Secure Being is founded on the premise that convergent technologies have made our lives so much simpler, but in doing so they’ve also opened us up to new methods of harm. To prevent fear from any source winning out and disrupting connected lives, Secure Being’s purpose is to educate, test and help consumers understand information security as it applies to them as human beings.

At Particle, I had overall responsibility for all aspects of the security program and information security team. Particle is a series C funded IoT hardware and software platform. This role included both technical security, and compliance work. I implemented Vulnerability Management, Application Security, Security Operations and Compliance functions and achieved SOC 2 compliance. I worked on embedded firmware security. I also had responsibility for all operational engineering teams including Site Reliability Engineering and Business Intelligence.

I had overall responsibility for all aspects of the security program and information security team at Amperity, a series C funded marketing automation startup. In this role I performed the due diligence, and subsequent systems and security integration of an acquisition target.

60 % Technical / 40 % Leadership, Policies, Compliance, Other BusinessAs below, but following promotion to Senior Director given responsibility for all employees in the security organization, and took a more active role in sales and customer facing processes.Built tools and processes to support changing privacy landscape, e.g. GDPR/CCPA.

70% Technical (Hands-on and Consultative) / 30 % Leadership, Policies and ComplianceTechnical Security Lead. Responsible for Security Operations, Incident Response and Application Security in a HIPAA compliant enterprise hosted exclusively on AWS (following migration in 2016).Built a custom SIEM tool that provides Accolade with an overview of all activity in the Accolade Cloud Platform, with tie in's to AWS, custom applications, network IDS/IPS, physical security controls, telephony and threat intelligence feeds.Designed and operationalized the Duty Day program, which provides a series of security operations tasks to be performed by engineers.Deployed multi-factor authentication solution enterprise-wide for all remote connectivity.Partnered well with development teams, operational teams and other areas of the business to ensure deep security coverage.Designed security awareness programs, and ran capture the flag (CTF) competitions on homegrown CTF targets.Customer facing, pre and post sales.Ran numerous digital forensic investigations in support of the legal department, and testified on the nature of collected evidence where necessary.Lead the response to various security incidents, successfully minimizing the impacts in all cases.Provided guidance and training to internal IT support staff.Performed penetration testing on applications, and supervised further pen tests conducted by internal resources and outside parties.Represented Accolade's security program at external events and through marketing materials.Placed emphasis on building security tools and training people as a first priority, but also ensured that every tool we decided to purchase was fully deployed.

Lead incident response efforts and built out the process for responding to criticalsecurity patches.Internal SME for security and compliance related questions.Provided support to sales teams that may need a security point person during the salescycle. Created the ExtraHop Security, Privacy and Trust program, to highlight layers of controlsin our infrastructure.Ran a mixture of manual and automated security testing against the ExtraHop productline. Supported the legal team, particularly in the area of HIPAA/HITECH requirements, forExtraHop’s large healthcare customer base.

Building out the Expedia Security Operations Center and overseeing the growth of the Incident Response Practice.

Lead a team of Security Engineers who were responsible for the technical security controls at Concur within both the Corporate and Product environments.Built several tools to automate security tasks, including a from scratch SIEM tool which incorporated events from the network, application and logical layers. Responded to security incidents, performed in-depth forensic investigations and provided evidence to law enforcement for both internal and customer facing legal cases.Built relationships with other teams within Concur and built a team that was considered to be one of the most well-rounded in the organization.

Created the Global Security Operations team at Concur. Built out procedures and deployed/evaluated/created tools to ensure we were overachieving when compared to industry standards.

Performing threat modelling and penetration testing on all platforms (web and mobile) to ensure that security is firmly embedded in our SDLC.

Improved network security posture by implementing new security controls, focusing on the network layer, but often other areas too.Performed firewall upgrades, rule management etc.

Wrote/taught a part time evening class during the Winter Quarter entitled Security Tools and Technologies, which forms part of the University of Washington's Professional and Continuing Education certificate in Information Systems Security.Developed a vulnerable PHP/MySQL web application and several vulnerable lab machines for students to practice their penetration testing skills.Constructed homework exercises that simulate real life security tasks, such as firewall audits, building new tools and penetration test reporting.

Member of the Cloud Security Office at Mozy, a VMware owned online backup and cloud services provider.Responsible for system and network security.Author of several new network security policies designed to address specific issues to the organization, as well as maintainer of existing policies. Work with business units to gather evidence for ISO27001 and SSAE 16 Type II audits.Led a company-wide data loss prevention project.Set up internal security website where all employees can find materials to assist them in being more security aware, produced a large amount of this material.Set up an anonymous reporting point to allow employees to report any security concerns in products or processes.Look for and address vulnerabilities in network infrastructure or products.Administrator of Linux hosts used to run security tools, as well as a VMware ESX cluster.Contract position.

Worked primarily as a penetration tester, attempting to find and exploit security holes in client's websites or network infrastructures..Produced technical reports following a penetration test, explaining the methodology used, any findings and remediation work required.Acted as a consultant, performing network design reviews, firewall rule set reviews, system build reviews (gap analysis) and offered advice.Successfully launched Encription's digital forensics service. Responsible for purchasing lab equipment, writing polices, training staff and leading investigations.Wrote technical stories for the encription blog, produced video presentations for encription YouTube channel and whitepapers for the encription website.Performed several forensic investigations, mainly for corporate clients, including an international airport and several multinational companies.Responsible for management and security of office infrastructure, oversaw a move to new premises in February 2010. Wired the office’s CAT 5e network cabling.Delivered Tigerscheme Qualified Security Tester training courses.Wrote a new training course, including all slides/notes, set up exercises and simulated corporate network.Joined the Tigerscheme technical panel to design digital forensics training courses and guidelines. Tigerscheme is a UK based non-profit organization run by industry stakeholders which aims to ensure standards in IT security work.

Installed and maintained a wide variety of network infrastructure equipment on the organization’s global data network.Checked installations to ensure that they conformed to security policy.Maintained the organization’s voice network, which included a mixture of digital and analogue technologies including PABX and VoIP.Installed and managed cryptographic hardware.Picked up support calls and was responsible for managing own time.

Worked in a team of five to install and manage over 300 remote servers running Redhat Linux and 50 centrally hosted servers running a variety of operating systems and applications.Managed a large Cisco infrastructure that supported 120,000 users.Responsible for security of the network infrastructure, this included processing change requests and managing several Cisco ASA firewalls.Provided support to first line technicians at customer sites.Gave presentations and delivered training courses for other members of staff and customers.Involved in a large project to virtualize all physical servers into a VMware environment.Responsible for internet and email content filtering decisions.Worked with local police and international agencies to provide evidence for forensic investigation purposes.

Worked for a specialist section of the county council’s IT department; which provided technical support to county schools.Visited multiple schools on a regular basis, working on my own to manage and maintain all aspects of the school’s IT infrastructure.The role featured typical system administrator duties such as rolling out software, managing users, troubleshooting problems and installing new hardware.Managed a number of time sensitive projects, including a brand new network installation of 150 workstations and 3 servers in fewer than four days.Used various network management applications such as Winsuite, Ranger and Symantec Ghost.

Maintained store IT systems that were used for financial transactions and ordering. Traveled around the UK converting Safeway stores to Morrison's format.