Responsibilities: - Defined the threat profile of an online system that manages the personal details and wages of 1.4M employees and derived proportionate security controls to mitigate the risks associated with data theft and fraud. - Acted as the Security Design Authority (SDA) for a strategic online system, derived architectural principles, policies, and standards, and ensured designs were compliant with them. - Designed the defence in depth capability for an online system, based on zero trust, trust management and escalation, and adaptive authentication. - Utilised tailored views and specific language to address stakeholders concerns and to ensure that security understood business requirements, business understood security risks and mitigations, technical understood security requirements, and security understood effort of implementation. - Led the design of a Cyber Security Operations Centre (CSOC), which included all the domains: services, business, information, application, infrastructure, and security. - Delivered conceptual, logical, and physical architectures as part of the CSOC model. Each architecture addresses the WHAT, HOW, and WITH WHAT. - Devised the services and the underlying capabilities needed for a Cyber Security Operation Centre (CSOC), aligned to the NIST Cyber Security Framework. - Produced roadmap for linking the different interim states of the CSOC with its target state. - Designed the Security Response service, based on the NIST Security Response Lifecycle, and also modelled the underlying business processes using BPMN. - Defined the scope for information assets in excess of £50M and performed security risk assessments. - Identified threats, threat actors and sources, weaknesses, and vulnerabilities, and the different impact levels on confidentiality, integrity, and availability. - Performed maturity assessments on the security posture of the client to document the current state, assisted the client to articulate the vision and the target state, and produced a roadmap with interim states to enable a continuous and unbroken transition from the current state to the target state. - Assessed the supply chain of the client, identified suppliers and associated security risks, grouped suppliers in tiers and levels of trust, derived pragmatic controls to mitigate the unacceptable risks, devised architectural patterns to incorporate the controls, and selected suitable solutions to convert the patterns into a defence in depth capability. - Devised a set of short-term, mid-term, and log-term mitigation initiatives and linked them in a roadmap. - Produced and maintained a reference architecture for a domain of trust responsible for hosting information assets in excess of £50M. The reference architecture covered the business, information, security, application, and infrastructure enterprise domains and comprised principles, policies, and guidelines. - Identified the building blocks for the target, current, and transition states of the domain of trust, and specified their interfaces, channels, and dependencies. - Matched solutions (existing and proposed) with building blocks, identified their related gaps in terms of usability, integration, and interoperation, derived efforts needed for filling these gaps, and fed costs into the Total Cost of Ownership (TCO) associated with each solution. - Devised a defence in depth capability comprising different lines, tiers, and layers of defence, aligned to a security control catalogue based on the NIST 800-53 Special Publication. - Produced a design pattern for addressing supply chain risks when importing software releases, patches, and signatures from 3rd parties into the Process Control Network (PCN). - Defined the information lifecycle, with states and transitions, in a system that comprised different domains of trusts, and governed by a Mandatory Access Control (MAC) system operating in Multilevel Security Mode (MLS). - Identified the fundamental information conceptual building blocks and the required Security Enforcing Functions (SEFs) to protect unstructured data. - Led the design of the information governance business processes with embedded compartment lifecycle, information lifecycle, information taxonomy, information compliance, information classification, and information auditing. - Designed end to end business processes, with defined responsibilities and accountabilities, to enable information owners to manage their assets effortlessly and transparently. - Produced the conceptual model of an Information Rights Management (IRM) building block. - Produced a Solution Options Paper (SOP) containing an assessment of the IRM building block against the Defence in Depth capability, the evaluation of fourteen IRM solutions, and the deployment recommendations. - Produced a roadmap for integrating an IRM solution with Enterprise Information archiving (EIA), eDiscovery, Enterprise Content Management (ECM), Data Governance, Classifier, Data Loss Prevention (DLP), Access Controls, and Accounting & Auditing. - Reviewed cryptographic key management (hierarchy, generation, distribution, storage, rotation, archiving, and destruction) and proposed ways for fixing weaknesses and vulnerabilities. - Produced use cases for an Identity, Entitlement, and Access Management (IdEAM) system. - Derived a target state model of an IdEAM system (based on ABAC, CBAC, and the Jericho Forum Identity Commandments) that consisted of persona-based identification, trust-based authentication, and risk-based authorisation. - Produced a conceptual model of an IdEAM system defining ‘what’ building blocks should be used to deliver the system. - Produced a logical model of an IdEAM system describing ‘how’ the building blocks, defined in the conceptual model, should interoperate to deliver the system. - Devised a trust framework for joining together the architectural building blocks of the IdEAM model. - Used cryptographic primitives for exchanging information between the Identity Provider (IdP), Attribute Provider (AtP), Entity Manager (EnM), and Entity Data Store (EdS). - Produced High Level Requirements (HLRs) and Low Level Requirements (LLRs) for an IdEAM system. - Produced functional and non-functional requirements for a Privileged Access Management (PAM) system serving different domains of trust. - Produced High Level Requirements (HLRs) and Low Level Requirements (LLRs) for Data Governance, Classifier, DLP, and IRM systems. - Designed and implemented Web Security Gateway, Email Security Gateway, and Data Loss Prevention technical security controls, centrally managed, and using Websense products; all integrated with a Security Information and Event Management (SIEM) system represented by QRadar.
