Dom BScLondon, England, United Kingdom, United Kingdom
Bio
I'm an Cyber Security technical leader with a life long passion for Information Security and protecting organisations - making tangible positives to organisational value and reducing business risk. I protect things. I bring groups together to quickly identify & deliver improvements, surpassing business expectations. I share victories, am persistent, and always strive to succeed, even where no way to succeed is evident. I prefer to lead, advise and mentor. I am a contributor and supporter - not a bystander. I listen, learn and, I drive change.
My strong analytical skills and broad knowledge in security and technology often initially places me at the start of solution selection. I ensure I have, and maintain, an understanding of the long-game, absorbing enough detail to succeed long-term, and delivering quick wins to ensure continual progress and sustained momentum.
I'm considered an respected colleague and expert in a wide set of technologies, which are mostly self-taught. This has helped me mentor and educate others - and push them forward in their own career goals.
I particularly enjoy building systems of security defences - people + processes + technologies - which interlock and overlap to provide an effective layered defence against threats. I look to build upon the proven work of others rather than make my own mistakes, though sometimes innovation is the only way to achieve the goal.
My routine keeps me on top of latest developments in Security, Technology and Psychology. Understanding how the human machine works, and how this affects IT Security, is a particular interest I follow.
I have hammered my personal goals this year - having completed both my 48th Tough Mudder obstacle course (10-13 miles each time) and the 24 hour 3-Peaks challenge (Ben Nevis, Scafell Pike and Mount Snowdon)
Social
Experience
Senior Security Operations Centre Engineer
Open Systems
May 2021 - Current
Managing cyber security for Open Systems' customers and partners.
Principal Technology Advisor - Cyber Security Programme
Ofcom
Jan 2020 - May 2021
Making the UK a better place.
Senior Manager Information Security
Liberty Global
Oct 2016 - Jan 2020
Working to lead and strengthen threat intelligence and security incident response within the Global Security group - covering 34 countries, 41,000 staff and 50.4 million customers.
My role within this organisation is to develop and entrench the processes, procedures and technologies necessary to perform digital forensics, supporting threat & vulnerability management and Global Security Operations. As a lead responder, I collate knowledge from various business sections to guide technical investigation and appropriate response. Appropriate responses include immediate clarity of the issue, triage, prompt and regular management reporting. Advising tactical and strategic improvements to reduce the likelihood and impact of future incidents. I am an experienced leader often making decisions when all the information in unavailable. I have exceptional delegation and resource management skills, and take the roles to lead, support or technically manage as is required. Thinking 'out of the box' for quick wins and key considerations is my strong point.
I've been told by stakeholders that I work best under pressure, but I see such times as a short-lived opportunity to learn how to prevent the problem, or seek to improve the response.
I have a background in law enforcement investigations which has taught me how to operate in sensitive environments, with optimal collaboration and co-ordination even where disclosure is a significant risk.
Principal Security Engineer (Liberty Global Security)
Virgin Media
Apr 2013 - Oct 2016
Working across multiple teams to provide direction and consultation on threats, risks and their practical mitigation. Investigating incidents confirmed by first responders to assess full audit trail, impact, recovery and mitigation.
Principal Security Engineer
Liberty Global
Mar 2013 - Oct 2016
Liberty Global and Virgin Media merged in March 2013.
Principal Security Engineer (Engineering & Operations)
Virgin Media
Aug 2012 - Mar 2013
As senior member of a small team of security experts, I transitioned operational functions to the Network Operations team, retaining 3rd line escalation. Levering this broader team to focus on emerging threats, I successfully drove the business case at Board Level for Denial of Service Attack Detection and Protection from concept, through vendor selection, proof of concept, implementation and into an established business facility. This was at a time where operational savings were paramount and only the most critical CapEx was being approved. Penetration testing current and new infrastructure, and engineering new solutions compliant to government accreditation standards and legal obligations.
Security Consultant (Engineering & Operations)
Virgin Media
Apr 2007 - Aug 2012
As senior member of a small team of security experts, I transitioned operational functions to the Network Operations team, retaining 3rd line escalation. Levering this broader team to focus on emerging threats, I successfully drove the business case at Board Level for Denial of Service Attack Detection and Protection from concept, through vendor selection, proof of concept, implementation and into an established business facility. This was at a time where operational savings were paramount and only the most critical CapEx was being approved. Penetration testing current and new infrastructure, and engineering new solutions compliant to government accreditation standards and legal obligations.
