Compressed skillset Solarix/Linux Administration - over twenty years SQL Database administration - over ten years Firewall (Checkpoint) Over fifteen years Networking, inc teaching networking principles – over twenty five years HP Server products - over twenty years HP Arcsight – over six years including DevOps/ SOC analyst /System Architect roles Use Case development and evolution – over six years Splunk – over two years Electronic Security systems design and implementation - over twenty years. Enterprise scale security design and architecture - over twenty years Virtualisation over fifteen years IT Trainer – Operating systems, Networking, Cyber security – over twenty years Working towards full HP Arcsight professional qualifications and CISSP.
Key technologies: RHEL Linux, Windows, HP servers inc VM ware, HP Arcsight 6.8C ESM, HP Loggers, HP ArcMc, various Arcsight connectors, inc flex, various Syslogging solutions, Checkpoint and Next Gen firewalls, HIDs, HIPs, NIDs and NIPs systems, SPLUNK Role: Working on obtaining logs and developing flex connectors for various components of the overall smart meter program, driving best practise solution to onboard a variety of log sources to provide intel for Arcsight logic development. Focus was to develop logging solutions to comply with GPG13 requirements, to provide fully auditable security solutions using Arcsight and Logger. Secondary role involved providing training to the newly set up SOC, taking the members through Arcsight rules and logic, and how to evolve logic to encompass the various components of Smart Meter program, as changes in the architecture occur. Reported to senior stakeholder and board members in O2 to provide regular status updates on the various security projects.
Key technologies: Linux and Windows, Global AD solutions, HP servers inc VM ware, HP Arcsight 6.5C ESM, HP Loggers, HP ConApp and various HP connectors, inc WUC Connector, WinC and flex connectors, various Syslog-ging solutions,, Checkpoint and Next Gen firewalls, HIDs, HIPs, NIDs and NIPs systems, SPLUNK integra-tion, DDOS systems evolution. Role: Worked as Devops Lead with six reports, working main SOC team, designing and building Use Cases for various Global BT clients, as part of their Cyber expansion portfolio. All work was HP Arcsight based plus some Tipping point and Splunk, with specialised modules for SAP and Sap reporting (Agile SI and SAP/HANA) My team worked with clients daily, evaluating and evolving Use Cases, and threat modelling to provide event and report driven SOC processes. This involved using HP Arcsight ESM, Logger, Syslog and spe-cialised flex connectors. Team responsibilities covered creation of use case 'run book' covering all aspects of live use cases, processes and procedures, with revisions for iterative tuning. I reported to upper management, and provide full daily reports on Use Case evolution and effectiveness, as well as weekly and monthly overall progress reports on Use Cases handed into Prod environment. Ad-ditionally I worked as Arcsight Technical Architect, providing upgrading and planning for systems expan-sion, covering global solutions and high availability ESM and logger installations.
Key technologies: Linux and Windows operating systems,HP servers, ESX VM farms and virtualisation, AD, Sophos Enter-prise Anti Virus, Cisco networking, cisco firewalls, PEN testing. Specialist Technologies: HP ArcSight and ESM Global Solutions architecture, Cloud solution and Logger deployment, Logger, SIEM analytics, Splunk, cloud based Arcsight hosting, SOC team analytics, Enter-prise Anti Virus, Agile methodologies, Perl scripting (regex) and C++ development. SOC training and crea-tion of intel feeds into Arcsight. Role HP Arcsight Technical Architect and Use Case designer/lead, working in the SOC to build out a fully zone mapped Arcsight/network model of National Grid resources, to provide Use Cases against net-work/iAM/CMDB data. I had five reports, two cyber Analysts and three Arcsight Architects. SOC in the UK was new and I provided training for the new SOC engineers covering threat modelling, Use Case evolution, Correlation and design of basic and complex Arcsight logic for the core of the Use Case function. This covered everything from simple cyber issues such as phishing to complex Arcsight logic design covering blended attacks, polymorphic malware etc. Coordinated Security architects function to optimise the evolution of Use Cases, covering new hardware implementation, including new firewalls and IDS/IPS defenses. Worked also as an HP Arcsight Architect as a separate project, (working directly with HP) to re-engineer the existing HP ESM solution which was prone to failure and featured several single point of failure is-sues. Reworked the ESM model to provide both High Availability and Global 'cross ESM' data model. Provided Weekly and monthly reports and Use Case tracking to upper management for Cyber Security projects.
Technical Project Manager (Infrastructure Delivery) for Project ‘Verde’ - creating a trading room for TSB in readiness for IPO, with focus on Cyber Security systems protecting trading systems and high speed diver-sified networking links. Key technologies: Unix/Linux, Windows client and server 2008, 2011, HP Blade architecture and thin client workstations, HP Arcsight ESM core and loggers, std connectors and flex connectors, Active Directory, Citrix, VM server farm, Reuters Dealing 3000, Bloomberg, Cisco networking, Cisco firewalls, Firewall testing and Cyber security reporting, PEN testing across the TSB networks, PEN testing Use Cases into Arcsight, SQL data-bases, VOIP, Resilient high availability networking, network hardening and implementing Cyber Security measures. Role Hired as an IDM (Infrastructure delivery manager/architect) and Systems security analyst, to project man-age and architect the specifying, installation, commissioning and testing stages of new trading room for TSB Production based at 20 Gresham Street, and DR site N London, in readiness for IPO. I was responsible for the creation of new datacentre architecture for TSB connectivity for Production and DR, ensuring best Cyber practices were followed and to ensure data from firewalls, IDS and security sys-tems were fed into Arcsight for weekly reporting against main Use Cases Worked closely with Security/SOC to ensure their needs were met in terms of Cyber monitoring and de-signed an effective monitoring schema to ensure all points of the TSB and Lloyds interfaces were moni-tored constantly against cyber attack. Key aspects, working closely with the chosen 3rd parties (BT, Bloomberg, Thomson Reuters, Jones Lang Lasalle, Vtesse,) and Lloyds internal infrastructure teams, to ensure all works were closely coordinated and key deliverables timings were met successfully, in accordance with full security measures and testing of security. Worked closely with HP engineers on site to refine and help evolve Use Cases and regulate/normalise IDS data to control eps rates into core Arcsight ESM. Reported to the Head of Market Data and the Global head of Treasury, providing weekly and monthly situ-ation reports, advising issue and project delays. Project was brought in ahead of schedule, traders were live in the new trading room first week in June 2014
Project manager/Tech manager for entire trading floor relocation including Cyber Security upgrade to new perimeter Firewalls. Key technologies: Cisco routing and switching including hardware upgrade to harden network against Cyber Threat, C script-ing (testing), HP servers, PC clients, TT trading system, SWIFT reconciliations, IPC phones/voip, HP rack based servers, SQL 2008, FIX protocol, software debugging, network latency testing and failover testing. Role: Short term contract, mainly focussed on maintaining uptime and improved Cyber Security, leveraging Next Gen Firewalls, as part of major trading floor relocation project. Role involved myself coordinating and involved PEN testing to prove off uprated perimeter security and streamline logging into Splunk monitor-ing. Reported to the global head of infrastructure and networks/security.
Key technologies: Reuters RMDS, Elektron Hosting, Cisco, Windows and MS Office and SQL, Cyber Hardening of high speed data lans, PEN testing, Elektron host reporting into SIEM monitoring (HP Arcsight and Splunk) Role: Thomson Reuters Elektron Hosting Systems Cyber Security Analyst (Arcsight and Splunk) Busy role coordinating the onboarding of Thomson Reuters clients to High Speed Elektron data Market Data network and proving off security on all client connection., Key Cyber Elements were continuous pen testing of client networks, data integrity checks, syslog event correlation and regular meetings with Savvis data centers to ensure Cyber Threat policies constantly re-viewed and implemented. Client networks were monitored by Splunk and HP Arcsight, and I worked closely with Security Analysts to ensure all Market Data elements were reporting correctly with respect to client conenction into the high speed data core. Secondary function was to evolve Use Cases by working closely with SOC and 3rd party data providers, ensuring that client end to end data connections were as closely monitored as possible.
