Splunk and Cyber Security Specialist, Architect and trainer

• Oct 2022 - Present

Working as Splunk SME, Architect, Cyber planner, Splunk trainer Working as Splunk SME, Architect, Cyber planner, Splunk trainer

Working for Dell

• Oct 2021 - Sep 2022

Under contract Under contract

Splunk/Cyber Security SME

• Mar 2021 - Sep 2021

Splunk SME, Splunk trainer, covering Ad-Hoc, Enterprise Security and SOAR layers

• Oct 2020 - Mar 2021

Contract covered Ad-Hoc, Enterprise security, SOAR components, Worked closely with HCL SOC to provide training in Splunk, ES, Phantom. Ran team of five people globally, to provide Enterprise security notable events into the SOAR platform. Additionally my team reconciled the entire Splunk data estate which needed focused rationalisation to allow data normalisation to CIM model compliance. Contract covered Ad-Hoc, Enterprise security, SOAR components, Worked closely with HCL SOC to provide training in Splunk, ES, Phantom. Ran team of five people globally, to provide Enterprise security notable events into the SOAR platform. Additionally my team reconciled the entire Splunk data estate which needed focused rationalisation to allow data normalisation to CIM model compliance.

Splunk SME

• Sep 2020 - Oct 2020

To rebuild the Splunk setup and rectify multiple issues with the Splunk installation. Successfully installed and tested multiple Use Cases with defined alerts and monitoring output going to the IT OPs/Helpdesk Short term contract due to budget/SOW but the entire engagement was fully successful. To rebuild the Splunk setup and rectify multiple issues with the Splunk installation. Successfully installed and tested multiple Use Cases with defined alerts and monitoring output going to the IT OPs/Helpdesk Short term contract due to budget/SOW but the entire engagement was fully successful.

Splunk SME, Splunk ES and Phantom, Engineering, architecture/back end, use case developer.

• Sep 2018 - Sep 2020

Adhoc Splunk engineering, including back end maintenance and evolution. ES Splunk and Phantom engineering, development of use cases Multi Splunk migration planning and execution Onboarding process evolution for global Splunk customers generating a wide range of data sets/logs Adhoc Splunk engineering, including back end maintenance and evolution. ES Splunk and Phantom engineering, development of use cases Multi Splunk migration planning and execution Onboarding process evolution for global Splunk customers generating a wide range of data sets/logs

Cyber Security HP Arcsight Dev Ops Lead developer Use Cases and threat modelling Enterprise Clients

• Jan 2016 - Sep 2020

HP Arcsight Use Case Dev Ops Lead Developer, Splunk Integration, HP Arcsight Architect for Global Real time data Cyber event capture and threat model analysis. Involved with ALL aspects of HP Arcsight for global clients, covering loggers, Con App, Collectors and Global ESM deployment. Work involves modelling threats, extrapolating Use Cases, replying and testing within Arcsight, reporting on Use Cases, refining Use Cases, testing and sign off with clients, Live Use Case review and working to refine Use Cases and data collection over time. Show less

SPLUNK SME/Architect/Security Use Case developer/Phantom dev, Python scripting.

• Nov 2019 - Jan 2020

Arcsight Implementation eng - flex development to GPG13 compliance

• Jul 2016 - Nov 2019

Arcsight engineering - flex connector development, testing and implementation to GPG13 requirements (audit) Onboarding a wide range of data sources, some bespoke, for ingestion into logger and ESM, and proving content development for SOC/SIEM analysts. Providing training to SOC analysts, covering Use Case development, analysis, triage and data forensics. Arcsight engineering - flex connector development, testing and implementation to GPG13 requirements (audit) Onboarding a wide range of data sources, some bespoke, for ingestion into logger and ESM, and proving content development for SOC/SIEM analysts. Providing training to SOC analysts, covering Use Case development, analysis, triage and data forensics.

Splunk Egineering and SysAdmin - Retail Banking, based in Southwark.

