Jun 2016 – Aug 2017 · 1 yr 2 mos · Sevenoaks, Kent, United Kingdom

• Responsible for the oversight and vision surrounding the continual development and enhancement of BT's managed security services platform. Including implementation and integration of some of the most advanced and niche security technologies on the market as well as aligning management of cloud security technologies to provide clients with end-to-end solutions.
• Thought leading service and product strategy as well as driving efficiency within the BT Security organisation, aligning directly with targets to improve revenue and EBITDA through the use of cutting edge automation and orchestration technologies and deployment of best of breed security capability.
• Leading both, platform, development and innovative teams to create proprietary market solutions and deliver customer facing data driven interfaces meeting the market demand to simplify and demystify security.

Nov 2014 – Jun 2016 · 1 yr 7 mos · East Barming, Kent, United Kingdom

• Responsible for the innovation, development and integration of the products and services offered as part of SecureData GI, the design and implementation of threat detection and defence mechanisms for use across multiple platforms, including Hadoop, LogRhythm, Nessus, Checkpoint, Fortinet and SkyBox but to name a few.
• A specialist in service architecture, designing and building services to meet customer, providing in depth consultancy and SME support.
• A thought leader in data driven security solutions based on real-world security problems, identifying managed service requirements and driving the sales process from design, proposal and pricing through to delivery.
• Designing repeatable and performant managed security services, utilising real-time assessment, analytical threat detection and implementing automated protection mechanisms for over 500 customers. As well as integrating response and remediation consultancy.
• Having built and launched to the UK market Threat Intelligence services to underpin detection methodologies, reporting measures and response procedures.

Aug 2014 – Nov 2014 · 3 mos · London, United Kingdom

• Worked on multiple projects including:
• Cyber Security Analytics for a Major International Technology Company -
• Design and Implementation of big data solutions to enable the detection of advanced and unknown cyber threats to the organisation.
• IT Security Implementations for a Multiple Clients in Retail, Travel and Media -
• Involved in scoping and design of Security Monitoring (SIEM), Network Segregation, Threat Intelligence and Endpoint Security Solutions.

Feb 2013 – Aug 2014 · 1 yr 6 mos · Guildford, United Kingdom

• At the forefront of the technical challenges involved in detecting and mitigating against the advanced threat, deep end-to-end knowledge of the threat landscape including methods for detecting, investigating and remediating against targeted attacks. Applied ability to quantify and communicate risk using experience of current threats. Proven experience managing a diverse range of projects, teams and individuals, able to communicate ideas and direction effectively to achieve objectives in an efficient and timely manner. Regular deep dive technical client interaction, identifying potential solutions to mitigate risk and exposure to data theft, espionage and reputational damage.
• Leading a team of threat detection developers, responsible for the delivery of detection techniques using behavioural, analytical and rule based methodologies, driving strategy within these areas for Detica’s ManagedSecurity business. Designing bespoke threat detection solutions that benefit both clients and the wider business. Managing business development opportunities derived from threat intelligence and incident response providing key technical and architectural oversight during client engagements. Responsible for the development and implementation of a comprehensive set of advanced SIEM rules used to provide protective monitoring and compliance solutions to multiple clients in some of the most highly targeted commercial IT environments.

Feb 2012 – Feb 2013 · 1 yr · Guildford, United Kingdom

• Leading a large team of analysts in the provision of security monitoring using in house developed tools and commercial SIEM platforms. Deep dive analysis of client security event data from a variety of sources including advanced network packet capture devices. Identifying Advanced Persistent Threats and high level cyber-attacks, providing response and remediation actions directly to clients. Interfacing with client security teams, providing in-depth reporting and debriefing regarding detected security incidents.
• Validating all security incidents generated by the junior team prior to issue to a client, managing, coaching and leading a team of analysts to provide services to over 31 clients in 12 sectors. Providing technical support to pre-sales engagements and supporting the back end infrastructure systems.

Apr 2010 – Feb 2012 · 1 yr 10 mos

• Responsible for sharepoint teamsite services for the JDLMO, maintaining the sites for both the secret and restricted networks.
• Responsible for the design and management using SQL and ASP.net of the JDLMO public website. Ensuring publicly available data is secured to MOD standards.
• Design of bespoke applications directly for the JDLMO.
• IT and Data Security for the organisation.

Sep 2008 – Apr 2010 · 1 yr 7 mos

• The UKs Command Center for UK Air Defence. Responding to potential security threats, hijacks. Liaising with The Cabinet, TranSec and Air traffic agencies to prevent air attacks on the UK.
• Responsible for database and project management in the organising of several multi national air exercises.
• Issuing orders to E3D aircraft and maintaining the UK Air Defence radar picture.
• Liaising with foreign military personnel for the coordination of exercises within UK airspace.
• Creation and maintenance of bespoke software tools to enable the process of Air Tasking Order creation.
• Issuing of Air Tasking Orders to relevant authorities in the execution of UK based exercises.
• Responsible for all aspects of flight safety in regards to NASOC planned exercises.

Aug 2005 – Sep 2008 · 3 yrs 1 mo

• Responsible for Server maintenance, backup and administration.
• Maintenance of a Small LAN 30-40 computers, used for the training of Airspace Battle Managers.
• Supporting up to 150 users within the SABM (School of Air Battle Management)
• Training of Instructors on equiptment such as SmartBoard and Promethean.
• Creation of bespoke applications for tasking of personnnel.

Mar 2005 – Aug 2005 · 5 mos

• Trained as a Simulator Pilot.
• Enabling training on radar simulation equipment to train Airspace Battle Managers to control fast jet aircraft for the roles of Air Defence in the UK and Current Operations.
• Using bespoke equipment, designed by BAE systems.

Nov 2003 – Mar 2005 · 1 yr 4 mos

• Working in a current operations environment.
• Assisting weapons controllers in day to day Air Defence operations, controlling UK fast jet assets in the protection of sovereign airspace.
• Liasing with external civilian air traffic control and foreign military organisation to ensure the coordination of UK military air operations.