About Richard Bartlett

Summary IT Professional with over 25 years’ experience in managing technical teams and building customer relationships. Leads the development and delivery of secure, performant IT services. Delivers success by focusing on people, process, and technology and thrives in organisations with a culture of continuous improvement.
Work History
(References available on request)
January 2022 – Present : environmental NGO
Strategic Lead Information Security
* Responsible for managing information security risk within the Royal Society of Wildlife Trusts (RSWT) and the wider federation of 46 Wildlife Trusts.
* Implemented Microsoft Azure Sentinel SIEM/SOAR and Microsoft Defender for Endpoint as part of a program of cyber security improvements.
* Developed a Cyber Security Framework for the Wildlife Trusts to support information security risk management and compliance, based on the NCSC ’10 Steps to Cyber Security’.
* Re-wrote the RSWT Information Security policy to improve readability and for use as a template policy across the federation.
* Developed Threat Intelligence briefings for senior leadership and technical staff, and Cyber Security awareness briefings for executives, managers and both technical and non-technical staff.
Interim Head of IT Customer Services and Security
2021 – 2021       University of Plymouth
* Filled the vacant Head of IT Customer Services post on an interim basis (from May to December) until a permanent candidate was appointed in the role.
* Responsible for 1st and 2nd Line Support for 2,500 staff and 18,000 students, End User Device Management, Audio-Visual and Portfolio Management Teams (7 direct reports, 39 staff).
* Led the cross-team effort (1st/2nd Line Support, Infrastructure and Development) to support the University Clearing Process during lockdown which included a significant amount of business continuity planning and invocation.
* Retained responsibility for Information Security at the University, including the Security Team (1 direct report, 4 staff), and security improvement projects.
Enterprise Security Architect
2020 – 2021       University of Plymouth
* Rewrote the Information Security policies, in alignment with ISO 27001 principles and balancing information security risk and user experience.
* Re-built the Information Security Risk register, based on an assessment of the existing architecture, systems, processes, resources and threat landscape.
* Created an Incident Response Procedure to ensure fast and effective response to Cyber Security Incidents.
* Led the implementation of Multi-Factor Authentication using Azure AD Conditional Access for all Office 365 applications, and the deployment Microsoft Defender for Endpoint across all Windows 10 and Server systems.
2019 – 2020 : Delt Shared Services Ltd
Client Services Manager
* Led a team of 32 staff, with 5 direct reports (3 Team Leads and 2 ITSM Specialists), an annual budget of £1m, responsible for incident and request management, problem management and continuous service improvement.
* Led the service design and service transition process (including change management) responsible for the effective transition of service into production.
* Built strong relationships with key stakeholders, measuring client satisfaction through service level reviews and feeding back into service design and continuous improvement.
2013 – 2019 : University of Cambridge
Head of the Clinical School Computing Service
* Led a team of 39 staff, with 7 direct reports (5 Managers, 1 Infrastructure Architect and 1 Administrator) with an annual budget of £1.5 million.
* Responsible for the departmental strategy in support the School of Clinical Medicine 5-year plan, improved by feedback from service users and key stakeholders.
* Responsible for the School’s NHS Data Security Protection Toolkit certified ‘safe haven’, supporting Research across the School of Clinical Medicine. including continuous improvement in response to user feedback, threat landscape and regulatory changes.
* Implemented the University’s first ISO 27001:2013 certified Secure Data Hosting Environment to enable collaboration with Cambridge University Hospitals NHS Foundation Trust.
* Represented the School as IT and Information Security Lead on the University ISC Operations Committee and Schools/UIS Liaison meetings.
  Previous roles
2012-13 Support Team Manager (Clinical School Computing Service, University of Cambridge)
2010-11 Service Manager (Management Information Services, University of Cambridge)
2009-10 Computer Officer (Institute of Continuing Education, University of Cambridge)
2006-09 Self Employed IT Consultant (RG Bartlett IT Services Ltd)
1997-2006 Group IT Manager (Software Imaging Ltd)
Education and Training 2017.  QA Ltd (London)
* Certified ISO27001: 2013 Practitioner
2015. QA Ltd (London)
* ILM Level 5 Award in Leadership and Management
2014. QA Ltd (London)
* ITIL® Foundation certificate in IT Service Management
* BCS Certificate in Information Security Management Principles
2008. Rezound Ltd. (Sheffield)
* CompTIA CTT+ (Certified Technical Trainer)
  1989 – 1991 : Hedingham VIth Form : Essex
AS Level Economics; A Level English, Economics and Geography (C; B, C, C)
  1984 – 1989 : Hedingham Comprehensive School : Essex
9 GCSE’s. (5 A’s, 1B, 2C’s 1D)
Experience Leadership and Management
I have spent half my career in management roles, leading small to medium sized IT teams of up to 43 staff. I’ve led technical teams as a manager and led management teams as a senior leader. I enjoy building a positive working culture, supporting staff to develop and improve, and celebrating successes as well as learning from mistakes. In recent roles I have led improvements in the following areas:

IT Strategy development. Executive level reporting of service performance and information security risk. Business Relationship Management and stakeholder mapping. Budgeting and forecasting. Staff training, appraisals, and development. Information Security Policy and Governance.
  Communication and collaboration
Throughout my career I have found engaging with others to be one of the most rewarding parts of any job, and I’ve learnt that success in technology is at least 50% people skills. I enjoy working with everyone from senior stakeholders to operational service users and learning from their input.
Critical to developing and supporting effective technology is understanding process. I’ve been part of process review and improvement in both technical functions and in partnership with stakeholders developing new solutions. Examples include:

Developing new ITIL Incident, Request, Change and Problem Management processes to support a new IT Service Management solution. Working with University HR to understand recruitment processes and identify efficiency and UX improvement opportunities during development of a web-based recruitment system.
  Technical knowledge
I’ve delivered, supported, and managed IT services my entire career, and my personal interested in technology means I’ve been ‘hands-on’ even in management roles, which enables me to make more informed decisions and support my teams.
Whilst much of my career has been spent working with on-premises infrastructure supporting conventional (primarily office-based) working environments, the last four years I’ve worked increasingly with Software-as-a-Service (SaaS) infrastructure supporting modern hybrid working. I’m comfortable working with:

Microsoft 365 including productivity apps, Teams, OneDrive and SharePoint, Microsoft Intune, Microsoft Defender for Endpoint and Microsoft Defender XDR. Windows, Mac OS and Linux (Ubuntu) desktop.
  Strategy and Planning
Cyber security has an interest through my career, in 2019 I made a lateral move into full-time Cyber Security roles to increase my understanding and experience in this area. I have worked with diverse stakeholders including Research Academics, GP’s, Consultants, NHS Digital and City Councils.  Over the past 5 years my key achievements in cyber security have included:

Implementation of Microsoft Defender XDR and Azure security including Azure Sentinel, Defender for Endpoint and risk-based MFA using Conditional Access. Development of a University Secure Data Hosting Service which was NHS ‘Data Security and Protection Toolkit’ certified and became the University’s first ISO 27001:2013 certified service.
InterestsSailing, paddle boarding, fishing, cycling, camping.