• Global Head of Shared Services Security Assurance Team
Barclays
Total years of experience :28 years, 6 Months
Running a team of 15 - 20 security engineers and responsible for the ongoing build and integration for a number of GIS technologies.
• Technology lead on a number of key projects. Two of these are currently ongoing. One of these projects is to deploy a replacement vulnerability management solution. The other is to deploy new and extended end point controls. These include McAfee EPO and
McAfee Endpoint.
• Technology and service owner for 3 GIS security technologies. Skybox Firewall Assurance; McAfee Vulnerability Management MVM & Symantec CCS Configuration Compliance.
• Responsible for all aspects of the deployment and management of these technologies.
This includes:
o Selection and design of a resilient and scalable solution that meets existing and future requirements.
o Engaging stakeholders and obtaining their requirements
o Management of all aspects of the end to end deployment making sure that we meet agreed requirements, all change controls and any regulatory requirements.
o Full set of documentation including all our processes and ensuring we deliver these.
o Ensuring we are able to fully support the technology
o Production and publication of all metrics.
• Management of the team responsible for all firewall change approvals and web URL access requests.
• Delivery of a number of GIS technologies and the consolidation of these across all business units at Barclays.
• Project & technical Lead to select and deploy a Cyber-Ark privileged account management solution. Working to tight deadlines set by a regulatory requirement, this
was delivered to the investment bank on schedule and then expanded out into other business units.
• Frequently working with Audit, both internal and external to understand the requirements and then deliver controls that close off any open audit points.
• Vendor Management - Working with our vendors and dealing with contract renewals, professional services, escalation of support issues.
• Project Lead to deploy Skybox Firewall Assurance into Barclays Capital. This ensured that all firewall configurations were checked for compliance on a daily basis. Configurations of all firewalls are collected daily and provide an audit of all firewall rule bases for poorly configure rules and changes outside of change control.
• Project Lead to select and deploy IBM ISS IDS/IPS toolset. Involved end to end process for product selection and deployment.
• Deployment of Symantec Vontu DLP solution to monitor external email. Product selection was not part of this project as license was already available. The challenge here was to deploy hardware and application in a very short timeframe dictated by senior management.
Responsibilities were to test, develop, stage and then deploy any products that help deliver a secure infrastructure for the E-commerce and web environments. These typically included Firewalls, proxies, reverse proxies, content switches and VPN’s.
• Project to provide a secure VPN remote access environment. Two different VPN offerings were developed to allow for maximum flexibility. First option developed was a full CISCO VPN client running on all Barclays standard build laptops using Cisco VPN concentrators and IKE/AES encryption. Second VPN developed was an SSL VPN using Aventail SSL VPN appliances allowing access from Non Barclays PC’s. These were the first VPN’s deployed at Barclays and enabled the move away from ISDN technology.
• Test and deploy Packeteer packet shapers to protect and guarantee network bandwidth.
• Pilot and test Checkpoint Firewall-1 on standard server hardware and Checkpoint’s own secured version of Linux, SecurePlatform. Implemented a pilot installation on SecurePlatform and this proved to be very successful. Redeployed all Checkpoint firewalls to new platform.
• Systems architect, systems administrator for AIX estate. All day to day administration of AIX systems that included FT.com.
• Administration of FT.com and all firewalls running on AIX and Solaris.
• Ran the project to migrate firewall systems away from IBM SNG and over to Checkpoint Firewall-1 running on Solaris originally and then on AIX.
• Responsible for all Y2K testing across the AIX estate and Checkpoint firewalls
• Deployment and administration of SessionWall web filtering application.
• Part of the small AIX support line team providing telephone support to IBM customers throughout the gulf region. The main role of the team was to provide first level support for customer software problems whether they be defect or non-defect.
• Third line software support for field engineers
• Value-add range of services to the customer in the form of AIX installations, smooth-starts on AIX, HACMP, operating system upgrades, migrations and simple PTF installs.
ComputerVision
• Third line support function for field engineers. Office based and providing technical
support and advice on both hardware and software issues.
Royal Navy Electronics Engineer
• Repair and service of Radar and Communication equipment. As a leading hand, I
was responsible for the training and supervision of junior rates and on my last ship, I
was responsible for 30 leading and junior rates
CISSP
CCSA/CCSE
HNC and HND