About us

Director at AMR CyberSecurity, Martin Walsham is recognised throughout the industry as cyber security expert who has the business background and presence to successfully lead and deliver even the largest programme.

Martin has built excellent stakeholder relationships within both the industry, government and regulators. He has been directly involved in shaping the maturity of the cyber security ecosystem on a national and international basis. This is through his membership of working groups, research, the development of new schemes and standards, and his previous work on the Executive Board for CREST.

Martin has in-depth knowledge and skills in risk management, security architecture, policy development and security leadership. He is also highly skilled in accreditation and in developing information security management systems.

Martin has extensive experience developing trusted assurance models for hardware and software systems and leading the evaluation of hardware and software systems under trusted assurance scheme models.

With his pragmatic, mature consultative engagement approach, Martin is committed to providing business focused cyber security services to the highest standard. His unblemished track record for delivery is testament to his level of focus and commitment.

Rachel Bi, Sales Director

Rachel is an experienced cyber security account director working with customers as a trusted partner to deliver the highest levels of assurance and to ensure ongoing customer satisfaction and service delivery excellence.

Rachel has 15 years of experience of managing the delivery of cyber security services on a National and International basis to a wide variety of sectors including finance, Government, telecommunications, health, defence, IT services and Critical National Infrastructures.

Rachel is able to work with customers large and small to understand their cyber security requirements and business objectives in order to provide pragmatic robust cyber security services.

Rachel has extensive experience of managing the delivery of security penetration testing, governance risk and compliance, security architecture and cyber incident response services.

Sean McCarthy, Testing Practice Lead

Sean is a principal consultant with AMR CyberSecurity and leads the security testing practice.

Sean has extensive experience of leading testing teams and ensuring customer requirements are effectively met and managing and delivering robust repeatable security testing services.

Sean is experienced in providing technical assurance services for government, private and financial sector clients across the globe, including United States of America, France, and Germany.

Sean is a dual qualified application and infrastructure Cyber Scheme and NCSC CHECK Team Leader.

Sean McCarthy has provided guidance to government on automotive security, including jointly creating Connected Autonomous Vehicles (CAV) security guidelines for Department for Transport (DfT). He was also lead technical tester for cross domain security hardware and software solutions for NCSC approved schemes such as Commercial Product Assurance (CPA), this includes lead hardware tester.

Sean has performed extensive security audits and assessments for the Ministry of Defence and their suppliers.

Experienced in delivering technical projects and relaying the information in comprehensive reports and present the findings showing relevant technical detail, but also to a non-technical audience to ensure everyone understands the business risks. The following shows examples of typical assignments:

• Infrastructure Penetration Testing
• Red Teaming and Advanced penetration testing
• Application Security Testing
• Wireless Testing
• Hardware Security
• Internet of Things and Signalling security
• Automotive Security
• SCADA/Industrial Control Systems
• Build & Configuration Reviews (OS, Network Devices, Firewalls)
• Mobile Device Review (Android, iOS)

Sean McCarthy has spent all his professional career working within large consultancies including two global Chartered Accountancy firms this led him to gain experience in performing and managing large and complex assessments.

Sean McCarthy has extensive experience of carrying out application security reviews, application security penetration tests, and infrastructure penetration tests on a wide variety of projects for Government and Financial industry.

Sean McCarthy has also gained extensive knowledge of red teaming assessments, Social Engineering with the aid setting up defensive attack security procedures, this led to Sean McCarthy obtaining the Offensive Security Certified Professional Qualification.

Sean McCarthy has undertaken a number of research and training projects including mobile security of Android, and Apple iOS applications.

Justin Greenwood-Delgado, Principal Consultant - Security Testing

In addition to providing long term assurance testing to the UK Ministry of Defense's Cyber Enterprise, Justin Greenwood-Delgado has also supported Industry clients across the telecommunication, financial, healthcare and petrochemical sectors, providing pragmatic advice and guidance on improving security posture through practical exploitation and platform assessment review.

An accredited senior penetration tester and incident response analyst, Justin Greenwood-Delgado is a technically capable consultant able to articulate cyber risk at senior levels. Justin is a qualified application Cyber Scheme and CHECK Team leader.

