Operational Management of a team of eight Engineers and Support Staff, overseeing platform development using the MERN stack and AWS cloud infrastructure. Define and execute the technology strategy, ensuring scalability, performance, and security. Collaborate with partners and stakeholders to enhance platform capabilities and drive adoption. Specific technical responsibility to Implement and operate Secure SDLC, focusing on vulnerability analysis, SAST, DAST, and cybersecurity best practices in application security, server hardening, cloud and WAF.

Development and delivery of a 7 course Learning Path, covering the applications of AI and ChatGPT within offensive cybersecurity, red teaming and ethical hacking.The ChatGPT for Offensive Security learning path is tailored specifically for cybersecurity professionals and students looking to harness the power of ChatGPT in their offensive security strategies. This learning path is designed to bridge the gap between traditional offensive cybersecurity tactics and the applications of ChatGPT, offering a unique blend of Cybersecurity with AI knowledge. The courses in this learning path will guide you through the foundational concepts of artificial intelligence, including an introduction to Natural Language Processing (NLP), Large Language Models (LLM), and generative AI, setting the stage for a deep dive into the practical applications of ChatGPT within offensive cybersecurity. Whether you're an experienced penetration tester, red teamer, security researcher, or student, this learning path will equip you with the skills to leverage ChatGPT in crafting more effective, intelligent, and adaptive offensive security methodologies.Sign up at : https://www.infosecinstitute.com/skills/learning-paths/chatgpt-for-offensive-security/

Provision of secure development lifecycle (SDL) that integrates threat modelling methodologies and security tools into development pipelines, enabling application security auditing within CI/CD.Project Management of a team of five external contractors developing internal security tools. Agile methodology, use of DevOps for project management, setting objectives and deliverables. Liaising with a separate team of external contractors in delivery of pen testing.Working with internal development teams; providing AppSec consultation, code review and guidance. Onboarding of development teams to security tools with guidance on configuration and best practice. Delivery of a training platform to enable shift left capability.Meeting with 3rd party vendors in management of service delivery, technical rollout, debugging, licencing requirements and adherence to SLAs. Liaising with TVM, SOC, CSIRT and data protection teams to manage risk, and providing consultation to these teams as AppSec SME.Other responsibilities include general AppSec operations, SAST, DAST and container security tool configuration and remediation. Infosec adherence, documentation and policy creation and updates to ensure Internal IT security.

Security Operations Center (SOC)Management of internal and external security, vulnerability scanning, attack analysis, investigation, mitigation and incident response. Use of SIEM and log management tools. WAF setup and operation using Terraform. Internal pen testing, external pen test management, operation of bug bounty pipeline and resolution of bug bounty reports. Reporting and advising on IT security threats and vulnerabilities.AppSecStatic Application Security Testing (SAST), code reviews, working with developers to identify vulnerable code. Accountability in mitigating vulnerable code. Dynamic Application Security Testing (DAST). API testing using postman and custom scripts written in Python, Bash and JavaScript. Git and Bitbucket used in version control. OWASP top 10 controls and best practice.INFOSECEnsuring Infosec adherence, ISO 27001 compliance, documentation and training, Internal IT security policy creation and management of internal policies, Due diligence reports.

Contracted to develop a learning path in AppSec for the INFOSEC Institute targeted at developers to enable code review and improvement to development best practice. Presentation of a complete online training path comprising six courses in Application Security that are available on the INFOSEC Institute platform.

Development of web applications using ColdFusion, Mura and WordPress. Administration of Apache Tomcat and Lucee application servers. Windows and Linux Server management. Development of plugins and custom code for clients. Development pipeline management including version control, SSH and scripting.Additional responsibility as IT Security Officer ensuring Infosec adherence, documentation and training to ensure Internal IT security.Use of Atlassian, Jira, Confluence, Bitbucket and Slack in project management.

Responsible for architecture and maintenance of deployment pipeline. Management of Cloud, server, WordPress, web and plugin development. Setup and management and of CRM pipeline using Pardot and Salesforce. Use of build tools and package managers in development; and Git, Bitbucket, AWS and AWS Cloud services in deployment. Technology Stack Overview HTML5, CSS3 - used in the design of the main website, microsites, plugins and widgetsJavaScript - For creating dynamic plugins and web functionality. PHP used to develop custom templates and shortcodes used on the websiteMySQL Aurora used in setting up, maintaining and operating databases.Linux and bash scripting to facilitate migrations between the development and production servers, and carry out common server tasksJira, Bitbucket, Confluence and Slack used to collaborate with the team and within the companyAWS services including RDS, S3, EC2 and Cloudfront to manage pipeline in the cloud

FinTech startup. Setup and installation of Java environment and Tomcat web servers on to local workstations. Using Java and PostgreSQL in the Implementation and development of the NSC Datanovata architecture. Strategic planning in installation of key systems. Documentation and development of HTML5 BAT Interface. Technical Support.Technology Stack Overview PHP SOAP Client to communicate with Java ServerJavaScript to create the user interface

This was my freelance company in which I provided software development, bespoke WordPress design and web application development, website modification, Documentation, Technical Support, Website development, SEO and Advanced internet marketing.I have since shut down this company due to conflict of interest with current projects.Technology Stack Overview WordPress CMS to develop websitesPHP custom codingJavaScript to provide dynamic functionalityBootstrap in designAngular to build applicationsServer management using the LAMP stack

Delivering responsive websites and applications to small-medium sized companies within Cambridge and the South, using modern web standards to create mobile and fluidic websites.