• Aug 2017 - Oct 2018

Splunk Sysadmin, Development and Architecture role, digital banking. Core systems RHEL Linux with some Windows, integration with Jenkins, Mulesoft, Websphere components, LISA< Selenium and Github, Confluence and Jira. Creation of useful Splunk dashboards for daily status reporting and management reports. Splunk Sysadmin, Development and Architecture role, digital banking. Core systems RHEL Linux with some Windows, integration with Jenkins, Mulesoft, Websphere components, LISA< Selenium and Github, Confluence and Jira. Creation of useful Splunk dashboards for daily status reporting and management reports.

Infosys Ltd UK based Cyber contracts, Splunk, Arcsight, SIEM, Nexpose, Nessus, DDP, SEP

• Oct 2016 - Jul 2018

Cyber Analytics - Splunk and Arcsight/ IDS/IPS/Cyber Architect

• Jan 2017 - Aug 2017

Cyber Security Digital Risk Project manager

• Jan 2015 - Jul 2015

Contract to National Grid as PM for a number of Cyber Security projects, ensuring 100% uptime of gas and electricity supplies to UK Projects were based on SIEM / syslog data acquisition into HP Arcsight for SOC analysis, and Antivirus roll out to Nat Grid estate. Role based in Warwick with travelling to various sites within the UK as necessary. Contract to National Grid as PM for a number of Cyber Security projects, ensuring 100% uptime of gas and electricity supplies to UK Projects were based on SIEM / syslog data acquisition into HP Arcsight for SOC analysis, and Antivirus roll out to Nat Grid estate. Role based in Warwick with travelling to various sites within the UK as necessary.

Infrastructure Delivery manager (IDM) Technical.

• Aug 2013 - Jul 2014

Contract based role, including planning, installation and Technical Project Management providing TSB with a new trading room at Gresham Street pre IPO, starting from a 'green field'​ site. Secondary focus of the role was to provide a working DR solution, with full testing and sign off. Worked closely with Market Data providers and Lloyds own teams to engineer a working trading room with full market connectivity. 3rd party vendors included Thomson Reuters, IPC phones, BT, Colt, Vodafone, Bloomberg, EC Harris, Jones Lang Lasalle services, V'tesse networks. Show less

Trade Desk analyst

• 2011 - Nov 2012

Supporting a host of Thomson Reuters products, and client connectivity thereto.chiefly RMDS and Elelktron hosting, with elements of TR Velocity Analytics, TRNA, TRDA and DACS. Role requires some Linux/RMDS scripting and some associated PERL work. Role involves working with 3rd parties Savvis and Verizon to investigate issues with new and existing clients. Supporting a host of Thomson Reuters products, and client connectivity thereto.chiefly RMDS and Elelktron hosting, with elements of TR Velocity Analytics, TRNA, TRDA and DACS. Role requires some Linux/RMDS scripting and some associated PERL work. Role involves working with 3rd parties Savvis and Verizon to investigate issues with new and existing clients.

Various roles: Server Team Analyst, Market Data Analyst, DR Project Manager, Data centre PM.

• Mar 2003 - Sep 2011

Contract role, Various roles during the contract. Server Team - Supported a user base of 2000 plus staff globally, worked with wide range of HP server products, including blade Infrastructure server farms, running VM Ware ESX nodes. Work covered all aspects of hardware and software support at three core sites including DR. VM ware featured heavily and support for MS Exchange, and Server Clustering plus HP San Storage. Market Data Team - Worked on a variety of projects - rolling out new trading hardware and software, ensuring high availability and trading systems connectivity (e.g. Swift) were in place to provide straight through processing. DR Project manager - worked on a number of DR projects, refreshing the hardware as required, maintaining uptime and creating management reports for weekly stats. Data centre Project Manager - managed three data centres for MF, including the relocation of date centre from Sugar Quay to Interxion at Hanbury Street. Show less

Futures trade support

• Feb 2001 - Dec 2002

Supported the Futures traders directly (sat on trade floor) Connecting to markets through TT trading front end and Eurex (via MISS servers) Supported the Futures traders directly (sat on trade floor) Connecting to markets through TT trading front end and Eurex (via MISS servers)