The following shows examples of typical assignments:

• Information Assurance
• Threat assessments
• Security audits and assessments
• Commercial/Government Networking and associated protocol suites and standards
• IT Health Checks
• Vulnerability Assessments and Risk Assessments
• Infrastructure Penetration Testing
• Application Security Testing
• Wireless Network Testing (including GSM, LTE, 802.11and Bluetooth)
• Remote Access/VPN Testing
• Build & Configuration Reviews (OS, Network Devices, Firewalls)
• Forensic Investigations and Organisation data compromise
• Mobile Device Review (Android, iOS)

Justin Greenwood-Delgado has spent all his professional career working within large consultancies including two global Chartered Accountancy firms this led him to gain experience in performing and managing large and complex assessments.

During these roles Justin Greenwood-Delgado gained experience on Penetration testing, of banking industry applications and endpoints for several global banks Global review of engineering organisation performing mass incident response. Host and network intrusion analysis, malicious software analysis (malware) Reverse engineering malicious code and physical hardware to retrieve extricated data and treat actors for a Global Petrochemical multinational Review of National Telecommunication provider to assess their PKI and VPN service and interconnectivity between the PSN network and cell-tower infrastructure.

Justin Greenwood-Delgado has also gained extensive knowledge of red teaming assessments, Social Engineering with the aid setting up defensive attack security procedures, this led to Justin Greenwood-Delgado obtaining the Offensive Security Certified Professional Qualification.

Justin Greenwood-Delgado has undertaken training on advanced mobile testing elements with a focus on Android and apple iOS platforms.

Tom Miller, Senior Consultant - Security Assurance & Internal Cyber Security Manager

Tom is a Senior Consultant, experienced in providing security consultancy services for a range of government and private sector clients.

As a NCSC Certified Cyber Professional in multiple roles, Tom has delivered a wide range of assurance services including: security architecture, risk assessment and management, operational security management, auditing against internal or external standards such as ISO/IEC 27001 and NIST 800-53.

Tom is experienced in working with stakeholders at all levels within organisations. He is able to provide comprehensive written and verbal reports that present the risks showing relevant technical detail but are also accessible to a non-technical audience who need to understand the business risks.

Tracy Lambert, Finance and Contracts Manager

Having worked in accounts for most of her working life, Tracey has been lucky enough to gain experience working within different sectors, including education, engineering and, of course, cyber security. Each role has provided its own challenges and demands and has given Tracey the opportunity to learn new skills outside the usual remit of management accounting. She is also experienced in working with SMEs transitioning to larger business and global corporates, being a member of an in-house team and leading the process of the business acquisition of an SME.

Tracey is an accomplished, pro-active professional with a positive can-do attitude with no task too big or too small, experienced in management accounting, payroll, office management, contract management and customer financial reporting and a wonderful team player.

Owain Rees, Principal Consultant

Owain is an experienced and accomplished principal consultant. He holds several industry certifications, including QSA, CISSP, CISA, LA27001 and is a member of the Chartered Institute of Information Security.

Over a decade working in banking, finance, telecommunications, and consultancy, has given Owain a deep understanding of how to best advise and guide clients to meet their business objectives for cybersecurity, risk management, and regulatory compliance.

As principal consultant, Owain drives the development and implementation of comprehensive security strategies for his clients. His expertise in risk management and regulatory compliance has also earned him a reputation as a trusted advisor to many UK Government Agencies, Airlines, Banks, and other large organisations.

Tim Hearn, PMO, Scheduling and Operations Manager

Tim has several years of experience in the cyber security industry, working mainly within the Project Management Office for a large cyber security business. Starting as a project Co-ordinator, Tim was responsible for scheduling over thirty consultants on around twenty projects a month.

Tim managed each project to completion ensuring that the process was followed throughout and that they ran smoothly and to budget.

Tim soon became the PMO Manager leading a small team. He was also responsible for implementing a resource management tool and was an integral part in the training.

Tim has excellent project management skills, is organised, meticulous and has a high attention to detail. He is also experienced in communicating with stakeholders internally and externally and has provided management information for all management levels.

Tim has now moved into a new Operations Manager role, which will include overseeing the PMO activities on a daily basis.