About

Head of infosec, AI governance contributor, fractional advisor.

Two decades in cloud infrastructure and information security. The last two years focused on what AI governance actually has to mean inside a regulated financial services firm.

Now

Head of infosec at Tetrate, where I lead the company's AI governance work with financial services customers and act in a field-CTO capacity on agent governance architecture. Before that, I built Tetrate's information security and compliance program from scratch as the company's first dedicated security hire — both the SOC 2 Type II and ISO 27001:2022 certifications happened on my watch — and led the platform engineering group through to mid-2025. The combination is the point: I get to embed security and governance into the infrastructure rather than treat them as a separate function.

I'm an active contributor to the FINOS AI Governance Framework, where in October 2025 I received the Newcomer Award at OSFF NYC. Specific contributions include adding agentic AI risks and mitigations to the framework (~1,300 lines), the ground-up rewrite of the CALM (Common Architecture Language Model) visualisation tool, and AI Governance workshops at industry conferences including FINOS OSFF NYC and APIDays London.

Outside Tetrate I take a small number of fractional advisory engagements each year with banks, insurers, and FS infrastructure firms working through AI governance implementation. The conversations I have most often are about how to operationalise SR 11-7 / SS1/23 expectations for systems whose behaviour is shaped by a prompt and a vendor's silent weekly model update — the gap most firms are still trying to bridge with policy documents alone.

How I got here

Tetrate (2021 — present)

Joined as a Senior Engineering Manager and initiated the cybersecurity and compliance program before stepping into the head-of-infosec role in 2023. Through that period I also led the platform engineering group as a hands-on technical manager, delivering Go and Python code alongside the security and OSS work. During my time at Tetrate I served as a security maintainer and release manager for Istio and Envoy, sat on the Istio Product Security Working Group for several years, and acted as Release Lead for two major versions of Istio.

IBM Cloud (2017 — 2021)

Senior Engineering Manager and Compliance Lead for IBM Cloud Container Registry. Owned security and compliance for a mission-critical global PaaS service, achieved and maintained SOC 2, PCI-DSS, and HIPAA certifications, developed enhanced controls for IBM Financial Services Cloud, and ran a distributed team of 18 engineers. The role taught me, in detail, what large-scale Kubernetes actually means for compliance.

IBM (2004 — 2017)

Engineering management, program management, and project management roles, starting as a Test Lead working on storage systems, SAN, and UNIX. Led teams of up to 100 engineers across multiple product releases in the Storwize family; ran development budgets in the $50M–$60M range. The technical foundation I never lost touch with even as the management responsibility scaled.

What's worth talking to me about

The conversations that turn into useful engagements tend to be about one of:

  • Operationalising MRM expectations (SR 11-7, SS1/23) for AI systems that don't behave like traditional models — what your validation, monitoring, and change-management practice has to look like.
  • Mapping AI governance frameworks (FINOS AIGF, NIST AI RMF, ISO 42001) onto your existing controls without rebuilding from scratch.
  • Evidence regulators will actually accept: model and agent inventories that are accurate by construction, per-request usage attribution, runtime guardrails, and the telemetry that backs all of it up.
  • Reference architectures for agent governance — MCP supply chain controls, A2A trust boundaries, and policy enforcement at the service-mesh control plane.
  • Where the FINOS AIGF and the Linux Foundation's Agentic AI Foundation work fit into a firm's existing compliance posture.

Education

MEng (Hons) 2:1, Computer Systems Engineering, University of Warwick. PMP (Project Management Institute, 2008).

Get in touch

Currently taking a small number of fractional engagements through 2026. Email paul@paulmerrison.io, find me on LinkedIn, or read what I've been writing.