solutions to safeguard business critical assets.

My strengths include: leading cyber risk assessments to assist clients to better understand and manage their exposure to cyber threats, enabling more informed business decision making; and architecting robust security solutions, incorporating a defence in depth approach to designing security controls in line with clients’ requirements.

I have a superior knowledge of information protection, securing assets throughout the data lifecycle from creation to destruction and also have extensive experience of delivering security improvement programmes to achieve a step change in organisational cyber security maturity levels, addressing potential security breaches and security audit recommendations.

If you would like to contact me about a potential role then either please message me on LinkedIn.

My Expertise


Global Security Architect - Costa Coffee

Jan 2020 - Present

Accountable for the development of information security architecture across the entire Costa Group.

Director - Cyber Threat Consulting

Oct 2014 - Jan 2020 (5yrs 4 mos)

Operated as an independent contractor, delivering cyber security consultancy services to organisations such as Whitbread, NFU Mutual, The London Metal Exchange and the Department for Education. See details of contracts that I have delivered for clients below (and my permanent career prior to that).

Senior Information Security Consultant / Architect - Whitbread (Contract)

Jan 2019 - Dec 2019 (12 mos)

Engaged to provide assurance and a conceptual design for security services to ensure secure separation of systems and data from the Whitbread IT estate as part of Coca-Cola’s acquisition of the Costa brand. Lead the production of a conceptual design for security services to ensure secure an equivalent level of protection for Costa data and applications pre and post migration. Reviewed solution designs proposed by the client’s outsourced IT provider to identify potential gaps in capability and implementation of security standards (ISO 27001, CIS & Microsoft Security Baseline). Completed risk assessment of compliance gaps, providing pragmatic options for remediation.

Cyber Risk Management Consultant - NFU Mutual (Contract)

Jun 2016 - Dec 2018 (2yrs 7 mos)

Engaged to implement a new cyber risk assessment methodology to assist with the quantification of exposure to cyber security risks. Provided subject matter expertise for information security, advising business users on security best practices and provided second-line assurance of security controls implemented by strategic projects. Also provided GDPR and data protection compliance guidance to strategic business projects.

Key achievements:

Cyber Security / Information Security Manager - Department for Education (Contract)

Apr 2016 - Jun 2016 (3 mos)

Engaged on short term contract to leverage my expertise of Government information assurance and security requirements for public sector organisations.

Key achievements:

Information Security Consultant - London Metal Exchange (Contract)

Feb 2014 - Apr 2016 (2yrs 3 mos)

Engaged as Information Security Consultant to significantly improve the cyber security maturity of the organisation following identified security shortfalls in an external audit by KPMG.

Key achievements:

Earlier Career - Deloitte

2006 - 2014 (8yrs)

Various positions within the Technology, Assurance & Advisory and Security & Resilience teams, graduating from Consultant to Senior Manager positions.

Key achievements: