RiverSafe is an Information Security Consultancy that specializes in Network Security, Threat and Vulnerability Management, Security Event Information Management and Big IT Data Analysis solutions. We work in a variety of environments (Financial Services, Telecommunications, Oil & Gas, Healthcare & Consumer Lifestyle, Education, Utilities, Government), implementing solutions for large Data Centres, Process Control Networks (SCADA), and highly critical financial transaction data networks. We pride ourselves in our ability to configure each one of these technologies to present security event information in a manner that is highly relevant to clients. Our goal is to create accurate threat monitoring in the most efficient and cost effective manner possible.Through careful consultancy we help organisations build and mature their security operations and realise effective protection against cyber threats real to their business.We take pains to understand the business, applications and services of our clients, and we work closely with Risk Management bodies to translate their efforts into active monitoring. We ensure that any proposed technology is fit for purpose and that it satisfies not just security requirements but operational and process requirements as well.Our team of high skilled consultants come from diverse backgrounds in the Information Security space and together we offer a rich perspective and delivery capability.

I was responsible for the development of the logging and monitoring architecture for the Security Intelligence Programme. I also lead the development of the technical requirements, processes and principles Logging as a service and SIEM as a service initiatives. Building out the RFP and conducting the workshops with vendors bidding for this work. I supported the Enterprise Security Architect in developing the roadmap for SINTEL programme

I was responsible for developing the threat detection standard for the E-Commerce, staff browsing, extranet, and remote access perimeters. I provided consultancy for a number of work streams for the migration of services from the Managed Security Service to the newly created in-house SOC. In addition to this I was responsible for creating the use cases for the SOC SIEM. I also developed the roadmap for further enhancing Network Security monitoring.

My role here was to deliver threat analysis on the output of core monitoring tools, in the Network Behaviour Anomaly and NIDS space. Malware analysis and remediations. Provide guidance on optimising the overall approach to threat analysis. Ad hoc training for junior analysts.

- Design and implementation of the Enterprise Threat Management platform- Consulting on network security monitoring for infrastructure changes and growth.- Creating standards for threat monitoring and deployment of the platform- Translating compliance standards into real-time monitoring configurations

My core roles consisted of the architecture and implementation of the global IPS and Passive Vulnerability scanning solution, the development of the global Vulnerability Management, Penetration testing platform and of the Security Event Information Management platform. I was also responsible for developing the network leakage detection solution (with rogue wireless AP detection), and the Community Defence Initiative subscription.

During this time my main responsibilities included the design and implementation of networks and the accompanying network security infrastructure for a number of environments, Disaster Recovery implementations, a review of the security management architecture as well as Firewall technology evaluations. I was also responsible for developing Network Security Standards and my worked formed part of the risk assessment process for new applications/environments.

Security Architecture - Designed a number of security solutions ranging from Internet Gateway clusters, Third-Party access (token based authentication), VPN and Extranet development, website security, content filtering and AVCorporate Security Standards for platform security (NT and Solaris).Enterprise Firewall Management - Firewall management consolidation with redundancy.Intrusion Detection - Designed and deployed NTL’s first ever enterprise IDS utilising Snort with ACID console. Other Open Source tools developmentOS Hardening and host-based firewalls and setting up computer forensics with Tripwire.VPN Management