Managing Consultant with ECS

January 2018 – Present

• Growth of key customer project from a short-term tactical platform deployment, to a mature, process driven and important security monitoring solution.
• Increased enablement programme from a single member to a small team, setting challenging 2018 objectives and planning for the delivery of a collection of initiatives throughout the year.
• Certification in AWS Security, Technical and Business areas, supporting cloud-based projects.

Projects:

• Designed and delivered of a complex enterprise deployment of Splunk for IT and security monitoring, using continuous development/integration/delivery principles and technologies.

Responsibilities:

• Creating and tailoring approaches and standards to suit client challenges and opportunities.
• Assessing security function capabilities, activities and improving alignment with strategic objectives.
• Recommending programmes and initiatives for quick wins and longer-term business improvement.
• Leading complex programmes, managing deliverables and risks throughout.
• Acting as a mentor to senior consultants and business managers across multiple disciplines.
• Consulting with board level management around business improvement.

Senior Security Consultant with ECS

January 2017 – December 2017

• Complex distributed deployment of Splunk Enterprise Security (SIEM) in a multisite configuration.
• Internal enablement uplift; focusing on team engagement, development and best practices.
• Development of collateral based toolkit to standardise offerings, from sales to delivery.
• Assessing core security capabilities and aligning them with organisational strategic objectives.
• Recommending projects and initiatives for quick wins and longer-term business improvement.
• Scoping complex critical IT security functions as well as high-level business cases.
• Acting as senior advisor on IT security, across organisational and governance teams.
• Ensuring regular, clear and diligent communication across senior stakeholders and within the team.
• Leading complex and critical consultative engagements with senior management support.

Security Consultant with ECS

September 2014 – June 2015

• Successfully deploying a number of complex Splunk environments, including complex data onboarding, multisite clustering and ensuring best practise security configuration.
• Expanding specialized skill sets to be able to design and implement Splunk based projects alongside achieving the Splunk Architect, Administrator, Sale Engineer and Consultant accreditations.
• Developing SOC processes for Event Monitoring, Incident Management and Use Case Development for a major high street supermarket.

Projects:

• Performing ISO27001:2013 security assessments for a high street bank upon third-party suppliers.
• Conducting site visits to assess physical security controls of tier 4 data centres.
• Remote and onsite SIEM engineering (Splunk) including host management (CentOS), system troubleshooting, log source on-boarding and security remediations.
• Assisting with recruitment process including resume review, applicant interviewing and induction.
• Co-writing request for proposals (RFP) for various large enterprise clients for managed service, security operations and SIEM design and implementation based projects.

Responsibilities:

• Recommending end-to-end IT security solutions, including architecture/design, process creation and development and basic project management, all in line with industry good practice.
• Working individually and as part of a team to carry out the end-to-end delivery of solutions.
• Producing clear and consistent technical, management and commercial documentation.
• Identifying and clarifying client challenges and opportunities.
• Assessing core capabilities within a client information security functions.
• Recommending specific approaches for quick wins and longer-term business improvement.
• Confidently scoping complex and critical projects as well as (high level and detailed) deliverables
• Compiling total cost of ownership and return on investment models for outlines of business cases.

Senior Security Operations Centre Analyst with ECS

May 2013 – August 2014

• Security auditing and incident management to a global bank in a security operations centre.
• Analysis of security alerts to identify potential security incidents.
• Support of response to potential security incidents and provision of ad hoc security reports.

Desktop Support Analyst with BlackRock

May 2011 – December 2012

• Onsite role supporting an office of over 500 users at a 2nd line level of IT support and assistance.
• Managing escalations, user communications and assisting in major incident management.
• Supporting various technology teams maintaining critical infrastructure.

Senior Technician with Hoylake Computer Centre

July 2006 – July 2010

• Computer repair centre focused on client support and promoting best practices across support areas.
• Computer diagnostics, repair, network troubleshooting, software installation and hardware builds.
• Onsite callouts to install and maintain SOHO type internet connections and LAN based networking.

• Presented ‘Hunting Hard, Failing Fast, Maintaining Integrity’ at Big Data for Cybersecurity Conference
• Presented ‘Human Vulnerability: Truths & Lessons’ at Security Scotland Meet Up
• Presented ‘Splunk’s Enterprise Security Content Updates Overview’ at Splunk User Group for Edinburgh
• Presented ‘Splunk for Threat Detection & Response’ at SOCLAB Opening, Edinburgh Napier University
• Presented ‘Big Data for Threat Detection & Response’ at SIGINT, University of Edinburgh
• Presented ‘Analyst, Engineer or Consultant?’ at OWASP Edinburgh
• Presented ‘Development & Release Frameworks & Splunk’ at Splunk User Group for Edinburgh
• Presented ‘What is Security Engineering?’ at Cyber Scotland Connect
• Presented ‘The Missing Layers: Syslog Collection & HTTP Event Collection (HEC)’ at Splunk User Group for Edinburgh

• Presented ‘Latest Updates to Splunk from .conf 2017’
• Presented ‘Deconstructing SIEM’ at Security Scotland Meet Up
• Presented ‘Securing the Cloud with Splunk at the Centre’
• Awarded the ‘Outstanding People Award’ by ECS for the Splunk Enablement Programme
• Presented ‘Deconstructing SIEM’ at Big Data Conference for Cybersecurity
• Presented ‘Universal vs. Heavy Forwarders’ at Splunk User Group for Edinburgh
• Presented ‘Splunk User Behaviour Analytics (UBA)’ at Splunk User Group for Edinburgh

• Presented ‘Use Case Development’ at Splunk User Group for Edinburgh
• Awarded the ‘Best New Cyber Talent’ by the Scottish Government
• Published ‘Threat Landscape for 2017’ in the Holyrood Tech 100 magazine
• Presented ‘Machine Learning for Threat Detection’ at Big Data Conference for Cybersecurity Conference
• Presented ‘Splunk Deployment Best Practices’ at Splunk User Group for Edinburgh

• Awarded the ‘Outstanding People Award’ by ECS for Dedication to a Customer