security architect
Atkins
Total years of experience :21 years, 2 Months
Working within client project teams as the Technical Lead for security design, deployment and transition to operations. Improving client risk management processes by understanding the client's aims, culture and portfolio. Conduct in-depth risk assessments based on Clients’ risk methodologies. Assist in the production of client policies. Building up knowledge of client enterprises and security architectures to enable consistent security advice. Identifying areas of security weakness within client organisations and producing detailed remediation plans. Ensuring coherent, consistent and effective approach is taken to new security solutions. Design of security solutions with the constraints of client policy, technical standards and frameworks. Interfacing with client staff to plan and deliver security technology road maps Ensuring compliance with client design and security assurance processes for the delivery of solutions. Documenting designs and how they interact and interface with the wider enterprise Delivering services to the highest level of quality, within time and budget constraints and in accordance with Cyber Security Account Managers’ requirements. Provide regular progress and quality reports to Cyber Security Account Managers Maintaining successful working relationships with key customers and stakeholders improving understanding of the value of cyber security.
• Security and Technical Architect for CenturyLink’s G-Cloud Programme delivering Platform as a Service (PaaS) to Government Customers. Providing comprehensive security architecture and technical architecture guidance and support, to Technical Operations, Solution Engineers and Client Service Partners teams.
• Assisting Director Government Solutions covering G-Cloud Service Descriptions & supporting documentation.
• Delivering comprehensive security architecture services and support, and provide in-depth solution designs that meet customer requirements.
• Perform a wide range of infrastructure architectural services focused on the key security principles and standards mandated by UK Government, including Security Policy Framework, IA standards, GPGs, and ISO 27001/2.
• Ensure overall architecture and designs are in accordance with accredited standards as defined in RMADS and SyOps.
• Delivering high quality security focused design documentation, impact analysis, and design documents, to support CenturyLink Public Sector Services activities.
• Delivering Security documentation to support accreditation requirements and solution/infrastructure certifications. Design proof-of-concept environments to showcase technology and integrate into core CenturyLink infrastructure offerings.
• Design, implement and manage the Security Audit Centre (SAC) infrastructure. Manage and Implement major and minor upgrades to the SAC to enhance audit log transfers and analysis of events and incidents
• Write security policies & procedures for systems, networks and applications according to internationally recognised standards.
• Conduct Cyber Security assessments against documented security policies. Running vulnerability scans across the domain to assess systems, networks and applications for weaknesses. Security auditing system configuration against standards and compliance checking systems, networks and applications against security policies, procedures and best practise. Report and brief key stakeholder on the results of the security assessments.
• Risk assessment of vulnerabilities, threats and asset valuation. Project managing and implementing security controls, updates and security patches.
• Developing security monthly reports; analysing & resolving risks detected. Reporting on Cyber Security, changes, Anti-Virus, Security Incidents, threats, vulnerabilities, Security Patch progress, etc.
• Working with Penetration testers; project managing and implementing risk treatment plans.
• Impact assessing new changes brought into the environment from a security perspective.
• Investigating and troubleshooting security incidents and security breaches.
Being in the discovery stage as part of a team my role was to interview current security staff, discover their roles and responsibilities and write up a security operations manual using ITIL methodology. The security Operations manual included the current tools used i.e. SOPHOS, SANCTUARY, OVO, OVSD and etc. Also included were security incident scenarios and incident response processes for them.
Writing up security policies; Asset Protection, communication policies, wireless technology, security incidents and reporting processes, security vetting and etc.
Creating security reports and spreadsheets for the end client.
Auditor for a major £multi-million project. The role involved: Monitoring, and recording personnel workings across a large technical footprint (MS Active Directory, Exchange, GPO’s, MS SQL, CITRIX, Mcafee, EPO, HP OVO, Oracle 10g, OLS, RAC, XML, Linux and Windows 2003 Platforms).
My roles were to Maintain, Support & update the citrix farm that contains a number of in-house applications for users to connect to using Citrix Technology. The Farm contains over 60 servers for it to run sufficiently ranging from Windows 2000 to 2003 servers. There are 2 domain controllers, 2 back up servers, 10 SQL database servers based on cluster technology, 2 SMTP servers, 3 Web servers and approximately 25 citrix servers. Using Active Directory for user accounts, OU's for posts and giving the users the correct rights.
Providing Support, installing & configuring in-house, bespoke applications.
Supporting & Maintaining Windows NT/2000 & 2003 servers, Windows NT & 2000 Workstations, MS SQL 6.5 & 2000 (Cluster Configured Database Servers), Active Directory, Citrix XP, Registry Keys and etc to resolve and maintain a live & available environment globally.
• Galliford Try, a well established construction organisation has decided to upgrade its technology for the 1000 users over number of locations.
• Replacing, imaging, cloning, configuring, upgrading & utilising the servers from Windows NT/ 2000 to Windows 2003. Upgrading hardware parts of the server from G2’s to G3’s, extra RAIDS’, Memory Upgrades, Tape Drives and etc.
• Using Active Directory for creating the new physical Domain Structure via a Forest Design, Containers’, OU’s, GPOs’, DNS Namespace, WINS & DHCP Configuration. Configuring and connecting Active Directory to Exchange 2003 by using Connectors, setting up recipient Update Policies and Routing Groups. Migrating user accounts & profiles from the old Windows NT / 2000 Domain to Windows 2003 Active Directory.
• Carrying out back-ups, Solving Back-Up failures & restores’ using Arc Serve and investigating activity logs. Archiving, creating, deleting, modifying & setting up: User accounts, remote connections, e-mail, profiles, internet and intranet accounts using tools such as Active Directory, Citrix, Exchange 5.5 & 2003, Cisco routers’, User Manager and etc.
• Ensuring the availability, monitoring and resolving any issues concerning the Servers & the Network; Storage Space, Mapped Drives, Login Scripts, Anti Virus, Security & Access Permissions, hardware faults, Applications & etc.
• Installing local & networked printers, Patching, providing weekly reports to carry out the above. The ability to use Proxy, SMS Administrator, DNS Admin, Wins Admin, DHCP Admin, SMS, Hyena, Server Manager, VNC, E-trust and etc.
• Daimler Chrysler, a co-operate organization, have realised the necessity of upgrading there hardware and software to stay in competition with other car manufacturers and its technologies. Milton Keynes (Tongwell) being the headquarters have initiated the rollout of 1500 new desktops & laptops.
• Replacing, imaging and configuring new laptops and desktops: Working with a team of highly qualified technician based at DCUK to achieve the above. From migrating the data across, ghost data uploads & downloads of the new customized Windows XP build (IBM ThinkCentre S50, ThinkPad T41 & HPNC6000), making the machines live in Windows 2003 Active Directory as well as user accounts, adding users to the correct groups, installing printers, configuring Lotus Notes, Palms’, IPAQ’s, Blackberry’s, Broadband, ADSL, ISDN & Dial-up connection via the Virtual Private Network (VPN) using a SecureId and finally handing the machine over to the user.
• Deploying & configuring the hundreds of extra applications via SMS specifically required by the users such as: Acrobat the full version, Cognos Bi, Control ES, Opus & PowerPlay, Project 2000, SAP, Visio, Vega Live and many more. Tasks also included are UAT & Q/A.
• Ensuring any post rollout issues are resolved: This can range from, user logon, Office Applications, Business Applications, Printing, Lotus Notes V6.5, User data, Networks, Desktops & Laptops, Palms, IPAQs, Burberry’s, GoldCards for ISDN, Broadbands and etc.
• Responsible for creating and updating any migration documents such as the hardware configuration check lists sheet, Lotus Notes and Handover check lists, to ensure correction and perfection.
Working under a strict and tight schedule covering all customer recruitment sites based in England, Scotland and Wales.
Replacing, imaging and configuring new servers: Working with a team of highly qualified technician based at EDS Hook to achieve the above. From configuring of the migration, new Windows 2000 server, replicating & configuring Windows 2003 Active Directory, installing & configuring Microsoft Exchange Server, backup checks & carrying out backups, disaster recovery checks, migrating data onto new server, auditing the old server, decommissioning the replaced NT 4.0 server, configuring the IP addresses’, configuring the services, installing DNS, configuring DHCP and etc until the server is fully functional, all under very tight schedules.
Working as part of a team of technicians: restoring custom built pre configured images onto new Compaq workstations. The image of the standard build includes Windows XP, installation of MS SMS and e-trust Anti Virus as per the requirements. Any other applications such as OJAR, Safe Dial for Laptops, Unicom Icons, PDA and etc are installed & configured upon user requests.
Ensuring any post rollout issues are resolved: This can range from, user logon, Outlook, Business Applications, Printing, Connecting to the Internet, User Shortcuts, Office Applications and many more.
Installing HP printers and adding users shared & locally, and reconfiguring networked ones with the replaced ones details.
I took the lead role in hosting, developing, supporting and solving problems for users, approximately 1000 on site.
Duties incurred building workstations and laptops via images on the server, or ghost from a hard disk drive.
Installing, configuring, supporting and solving all Office applications including MS Outlook, as well, any complex ones’ needed by the engineering site such as Iman Portal, ISIS Web, Citrix, Doors, Visview & Vismockup, Leo, Pro Engineering, CadStar and many more. Dealing with and configuring licences whether locally or from the server, via environment variables.
Installing, fixing and configuring system boards, hard disk drives, printers, monitors, servers, blackberries and many other hardware parts on site.
Creating user profiles and accounts, changing and resetting passwords via user manager and Enterprise Administrator. Administrating all Windows Platforms installing, configuring and supporting Microsoft Windows NT, 2000 & XP Platforms as well as Office 97 to XP. This includes operative files, control panel, device manager, the registry, user manager, User Groups, GPO’s and etc.
Connecting users’ to the network securely by adding machine details in VIETHERS & HOSTS, and assigning an IP addresses. Configuring Network protocols, TCP/IP properties, connecting to the Internet and patching cables. Installing, educating, configuring and supporting GTS (Global Travelling System), which enables users to connect to the network via dial-up when off site.
Updating & upgrading recommended software drivers such as service packs for Microsoft Windows & Office, Patches, Hot fixes, Qchains and Anti Virus.
Working as part of a team developing, hosting, supporting and solving Problems for end users globally.
Responsible for maintaining hardware, software, operational data and systems supported by IBM, provided to the RAF (Aircraft Maintenance Division.)
My role involved a procedural method: speaking with the users, updating information in Remedy, analysing issues, and finding solutions with the support from the information on the intranet as well as other teams: Business Application Support, Operation’s, Service, Change, Configuration, Project and Top Level Management as well.
Writing SQL Codes to correct, delete, modify, and or update data within the in-house systems i.e. Aircraft Management, Maintenance Management, Cost Management via Telnet.
Installing via SMS, educating and providing support for Software, such as: Microsoft Windows NT, Microsoft Access, Excel, FrontPage, Outlook, PowerPoint, Visio, Lotus Notes, Accountancy Packages (Agresso) and other’s requested by users, as well the in-house systems.
Solving user’s password problems, advising them of Access Methods, Legal Issues, Network Problems, Upgrades, setting up of accounts and other essential issues when appropriate via e-mails, personally during site visits or verbally.
Providing, supporting and maintaining the availability of servers and the network and carrying out a weekly back-up of the data stored, using magnetic tapes.
Customer service Team Co-ordinator - Handling the billing concerns and queries of clients by assessing and controlling the situation and carrying out the necessary adjustments upon their accounts’.
Building company relations - Having to be in frequent contact with customers and field engineers in order to enhance the service provided.
Assisting with new development ideas of the in-house systems as well as the migration and launch of it on to the intranet.
Attaining opinions from customer service advisors on amendments and future development plan for the in-house information systems.
Responsible for designing and implementing reports of team members, with details of attendances, quality of work, punctuality and attaining future plans.
Educating team members to protect and prevent data from viruses, back up of important data, access controls, legal & security issues.
Skills developed: Communication has enabled me to become a strong organised person, an effective team member, adapt to various situations and maintain control of my activities and decisions. As well as converting the theoretical knowledge learnt as a post graduate into practising skills.
Analysis and Design of Information Systems Applied Statistics using Computer Packages Computer Networks and their Applications Database Technology Demography and Sample Surveys E-commerce and Business Financial and Management Accounting Forecasting Methods for Business and Management Heuristics and Structured Problems in OR Information Systems Study International Business International Finance Introduction to Programming Language and Computers Language modules The Management of Human Resources Managing Complexity: the Systems Approach and Soft OR Marketing Analysis Micro-Based Applications Operations and Service Management II Optimisation Principles of Finance The Rise of the Modern Corporation Strategic Management.