Roland Elyon Arthur-Kingsley - Information Security Consultant
Open to Opportunities United Kingdom

Roland Elyon Arthur-Kingsley

Information Security Consultant

CISACISMISO 27001CRISCISO 27005DORAGDPRPMPCC

Senior Information Security Consultant with 10+ years of experience delivering enterprise-grade security solutions across fintech, healthcare, and regulated sectors. Specialising in PCI DSS v4.0.1 compliance, IT audit, GRC frameworks, and third-party risk management.

Executive Summary

I'm an Information Security Consultant with over a decade of experience helping organisations achieve robust security postures across fintech,healthcare, and regulated sectors. I bridge technical security expertise with executive leadership to deliver measurable improvements:

  • Guiding organisations through PCI DSS certification and v4.0.1 transitions, reducing audit cycles by 25% and ensuring continuous compliance
  • Establishing GRC frameworks aligned with ISO 27001, NIST CSF, GDPR, and COBIT to drive organisational excellence
  • Managing third-party vendor compliance and executing comprehensive cybersecurity risk assessments, reducing QSA delays by 20%
  • Delivering IT audit programmes that improve security posture and reduce the likelihood of breaches by 40%

Core Competencies

GRC & Compliance
  • Risk Management Frameworks (ISO, NIST)
  • Regulatory Compliance (DORA, GDPR)
  • Security Policies & Awareness
  • Third-Party Risk Management
  • Incident Response Planning
  • Business Continuity
PCI DSS v4.0.1
  • PCI DSS v4.0.1 Scope & SAQs
  • ROC Documentation & QSA Prep
  • Gap Analysis & Remediation
  • Programme Development
  • Network Segmentation
  • Continuous Compliance
IT Audit & Risk
  • Information Security Assessments
  • Risk-Based Audit Planning
  • Internal Controls Evaluation
  • Vulnerability Management
  • Security Architecture Review
  • SIEM, DLP, GRC Platforms
Third-Party Risk
  • Vendor Risk Assessment
  • Due Diligence Frameworks
  • Contract Security Requirements
  • Continuous Monitoring
  • Risk Tiering & Prioritisation
  • Supplier Governance
Cloud Security
  • AWS & Azure Security
  • Cloud Security Posture
  • Multi-Cloud Governance
  • CSA CCM Framework
  • Cloud Compliance
  • IaC Security
AI Governance
  • AI Risk Assessment
  • Ethical AI Frameworks
  • Model Governance
  • Data Privacy for AI
  • AI Compliance Strategy
  • Emerging Tech Risk

Career Experience

Third Party Risk & Compliance Manager

Aug 2024 - Present

Tia Cloud UK Limited, High Wycombe, UK

  • +Developed third-party risk governance frameworks for consistent vendor evaluation
  • +Managed audit-ready evidence collection, reducing QSA delays by 20%
  • +Led PCI DSS v4.0 vendor gap assessments, prioritising by transaction volume
  • +Embedded PCI DSS and ISO 27001-aligned controls into supplier contracts

IT Auditor / Compliance Programme Manager

Mar 2021 - Jul 2024

Eretmis Inc., New York (Remote)

  • Directed PCI DSS compliance programmes, delivering multiple v4.0 transition projects
  • Produced ROC/SAQ documentation, shortening audit cycles by 25%
  • Performed full PCI DSS gap assessments, reducing findings by 30%
  • Implemented segmentation and scope-reduction strategies

Projects Manager - IT Security & Compliance

May 2016 - Feb 2021

Kasant Consult Limited, London, UK

  • Delivered end-to-end PCI DSS certification projects, from scoping to QSA sign-off
  • Conducted enterprise-wide risk and BIA assessments, improving audit readiness by 40%
  • Designed and rolled out ISO 27001 & NIST-aligned frameworks
  • Delivered targeted PCI DSS awareness training for IT, DevOps, and business teams

Professional Certifications

CISA | CISM | ISO 27001 | CRISC | ISO 27005 | DORA | GDPR | PMP | CC

Active Audit & Assurance

  • CISACertified Information Systems Auditor - ISACA
  • ISMSInformation Security Management Systems Auditor

Active Risk Management

  • CRISCCertified in Risk and Information Systems Control - ISACA
  • ISO 27005Information Security Risk Management

Active Security Leadership

  • CISMCertified Information Security Manager - ISACA
  • PMPProject Management Professional - PMI

Active Compliance & Governance

  • ISO 27001ISO 27001 Lead Implementer - PECB
  • DORADigital Operational Resilience Act Specialist
  • GDPRGeneral Data Protection Regulation Practitioner
  • CCCertified in Cybersecurity - ISC2

Professional Affiliations

ISACA MemberISC2 MemberPMI MemberPCI SSC Member

Education

MSc

Master of Science

International Health Management

Imperial College Business School, London

Research focus on healthcare systems, strategic management, and international business perspectives.

BBA

Bachelor of Business Administration

Accounting & Finance

Valley View University

Foundation in financial accounting, management accounting, business finance, and auditing principles.

Latest Insights

GRC

When Does Your Company Need a GRC Expert?

Seven tell-tale signs your organisation needs dedicated governance, risk, and compliance expertise.

Read more →
PCI DSS

PCI DSS v4.0.1: Key Transition Challenges

Critical insights for financial services navigating the transition to PCI DSS v4.0.1.

Read more →
DORA

DORA Compliance for UK Financial Firms

Essential guidance on Digital Operational Resilience Act requirements for UK institutions.

Read more →

Ready to Strengthen Your Security Posture?

Whether you need PCI DSS compliance support, GRC programme development, IT audit expertise, or third-party risk management guidance, I'm here to help your organisation achieve its security objectives.