Si’s (Abbreviated) CV

This is a cut down copy of my CV – for a full copy, please send me an e-mail.

Summary

Experienced SC cleared systems and network security specialist with over 10 years working with Microsoft, UNIX and networking products. Extensive experience of Risk Management and Accreditation Document Sets (RMADS) and presenting to accreditors and business owners. Board level consultancy, presentation of bids and business cases. Development of internal and external services and products. Managerial skill running technical teams to accomplish both project based and BAU work. Published technical author in the Security and Microsoft knowledge space. Strong presentation and interpersonal skills. Experience of Financial & Banking, Commercial, Charity and Public Sectors. Experience of software, hardware and documentation testing. In depth knowledge of numerous Information Security Standards and Best Practice Guides including – HMG IS Standards, PCI/DSS, ISF, ISO 27001 & Sarbanes-Oxley. Extensive technical skills across a wide variety of technologies including Cloud (IaaS, PaaS, SaaS), Virtualisation, E-commerce and Social Media . Experience of working globally and the issues present in doing so.

Key Skills

  • CLAS Consultant
  • HMG Information Security Standards & Documentation (IAS1, IS2, JSP440, NHS, CESG Memos, RMADS etc.)
  • Payment Card Industry (PCI) Data Security Standard (DSS) – audit and compliance
  • ISO 27001, ISO/BS 17799, COBIT, Sarbanes-Oxley Standards
  • Risk, Vulnerability and Threat Assessment (CRAMM)
  • Current SC clearance
  • CISSP Certified (since 2004)
  • Experienced across multiple Operating Systems ( Linux, UNIX (most!), Windows & MacOS )
  • Single Sign-On (Kerberos & Shibboleth)
  • Digital Forensics, Incident Response & Investigation
  • Encryption – public key, certificates & secret/shared key, Full Disk Encryption
  • Penetration Testing and Vulnerability Detection (OSSTMM Certified)
  • Intrusion Detection and Prevention (Snort)
  • E-mail and Mobile Communications (Blackberry, SmartPhones)
  • Excellent written (published author) and verbal (public speaker) communication skills
  • PRINCE2 Project Management Experience
  • Business alignment, budgeting, bid-preparation

Publications

Building Security and Directory Solutions for UNIX Using the Windows Server 2003 Active Directory Kerberos and LDAP Services, Microsoft, January 2004.

UNIX and Microsoft Single Sign-on, SysAdmin Magazine, September 2004

Migrating UNIX Daemons to .Net Services using Visual C++, Microsoft, March 2004

Several Lessons in the “Hacker High School” Series from ISECOM (http://www.isecom.org).

Snort Cookbook, O’Reilly UK, 2005. ISBN: 0596007914

Hacking Exposed Linux 3rd Edition, Osborne/McGraw-Hill,U.S., ISBN: 0072262575

Technical Reviewer on :

Computer Security Basics 2nd Edition, O’Reilly,

Internet Forensics, Robert Jones, O’Reilly

Regular columnist on Information Security on Forensic Focus (http://www.forensicfocus.com)

Public Speaking

Incident Response – Lecture to Defence Engineering and Science Group course at RCMS Shrivenham as part of a Postgraduate level course.

SPADE – Statistical Packet Anomaly Detection Engine – UK UNIX Users Group Winter Conference, Birmingham, 2005

Digital Forensics in Large Scale Environments –  UK UNIX Users Group, Leeds, 2011

Intrusion Detection Using Snort – Swedish Linux Conference, Stockholm, 2005

Intrusion Detection and Prevention – BT Group Plc., Ipswich, 2005

Professional Memberships

Chartered IT Professional, Member of the British Computing Society

F3 – First Forensic Forum

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: