I don’t feel it’s appropriate to publicly list every technology a company uses to protect itself. With that in mind, this is an extract from the original job spec:Provide a conduit between the SGN security management team and SGN’s managed security service provider for the below domains. The role will be required to provide assurance levels to the maturity and continued optimisation of the service against changing threats and risks to SGN. Detect: Anomalies & Events, Security Continuous Monitoring, Detection Processes, Respond: Response Panning, Communications, Analysis, mitigation, improvements, Recover: Recover Planning, Improvements, CommunicationsStrong technical understanding and experience of SIEM deployments in cloud (Hybrid) environments.Strong technical understanding and experience of systems and database security, Identity and Access Management (IAM), Encryption, Penetration Testing/APM, Firewalls, BCP and DR, SIEM, DLP, Cloud (AWS) Security, EUBA (DTEX), Symantec Suite (ESS, WSS, MSS, CASB, SEP), Broadcom PAM, Cyber X, Microsoft O365 / Defender, Information Security Strategy, Application and Infrastructure Security.Development of Security Policy, Standards, Procedures and Guidelines, and Security Risk Assessments. Vendor management/MSPsAbility to adapt to a fast moving client landscape where there are constant challenges in providing the agility required of the creative process, whilst maintaining a mature attitude to Information SecurityAnalytical mind, capable of managing numerous information sources whilst providing data analysis reports to senior executivesStrong customer focus, able to respond quickly and effectively to internal and external client demandsExcellent communication skills, both verbally and writtenFlexible and adaptableExposure to the latest I.T. Thinking and threat modelling methodsDemonstrable exposure to Change Management and business process experience QualificationsAppropriate, proven track record

The most critical aspect of my role was keeping the multiple certificate authorities (with hardware HSM’s) running 24/7 and ensuring correct process was followed for all aspects relating to IT security in the data centre. Key achievements include:Updating all hardware (servers, HSM's, firewalls, routers etc) ensuring 100% data accuracy, along with a new domain, virtualisation and failover where appropriate.Updating all software (server OS, monitoring etc) to supported versions.Replacing an aged OSSEC HIDs server with a full open source SIEM solution.I would also travel globally to install/upgrade or troubleshoot our systems for Governments, Banks and Military customers.Key Responsibilities:Perform support and administration of the production systems, with emphasis on maintaining security and continuity of operationsDevelop a complete understanding of the operation and security all the systemsPerform security process management following local proceduresMaintain security procedures and processes as requiredProvide input to the security design and requirements of all systemsMaintain security of all systemsManage installations or upgrades of internally developed systemsProvide training & support as requiredPerform any roles required as part of the Business Continuity PlanLiaise with 3rd parties for purchasing and supportMaintain documentation of network schematics, IP allocations etc over time as systems evolveAssist in the management of the physical security and access control of the siteDeputise for the Security & Operations Manager to cover periods of unavailabilityAssist with customer tenders and auditsAdvanced networking topics such as database replication and VPN tunnelsAdvanced server topics such as clustering and load balancingTo take specifications from senior management and suggest suitable hardware and software solutionsAwareness of the Internal Controls campaign

Whilst at GDC I was the primary contact for all desktop & server support work within GDC Head Office. I supported an environment of over 140 desktop & 60 laptop users, 3 physical servers, with 14 virtual servers, tape library, SAN, all onsite networking, Firewall & VPN, Video Conferencing, iPhone (with MDM), Avaya & firewall equipment. I maintained the manual asset database & performed all software and hardware refreshes. I provided training for new software or hardware and updated or created written process and procedure documentation. My personal achievements at GDC include the following:Structured AD and deployed GPO’s across the estate, where previously all devices were configured manually prior to rollout.Generated a standard operating environment, including GPO desktop application delivery to make sure all machines are up to standard.Revoking general local admin rights across our domain. Short term I was very busy, long term however it reduced my desktop support calls by around 80% and has allowed me to identify and remove non-corporate or unlicensed software without fear of them reappearing!Rolled out a custom data gathering script to collect machine & software information.Upgraded MS Exchange from 2003 to 2010.Migrated our desktop & server environment from McAfee to Symantec Endpoint Protection.Hardware upgrades including server, SAN & tape library. I have rolled out 80+ new desktop machines, manually migrating users onto their new ones.Installed & configured Dell iDracs, server monitoring & management software & APC UPS monitoring software.I decommissioned a BES server and advised on the requirements for the MDM for our new environment of iPhones.In short, I was given an IT task or briefing from my manager, which was investigated, amended to best practices standards, planned, implemented & documented. With my 200+ users including a very demanding offsite sales team, this was an extremely varied & busy role!

During this period I worked at BAE Systems as a Wintel Systems Engineer supporting their main network and a disjointed secret classification network. This exposed me to an environment of well over 1000 servers, mostly HP running 2k3 or 2k8 along with many SANS, NAS devices and all the applicable management agents and pretty much everything else you would expect in a large corporate environment – Netbackup, WSUS, ePo antivirus, HP SIM, etc. I was solely responsible for supporting everything on the disjointed network of around 100 servers, netapp filers, Netbackup with Neo Overlands & IBM system storage, VMmare (including HA) and a few clustered servers present on that network spanning the UK. We also had Linux and Solaris servers. Whilst my interaction with these was minimal, I was familiar enough to assist with AD, application integration and security issues. I am quite capable of managing my own projects, and have rolled out or upgraded a large variety of software across the network. Including WSUS, and HP SIM. I was also the primary contact for all Root Cause Investigation work, using tools such as PAL, and the Microsoft debugger. The organisation is very ITIL orientated, with a huge emphasis on process driven activities.

This role gave me a lot of insight on how the desktops (NT, 2K and XP) were integrated into a Windows domain environment. During this time with I worked very closely with the SDM’s (Service Delivery Managers) as their ‘hit man’ sorting out anything deemed particularly important or SLA failing, along with BES (Blackberry Enterprise Server) administration, and being the chief contact for VIP support in Portsmouth Navalbase. This role was very enjoyable as I met a huge variety of people.

This period was spent on the 3rd Line desktop team, creating and rolling out application packages for the desktops along with ‘build tweaking’ and assisting with the upgrades from Windows 3.11 to Windows 95 and subsequently Windows 98, all in a Novell Netware environment.

I also spent around 2 years as team lead as well as the head desktop technician at Whitehall for Private Office. I often found myself meeting the Secretary of State and his staff and members of the shadow cabinet to resolve software and hardware issues they were experiencing, or to assist with complex matters where absolutely 100% accuracy first time was required. My work here not only resulted in us being the first building to achieve ‘zero outstanding calls’ but also went on to net me Bronze, Silver and Gold ICL awards.

My first real introduction to corporate I.T. Most of this time I spent visiting people at their desks and fixing their computers. Anything that was build or server related I escalated to the correct teams, I checked backups and reported any failures.

I tested hardware and arranged for refunds or replacements. I was responsible for clearing the huge backlog of outstanding returned items, (some 2 or 3 years old) and improved their process quite considerably!