Key technologies: Trading systems, HP Bladecentres, CIsco networking, Linux and Windows (Various) MS Office, reporting tools, Crystal Reports, SWIFT, Back office and clearing systems, Reuters RMDS, Cyber hardening of oper-ating systems and network upgrades, Qualys and Nessus scanning. Role: Various Project management roles throughout the contract: Ran a small team for five years working closely with Trading support, Server teams and infrastructure teams managing the build up, installation and maintenance of over 1000 servers (physical and VM Ware) at Prod and DR sites. Part of the role was continuous ongoing hardening of network, against Cyber attack, constant patching of Windows systems and Qualys and Nessus monitoring of systems in the estate, plus IAM database correlations to ensure users given correct privileges. Main Cyber monitoring tool was Splunk, with a basic HP Arcsight installation which my team looked after and monitored logging into Arcsight ESM. Seconded into Trading Support Team for three years, working on a variety of Trading floor projects, in-cluding TT trader and Thomson Reuters RMDS upgrades. Project managed successfully moving the entire prod datacenter from Sugar Quay Lower Thames Street to Interxion at Hanbury Street , over 1000 servers, 30 populated blade centres. servers, associated routers, switches, firewalls and Next Gen devices. Project managed successful DR site upgrade in Kent, project to upgrade Cyber scanning devices, and installation and configuration of new Cyber scanning devices.
Key technologies: UNIX (Solaris), MISS architecture, NT, GL, Eurex, LIFEE connect, TRS, CBOT, Fidessa/Royal Blue, Ex-change access, Middle and Back office plus trader support. Futures and Metals trading IT systems analyst Front, Middle and Back office Member of dedicated team supporting entire trading life cycle on LIFFE and EUREX exchanges, futures, options, derivatives, using TT, GL and EUREX front ends. The role SPLIT 50/50 technical and functional. Bulk of trading business was Exchange traded derivatives, with an element of OTC. Majority of work was concentrated on the day to day running of EUREX, LIFFE and CBOT exchange connectivity, ensuring trad-ing systems available throughout trading day and technically maintained.
Key technologies: Windows clients, Linux clients, Windows Server, MS SQL server, Cisco networking, Easyscreen trading, Reuters Triarch, Bloomberg, WAN routing, DR consultancy. Providing functional support for futures, options, bonds, derivatives, index arbitrage and research.This was a split split role, both technical and functional. Supported some 40 non-Triarch Market data products (Bonds, Options, Derivatives), overseeing installation of new products, writ-ing test scripts, providing technical documentation and providing training for hand over to pc support group once systems proved. Involved with several DR projects, involving Reuters Triarch, Bloomberg and cross WAN link DR.
Key technologies: Solaris Unix and Windows, MS SQL server, Cisco networking, Easyscreen trading, Reuters Triarch, Bloomberg, WAN routing, DR consultancy. Supporting Equities and Derivatives traders This role included direct trader support and training and resolving all issues in the front and backoffice systems as they occurred. The bulk of business was derivatives / futures and some options trading Liased heavily with backoffice regarding trading inconsisitencies and trade reconcilaition, checking vols, strike price, erors etc Wrote scripts using PERL and C to port UNIX data to management desktops to show 'up time' and 'goodness' of GL system.
Initially hired by 'City West' divison of Reuters to support and manage the Reuters 3000 product rollout and diagnose/report problems encountered using these products and report back to developers. There was large involvement with Reuters Kobra, Triarch and various other specialised product in addition to resolv-ing network and DNS issues on various client sites. Role was heavily NT and UNIX based, and part of task was fault find problems on the trading floors, and resilving code issues. I later was recruited to engineer-ing helpdesk, where I headed up a team of 2nd and 3rd level engineers to resolve ongoing issues - in charge of five general support engineers and four UNIX / Triarch engineers.. Ran training workshops training junior engineers in networking and Triarch at request of management.
This role involved hands-on direct support of the con-vertibles / derivatives and equities dealers (I.T. sited on the dealing floor) - predominately Windows NT 3.51 / 4, running Smartsuite and Microsoft Office. This included directly resolving problems with Lan (Cis-co) and external links (BT), overall connectivity, mail connectivity, and ensuring reliable real-time data feeds from Reuters to the dealer positions. Some work involved resolving Triarch problems - crashed feed handlers, resetting distributors etc. This was a very varied role involving NT, UNIX, Cisco, Novell, Banyan Vines, various mail packages, Lotus notes.
Based in Chelmsford Essex, employed as on site engineer working for a variety of clients in and around London, including Proctor and Gamble, Polygram records and Lombard Finance (part of Nat West) Role included NT, UNIX, Novell, Cisco Networking and Market Data skills. Considerable hands-on with networking systems (Cisco) Novell systems, TCP/IP, Reuters Data feeds.