We work with organisations of all sizes, working directly and through partners. Our smallest client has one employee and our largest clients operate globally with offices in multiple countries. Our clients are located in the UK, the EU, Australia, the United States and globally.
Our offices are in Southampton, London and Manchester and we have consultants based across the UK. We are certified to ISO 9001, ISO 27001 and Cyber Essentials and CREST approved for penetration testing services.
Our clients operate in healthcare, financial services, travel, hospitality, marketing, education, construction, property management, technology, software development, software-as-a-service, local government, legal services, critical infrastructure and other sectors.
Our Name
It’s unusual we know. But it’s special to us, so in case you’re wondering, this is how you pronounce it.
ee – val – ee – an
Our Approach
We genuinely believe that good data protection and information security is a competitive advantage as well as a compliance obligation. Having a relationship of trust with your customers, partners and your wider supply chain is more important than ever.
At the same time, there isn’t a ‘one size fits all’ approach to privacy and security. Good data protection and information security needs to be risk led and your approach to both should be aligned to your business strategy.
For these reasons, we start every engagement by learning as much about your organisation as we can. We’ll ask about your size, structure, management systems, working practices, culture, your strategy and your specific objectives from our engagement.
We pride ourselves in being transparent and taking a real world approach to meeting your needs. We promise open communication, relationships built on respect, honesty and a strong work ethic with no hard sell.
Sean specialises in data protection, information risk and information security consulting. He is a qualified barrister, having been called to the Bar in 1998, and started his career as an in-house lawyer working in intellectual property, data protection and commercial contracts. He later progressed in to commercial leadership roles, working in a number of sectors before specialising in governance, risk and compliance with a focus on privacy and security. Sean is also Managing Director at Evalian™.
His qualifications include IAPP CIPP-E, CIPT, GDPR Practitioner Certificate, ISO 27001 Lead Implementer, ISO 27001 Lead Auditor and CISMP.
Philip consults on data protection and acts as outsourced DPO for clients. He has a long history of working with innovative, technology led businesses and in technology licensing. He is experienced in building and supporting operational and compliance business functions, including HR, ICT, H&S and Quality Management Systems. Phil is also Operations Director at Evalian™.
His qualifications include IAPP CIPP-E, ISO 27001 Lead Implementer, CIPD and APM. He also holds an MBA from Imperial College.
Chris is our Commercial Director, with responsibility for client care and business development. He has a strong knowledge of data protection, information security, penetration testing and ISO 27001.
Prior to joining Evalian™, Chris has worked with early stage and fast growing companies in the software, information security and data protection space, and has spent time living and working in Europe as well as here in the UK.
Lauren is our in-house Client Operations Manager. She sits at the heart of our business, making sure that our services are delivered to the highest quality and on time, our policies and processes are followed, and accurate time recording is maintained.
Before joining us she spent several years in performance analyst/project managerial roles in two leading cyber security consultancies. With strong communications skills, logical thinker, and problem solver, Lauren is great at building successful consultant/client relationships.
Daniel consults on ISO 27001, ISO 22301, ISO 9001 and business continuity. He has specialised in organisational resilience for much of his career, working as a consultant and in-house for multi-national organisations. He is also Head of our ISO & Business Continuity Practice.
He is an ISO 27001 and ISO 22301 Lead Auditor and a Member of the Business Continuity Institute, MBCI.
Ray specialises in data protection and information rights law. He is a qualified solicitor and worked in private practice and in-house in commercial law roles before focusing on data protection. Before joining Evalian™ he was in-house counsel and Data Protection Officer for a high street financial services organisation and their associated businesses.
His qualifications include a First Class Honours Degree in Law, LPC (Distinction), Practitioner Certificate in Data Protection (PC.dp) and IAPP CIPP/E.
Phillip consults on data protection, e-privacy and freedom of information, and acts as outsourced DPO for clients. He worked for the Information Commissioner's Office for 8 years, as a Case Officer and later as a Lead Policy Officer.
Since leaving the ICO, Phillip has worked as a specialist data protection consultant and outsourced Data Protection Officer. He holds the ISEB Practitioner Certificate in Data Protection.
Neil consults on data protection and GDPR compliance. Prior to joining Evalian™, Neil served in the Royal Air Force and as a uniformed and plainclothes police officer.
Neil’s qualifications include a Masters in Intellectual Property Law (LL.M), A Bachelor’s degree in Law (LL.B Hons), the IAPP CIPP/E and IAPP CIPM.
Sofía consults on data protection compliance and acts as an outsourced DPO. She qualified as a lawyer in Argentina in 2015. Prior to joining Evalian™ she worked as an associate for a short period in a leading Argentinian commercial law firm and as a legal advisor for three years in the Argentinian Data Protection Authority.
Her qualifications include a Law Degree, a Masters in Information Technology, Media and Communications Law (LL.M) from London School of Economics and IAPP CIPP/E.
Daniel consults on data protection and acts as outsourced DPO for clients.
He holds IAPP CIPP/E, MSc in Law Business and Management, LLB in Commercial Law and has completed his Legal Practice Course with the University of Law.
Paren consults on data protection and acts as outsourced DPO for clients. Before joining Evalian™, Paren has worked in information risk, governance and data protection roles for technology businesses. He was DPO for a wearables technology business in this last role.
Paren has an MSc in Risk management and a BSc in Computing and is a Certificate Member with the Institute of Risk Management.
Sandra is an experienced senior data protection consultant and is a designated DPO for Evalian™ clients. Sandra spent much of her career as a litigation lawyer and over the last ten years has been focusing on specialising in data protection.
Sandra's qualifications include BCS Practitioner Certificate in Data Protection, ISEB Certificate in Data Protection, as well as being a FCILEx (Fellow of the Chartered Institute of Legal Executives).
Laura consults on data protection. Prior to joining Evalian™ she worked for the Information Commissioners Office (ICO) and has over 8 years experience of working in data protection roles in the financial and retail sector.
Laura's qualifications include a Bachelors of Law (LLB) and the Data Protection Practitioners Certificate.
Alex is a senior security consultant, specialising in security testing of IT infrastructure, web applications and mobile applications. He started his career as a software developer before moving into ethical hacking and security consulting. Alex leads our penetration testing team
His qualifications include Cyber Scheme Team Leader (CSTL), Offensive Security Certified Professional (OSCP) and Qualified Security Team Member (QTSM).
Thomas is one of our penetration testers, specialising in IT infrastructure and web application testing. He started his career as a creative media and software developer before moving into security consulting, centred around Cyber Essentials certification services.
His qualifications include CREST Practitioner Security Analyst (CPSA) and he is working towards gaining his CREST Registered Tester (CRT) qualification.
Fiona is one of our penetration testers, specialising in infrastructure, web app and mobile app testing. She has experience in information security within financial services organisations. She is particularly experienced in providing PCI DSS consultancy and testing to major banks, insurance companies and retail organisations.
Her qualifications include CISSP, OSCP, GWAPT and CISA.
Marcus lead our cyber consulting team and is a senior security consultant specialising in cyber security; including strategy, security transformation, risk management, incident response and supply chain assurance. His career started in the British Army where he delivered multifaceted operational solutions often in austere settings. Since leaving the military, Marcus has worked in senior security consulting roles, across numerous sectors.
He has three Masters degrees including an MSc in Information Security from Royal Holloway, University of London; he holds ISACA's CISM and CGEIT certifications; is a Chartered Engineer and a graduate of the British Military's esteemed Advanced Command and Staff Course.
Nelson consults on information and cyber security, specialising in cloud and application security including threat modelling, SSDLC and Azure security.
He has a First Class degree in Computer and Information Security, holds the Microsoft AZ-900 (Azure Fundamentals) and AZ-104 (Azure Administrator) certifications and is working towards a PhD in Applied Computing (specialising in data security in cloud environments using machine learning). Nelson has worked in IT support, information security and as a software developer before coming to work for Evalian™.
Matt consults on information and cyber security, including incident response, security awareness and training, security gap analysis and certification advisory. Matt started his career working in large multinationals where he gained experience delivering large system implementations, leading projects, and handling key stakeholder relations.
He holds an MSc in Information Security from Royal Holloway, University of London.
Will consults on Information Security and IT security compliance, incident response and technical controls.
He has a First Class Honours degree in Cyber Security Management from Bournemouth University, and has experience in Information Security within the Education Sector.
Kate is our Digital Marketing Manager. She started out her career in graphic design and eLearning and has a number of years' experience in corporate branding, communications and marketing, predominantly within the Oil & Gas / Energy industry.
Her qualifications include a First Class Honours degree in Visual Communication from Robert Gordon University, as well as certificates in Social Media, Digital Marketing and Google Ads.
Hannah is our in house writer, working with consultants on articles, guides, advisories and blogs and writing our news updates on data protection and information security topics. She has a background in content creation and PR, specialising in technology, data and consumer topics.
Her qualifications include a BA in English Language and Literature from Royal Holloway University, London.
Graham is a senior software engineer, specialising in robust end-to-end websites, mobile and desktop applications. He started his career as hardware engineer at a local family-run computer shop.
Since leaving the field of hardware to go into software, Graham has worked on numerous projects over his years of experience, ranging from online auction software, prescription pharmaceutical solutions, to energy performance certificate calculation engines.
Qualified Consultants
Our consultants combine real-world experience with industry qualifications. Certifications held by the team include:
Join Us
Our team is growing and we are always on the lookout for skilled and experienced individuals. If you think you would be a “good fit” at Evalian, then we would love to hear from you, particularly if you have experience in data protection, GDPR consultancy, cyber security or penetration testing.
Visit our careers page to view our latest roles and to apply. If you can’t see a job here suited to your expertise, please feel free to contact us with your CV and covering letter.
