A passionate cybersecurity professional with experience working within large enterprises across financial, luxury retail, energy and IT service-based industries. Providing an organised approach to workload management with an emphasis on detail, combined with a robust methodology to incident response, investigation and remediation. Works diligently to achieve successful outcomes within set time constraints and develop maintainable processes and procedures.
- Awarded the ‘Best New Cyber Talent’ by the Scottish Government in 2016.
- Awarded the ‘Outstanding People Award’ by ECS in 2015 and 2017.
Accredited with CISSP, C|EH, Splunk Certified Consultant & Architect.
Hobbies include regular kickboxing training, sailing, climbing and blogging about cybersecurity and data analytics.
Managing Consultant with ECS
January 2018 – Present
- Growth of key customer project from a short-term tactical platform deployment, to a mature, process driven and important security monitoring solution.
- Increased enablement programme from a single member to a small team, setting challenging 2018 objectives and planning for the delivery of a collection of initiatives throughout the year.
- Certification in AWS Security, Technical and Business areas, supporting cloud-based projects.
- Designed and delivered of a complex enterprise deployment of Splunk for IT and security monitoring, using continuous development/integration/delivery principles and technologies.
- Creating and tailoring approaches and standards to suit client challenges and opportunities.
- Assessing security function capabilities, activities and improving alignment with strategic objectives.
- Recommending programmes and initiatives for quick wins and longer-term business improvement.
- Leading complex programmes, managing deliverables and risks throughout.
- Acting as a mentor to senior consultants and business managers across multiple disciplines.
- Consulting with board level management around business improvement.
|Skills & Technology: Data Analytics (Splunk), SIEM (Enterprise Security), IT Operations (IT Service Intelligence), Incident Management, Security Operations, Agile Methods, Cloud (AWS), Continuous Integration/Delivery (Docker, Ansible, Git).|
Senior Security Consultant with ECS
January 2017 – December 2017
|Achievements: Lead new enablement programme which provided a significant uplift in delivery capability across the practice. Set up and lead an Edinburgh based User Group focusing on Splunk and grew membership to over 160 people. Development of ‘Capture the Flag’ using Splunk and delivered multiple events to over 50 attendees at an international ‘Big Data’ conference in Edinburgh.|
- Complex distributed deployment of Splunk Enterprise Security (SIEM) in a multisite configuration.
- Internal enablement uplift; focusing on team engagement, development and best practices.
- Development of collateral based toolkit to standardise offerings, from sales to delivery.
- Assessing core security capabilities and aligning them with organisational strategic objectives.
- Recommending projects and initiatives for quick wins and longer-term business improvement.
- Scoping complex critical IT security functions as well as high-level business cases.
- Acting as senior advisor on IT security, across organisational and governance teams.
- Ensuring regular, clear and diligent communication across senior stakeholders and within the team.
- Leading complex and critical consultative engagements with senior management support.
Security Consultant with ECS
September 2014 – June 2015
- Successfully deploying a number of complex Splunk environments, including complex data onboarding, multisite clustering and ensuring best practise security configuration.
- Expanding specialized skill sets to be able to design and implement Splunk based projects alongside achieving the Splunk Architect, Administrator, Sale Engineer and Consultant accreditations.
- Developing SOC processes for Event Monitoring, Incident Management and Use Case Development for a major high street supermarket.
- Performing ISO27001:2013 security assessments for a high street bank upon third-party suppliers.
- Conducting site visits to assess physical security controls of tier 4 data centres.
- Remote and onsite SIEM engineering (Splunk) including host management (CentOS), system troubleshooting, log source on-boarding and security remediations.
- Assisting with recruitment process including resume review, applicant interviewing and induction.
- Co-writing request for proposals (RFP) for various large enterprise clients for managed service, security operations and SIEM design and implementation based projects.
- Recommending end-to-end IT security solutions, including architecture/design, process creation and development and basic project management, all in line with industry good practice.
- Working individually and as part of a team to carry out the end-to-end delivery of solutions.
- Producing clear and consistent technical, management and commercial documentation.
- Identifying and clarifying client challenges and opportunities.
- Assessing core capabilities within a client information security functions.
- Recommending specific approaches for quick wins and longer-term business improvement.
- Confidently scoping complex and critical projects as well as (high level and detailed) deliverables
- Compiling total cost of ownership and return on investment models for outlines of business cases.
Senior Security Operations Centre Analyst with ECS
May 2013 – August 2014
|Achievements: Designing and implementing managerial information packs, building on and improving the accuracy of SLA reporting and overall service delivery. Designing a number of training sessions and supporting material for emerging security technologies and delivering them to other team members.|
- Security auditing and incident management to a global bank in a security operations centre.
- Analysis of security alerts to identify potential security incidents.
- Support of response to potential security incidents and provision of ad hoc security reports.