Responsibilities (Details can be disclosed only to holders of appropriate security clearance): - Managed suppliers and stakeholders of different levels to deliver a set of security services, aimed at protecting a high profile online system. - Derived the AS-IS state of a Security Operations Centre (SOC), formulated its corresponding TO-BE state, and linked their gap through feasible and affordable transition states. - Aligned the Security Operations Centre (SOC) strategic objectives with the organisational strategic goals. - Designed a service model, comprising security monitoring and security incident response, for a Security Operations Centre (SOC). - Designed a Supply Chain of Intelligence, aimed at assisting the Security Operations Centre (SOC) to operate in predictive mode. - Derived an Operational Maturity Model for a Security Operations Centre (SOC). - Formulated a monitoring and incident response approach for detecting fast and slow attacks, and responding to alerts and incidents without causing and fostering denial of service conditions. - Developed architectural patterns, compliant with HMG guidelines, for a Security Operations Centre (SOC). - Formulated a Monitoring Coverage Framework for identifying existing monitoring capabilities, their gaps and their limitations, and proposed solutions for mitigating associated risks. - Identified High Level Requirements (HLRs) for a Security Operations Centre (SOC) and Low Level Requirements (LLRs) for Security Information & Event Management (SIEM) and Web Fraud Detection (WFD) capabilities. - Devised a framework for analysing end to end attack use cases and mapping them onto Security Information & Event Management (SIEM) detection rules. - Derived an end to end capability for mitigating Distributed Denial of Service (DDoS) attacks. - Identified threat scenarios to analyse complex cyber and fraud attacks and proposed proportionate mitigation controls. - Chaired workshops for identifying attack use cases that could be utilised to compromise target systems. - Liaised with Fraud and Error to produce a unified monitoring and incident response capability. - Chaired workshops for producing architectural patterns, solution patterns, and interfaces that consisted of Identity Assurance (IdA), Web Fraud Detection (WFD), Trust Management (TM), Trust Escalation (TE), and Security Information & Event Management (SIEM). - Reviewed Process Reference Models (PRMs), High Level Designs (HLDs), and Low Level Designs (LLDs) against High Level Requirements (HLRs) and Low Level Requirements (LLRs).
Responsibilities (Details can be disclosed only to holders of appropriate security clearance): - Exercised professional judgment in applying security expertise to solve complex problems within highly political environments. - Managed stakeholders of different levels (internal and external) and backgrounds (business and technical) to mitigate security risks while delivering services to the client according to Service Level Agreements (SLAs). - Derived tailored Enterprise Architecture (EA) frameworks, embedded security architecture into remaining constituent architectures, and integrated governance and enterprise risk into EA classification matrices. - Designed an architectural pattern for resilient infrastructure, able to host clusters for processing large data sets and potential zero-day malware, aimed at identifying cyber attacks. - Designed a defence in depth capability, based on aligned constituent building blocks deployed in layers and lines of defence, capable of protecting hosts in dynamic and static environments against Advanced Persistent Threats (APT). - Evidenced potential exploitable vulnerabilities in High Level Designs (HLDs) and Low Level Designs (LLDs), and proposed proportionate controls to mitigate the associated risks. - Advised on hardening private clouds, hypervisors (VMware), operating systems (Windows, Linux, and UNIX), databases (Oracle), and applications (COTS, GOTS, and bespoke). - Utilised Return on Security Investment (ROSI) and Total Cost of Ownership (TCO) for the selection of proportionate security controls. - Provided tailored views of complex systems to stakeholders using their corresponding viewpoints for the purpose of deriving proportionate risk mitigation controls.
Responsibilities: - Managed security-related projects from conception to delivery, in-house and off-shore teams, using elements from PRINCE2 and DSDM. - Advised on implementation and compliance of standards and regulations (including ISO 27001, ISO 27002, BS 25999, DPA, PCI DSS, and SOX). - Performed security risk analyses and assessments, provided advice on risk treatment, and selected and implemented proportionate security controls. - Produced different documents for customers, including business cases and proposals, and completed ITTs (Invitation to Tender), RFIs (Request for Information), and RFPs (Request for Proposal). - Analysed, designed, integrated, and deployed controls (i.e. technical and administrative) in layers (i.e. deterrent, preventive, detective, and corrective) following the defence-in-depth approach.
Responsibilities: - Managed team of analysts, developers, and testers – including employees and contractors. - Liaised with project managers and business analysts to ensure requirements were pragmatic and delivering deadlines were realistic. - Introduced modelling standards (i.e. Unified Modelling Language) and coding practices into the organisation for standardising collaboration between internal and external stakeholders. - Mentored and coached team members on reliability, reusability, security, scalability, maintainability, interoperability, and usability. - Derived specifications from requirements and designed large IT systems based on client-server architectures. - Designed and implemented technical security controls, including distributed firewalls and access control systems – frontend and backend. - Analysed and modelled databases, and migrated data into Relational Database Management Systems (RDBMSs). - Designed and implemented Payroll and HR modules for an Enterprise Resource Planning (ERP) system.
Responsibilities: - Analysed AS-IS states and derived improved TO-BE states. - Ensured TO-BE states supported overall organisational strategic direction. - Replaced hierarchical functions with end-to-end business processes. - Reengineered broken business processes to enhance inter-process communication. - Liaised with stakeholders and facilitated workshops to elicit requirements. - Introduced automation in business processes to improve quality and consistency.