Personal Summary

A driven Security Engineer with 8 years of dedicated experience in cybersecurity, adept at developing, maintaining, and operating Information Security solutions and tooling for organizations operating in diverse global environments. Experience working in cloud and infrastructure security teams maintaining, tuning, and troubleshooting security tooling including Cloud Security Posture Management, Cloud Workload Protection, Vulnerability Management, Endpoint Detection & Response, and DLP. My expertise extends to ensuring adherence to industry best practices and regulatory requirements while consistently delivering innovative solutions. My problem-solving abilities allow me to effectively navigate complex security challenges and drive robust cybersecurity strategies. I am able to collaborate effectively and build strong relationships across the business.

Experience

FNZ Group - Cloud Security Engineer(October 2023 - Present)

• Defined cloud security strategy aligned with wider CISO objectives to uplift maturity of the cloud security program at FNZ.
• Performed infrastructure-focused threat modelling leveraging the PASTA methodology for assessment of new business propositions and prospective SaaS vendors.
• Managed deployment of CSPM and CWP tooling across the main three cloud providers (AWS/Azure/GCP) working with stakeholders to ensure an understanding of the value the service provides.
• Automate BAU tasks such as onboarding/offboarding of cloud environments from cloud security tooling using Python, Azure Automation Accounts and Azure Key Vault increasing efficiency by reducing manual involvement with ongoing maintenance of our tools.
• 5 Month Secondment to IAM Team:
• Designed, built, and automated a process for capturing business applications and software, enabling mapping of key information for each application such as: Support for toxic combinations, If SSO is supported and whether or not RBAC is in place.
• 6 Month Secondment for Cyber focused BI Project:
• Undertook rapid upskilling to learn Power BI and the Microsoft Fabric Data Analytics platform.
• Designed, built, and automated the ingestion of key data points across Cyber Security tooling using python.
• Leveraged the Microsoft Fabric Platform to perform automated, scheduled data transformations for data normalisation.
• Present the data with Power BI using measures to calculate metrics to be presented to the CISO for reporting of the security posture of the organisation.

FNZ Group - Infrastructure Security Engineer (November 2021 - October 2023)

• Managing deployment/updates for EDR sensors and troubleshooting sensor impact on production and non-production systems.
• Lead in testing and rollout for CrowdStrike Identity Protection to enforce Multi-Factor Authentication for SQL Databases
• Acting as SME for Vulnerability Management with a focus on:
• Standardising global VM processes
• Expanding scan coverage across the global estate
• Automating the discovery and subsequent scanning of infrastructure
• Lead in testing and deploying a risk-based vulnerability reporting tool, ensuring a complete integration with all the appropriate tooling to aid in providing necessary context for applying accurate risk scores to vulnerabilities.
• Lead the deployment of Varonis Data Security Platform to:
• Monitor access and permissions to files and folders
• Scan for sensitive information located in files
• Applying automated classification labels data identified sensitive data.
• Leading a data security initiative in collaboration with Workplace Technology colleagues to utilise the Varonis Data Security Platform to remove global access permissions from >2000 folders across on-premise file shares.
• Leading the rollout of mandatory data classification across the organisation utilising Microsoft Purview Information Protection tooling. Which included the creation of user training and communications piece to aid in the transition.
• Configuration of Microsoft Purview Information Protection DLP policies to monitor and alert for PII and sensitively classified data being shared externally via Email, Teams, SharePoint.

Fiserv - Cyber Security Engineer(August 2017 - November 2021)

• Deployed and maintained Vulnerability Management solution using the Tenable.SC, Tenable.IO & Nessus agent tools, including the deployment and configuration of >100 scanning appliances throughout EMEA, APAC, LAC & NA.
• Troubleshooting any network issues inhibiting performance of the Nessus Vulnerability scanners.
• Tuning Vulnerability Scanning policies for best results.
• Ensured adherence to Vulnerability Management best practices.
• Running vulnerability assessments globally, ensuring expanded scanning coverage across all regions by working with business stakeholders.
• Utilised Python scripting across various tools to automate global processes and streamline workflows to enhance the vulnerability management programme and reduce man hours.
• Verification of discovered vulnerabilities to validate or repudiate potential false positives.
• Managed 3rd party integrations across security tooling.

Fiserv - Desktop Service Tech / Asset Mgmt Analyst(March 2015 - August 2017)

Fiserv - Processing Specialist(March 2014 - March 2015)