Desktop Support Analyst with BlackRock
May 2011 – December 2012
|Achievements: Bringing SLA breaches down from 15% to 1.5% within 12 months alongside reducing ITSM queue from 300 tickets to 25-30 on average. Delivering core support and implementation of Windows 7 rollout to business, ensuring minimal downtime, assessing UAT results and promoting lessons learned.|
- Onsite role supporting an office of over 500 users at a 2nd line level of IT support and assistance.
- Managing escalations, user communications and assisting in major incident management.
- Supporting various technology teams maintaining critical infrastructure.
Senior Technician with Hoylake Computer Centre
July 2006 – July 2010
|Achievements: End-to-end management of store relocation and setup and delivery of training programme.|
- Computer repair centre focused on client support and promoting best practices across support areas.
- Computer diagnostics, repair, network troubleshooting, software installation and hardware builds.
- Onsite callouts to install and maintain SOHO type internet connections and LAN based networking.
Awards, Publications & Speaking
- Presented ‘Splunk for Threat Detection & Response’ at SOCLAB Opening, Edinburgh Napier University
- Presented ‘Big Data for Threat Detection & Response’ at SIGINT, University of Edinburgh
- Presented ‘Analyst, Engineer or Consultant?’ at OWASP Edinburgh
- Presented ‘Development & Release Frameworks & Splunk’ at Splunk User Group for Edinburgh
- Presented ‘What is Security Engineering?’ at Cyber Scotland Connect
- Presented ‘The Missing Layers: Syslog Collection & HTTP Event Collection (HEC)’ at Splunk User Group for Edinburgh
- Presented ‘Latest Updates to Splunk from .conf 2017’
- Presented ‘Deconstructing SIEM’ at Security Scotland Meet Up
- Presented ‘Securing the Cloud with Splunk at the Centre’
- Awarded the ‘Outstanding People Award’ by ECS for the Splunk Enablement Programme
- Presented ‘Deconstructing SIEM’ at Big Data Conference for Cybersecurity
- Presented ‘Universal vs. Heavy Forwarders’ at Splunk User Group for Edinburgh
- Presented ‘Splunk User Behaviour Analytics (UBA)’ at Splunk User Group for Edinburgh
- Presented ‘Use Case Development’ at Splunk User Group for Edinburgh
- Awarded the ‘Best New Cyber Talent’ by the Scottish Government
- Published ‘Threat Landscape for 2017’ in the Holyrood Tech 100 magazine
- Presented ‘Machine Learning for Threat Detection’ at Big Data Conference for Cybersecurity
- Presented ‘Splunk Deployment Best Practices’ at Splunk User Group for Edinburgh
- Awarded the ‘Outstanding People Award’ by ECS for Dedication to a Customer
|2009-2013||BEng Computer Security & Forensics – First Class Honours Degree|
Napier University, Edinburgh, UK (Winner of the University Medal)
|2006-2009||IT Practitioner & System Support – Merit BTEC Level 3 National Certificate|
Wirral Metropolitan College, UK
Professional Courses & Certification
|Course / Certificate||Awarding Body||Awarded/Attended|
|Lean Six Sigma Yellow Belt||QA||2018|
|AWS Certified Cloud Practitioner||Amazon Web Services||2018|
|AWS Technical Professional||Amazon Web Services||2018|
|AWS Business Professional||Amazon Web Services||2018|
|AWS Security Fundamentals||Amazon Web Services||2017|
|Splunk Certified Enterprise Security Implementation||Splunk||2017|
|Stepping Up to Management Course||QA||2017|
|Certified Information Systems Security Professional (CISSP)||(ISC)²||2017|
|Splunk Certified Architect (Level 2)||Splunk||2017|
|Troubleshooting Splunk Enterprise||Splunk||2017|
|Splunk for Analytics and Data Science Course||Splunk||2017|
|Implementing Splunk IT Service Intelligence Course||Splunk||2017|
|Splunk Enterprise Security – Advanced Deployment Course||Splunk||2017|
|Splunk Advanced Dashboarding, Cluster Administration & Building Apps||Splunk||2016|
|Cyber Security Economics Course||edX||2016|
|Splunk Certified IT Service Intelligence Specialist||Splunk||2016|
|Splunk Certified Consultant (Level 1 & 2)||Splunk||2016|
|Splunk Certified Architect (Level 1)||Splunk||2015|
|CEH – Certified Ethical Hacker (v8)||EC-Council||2015|
|Splunk Certified Sales Rep & IT & App Sales Representative||Splunk||2015|
|Splunk Certified Admin & Power User||Splunk||2015|
|PRINCE 2 Foundation & ITIL Foundation (v2011)||APMG||2015|
|Security Intelligence and Analysis / Incident Response||IBM||2014|
|Network Architecture (MSc Module)||Napier University||2014|
|MCSA – Microsoft Certified Solutions Associate||Microsoft||2012|
|MCITP / MCTS – Microsoft Certified IT Professional / Technology Specialist||Microsoft||2011|