An Information Security Analyst/Engineer with 10+ years experience in the Commercial, Energy Utilities and Governmental arenas. A wide and varied experience across all security domains, both technology and governanace based, has resulted in a holistic understanding of the Information Assurance Lifecycle for secure systems.

A high level Information Security SME with a broad technical knowledge across a range of technical domains but could not claim to be a Windows SME, Unix SME, SIEM SME etc.

ISO27001 Lead Implementer, course attended and exam passed. Check Point Software Blades Training Course attended recently.

Main focus over recent years has been secure systems delivery to customer requirements with a major emphasis on effective incident alerting against organisations risk profile and best practice guidance such as GPG13.

Government clearances have been held but have recently lapsed. I am currently seeking contract opportunities.

Specialties:
Secure systems/applications accreditation, implementation and testing
Incident management (SIEM)
Cyber Threat Analysis
Technical security design, system hardening and subsequent testing against requirements
Security policy, requirements and process design and documentation.
PCI DSS (PCI-SSC’s PCI Awareness Course recently passed (v3.0, Oct 2014)
Information security - DLP, Data Classification and handling
Security Training and mentoring
Strong stakeholder management and social skills.
Technical Security Project Management