Senior Manager Information Security
Virgin Media
Jun 2001 - Jan 2020
This is leadership role extended over all the main areas of Information Security. With a direct responsibility for Operational Security, I performed 2nd/3rd line support and drove continuous improvement to Internet, Data, TV, Voice and Optical networks, together with their associated support & management systems. Responsibilities evolved over time from Regulatory through to leading security operations, through to writing the company policy set and forming a Security Engineering function. I established the ISO27001 function within the business (I'm a certified ISO27001 lead auditor) and worked with senior non-security management to review and reduce business risks. In an engineering role, I ensured that new developments and enhancements did not unnecessarily extend the risk to the business beyond it's appetite.
This role involved the creation and coordination of high-level documentation and business cases with a presentation to various approval groups including Board. At the other end of the scale, in-depth understanding of technical detail and configuration is essential.
Communication and organisational skills have always been fundamental to my success.
I am one of the longest standing members of the Network Security Information Exchange (NSIE), a closed group of trusted security leaders who work with the government in a non-competitive forum for mutual benefit and customer protection.
I have a detailed understanding of key legislation and compliance frameworks, including DPA, IPA, PACE, PCI/DSS, ISO27001 and CAS(T). I am currently reading the GDPR and support material.
Security Consultant (Security Operations)
Virgin Media
Jun 2001 - Apr 2007
As senior member of a small team of security experts, I provided operational management, support and engineering. This included what would now be a very broad set of responsibilities including responding to incidents 24x7, penetration testing current and new infrastructure, and engineering new solutions compliant to government accreditation standards and legal obligations.
Security Consultant
Accenture
Apr 2001 - Jun 2001
Performed Security Management at Accenture's Prestigious London Financial Services Solution Center. Including review of complex extranet structure and core service delivering network and support services - email, web hosting, web browsing etc.
Provided security consultancy and technical knowledge for customer Internet projects. Defined and implemented security policy and architecture changes, designed and implemented solutions for global network security connectivity & performed penetration tests as necessary.
Security Consultant
Abby National Treasury Services
Sep 2000 - Mar 2001
Network and system security consultant, responsible for the secure operation of payment systems, internal back office and internet systems (email servers, web access, firewalls).
Providing security consultancy and technical skill for internetworking projects, defining and implementing architecture changes, designing, proving and implementing new/improved solutions for global network security and secure access, Liaising with and advising on Security Policy and implementing improved technology in test and live environments. Planning & performing penetration testing.
Maintaining the network security of all current systems, including live payment/reconciliation systems, 3rd party data feeds, web access, email systems and all networking elements.
Security Consultant
Barclays Bank Plc
Sep 1999 - Sep 2000
Responsible for the network and system security of the Barclays bank group systems. Including internal, extranet and internet firewalls, payment systems, public web servers (including content management) and the worlds third largest internet banking operation.
Providing pre, mid and post-project consultancy with regard to functional design and secure project implementation. Management of extranet security between financial institutions and suppliers. Maintenance of security for intranet and internet network boundaries. Ensuring that Barclays E-resources infrastructure (including Internet Banking, customer facing web sites, web access, internal and external email), all remain secure and functional. Planning and performing service upgrades with suitable management reporting.
Managing Director
Secure Technologies Ltd.
Sep 1998 - Jul 2001
Managing Director of Secure Technologies, a Cyber Security Consultancy. Provided independent Security Consultancy for a range of clients in the banking and telecommunications sectors. Skills included Staff Management & training, Client Relationship Management, Revenue Management, Investment Management, Asset Depreciation. Repeat business through excellent client relationships and successful delivery of client goals.
Security Consultant
Racal Internet Services (now CenturyLink)
Sep 1998 - Sep 1999
Senior member of the support team providing on-site and remote security consultancy direct to customers, including installations, managed services and maintenance.
One of a handful of 3rd line support staff in the UK for Checkpoint products, with direct access to Checkpoint developers to validate features and issues.
3rd line support for internet connectivity and security products (Firewall-1, Provider-1, SecureID, MailSweeper, WebSweeper etc.) for a large number of corporations, government agencies, and retail ISPs. Provided initial and ongoing design & policy consultancy, installation, configuration and management of various software products and hardware devices. Service provider level fault diagnosis and remedy. E-commerce consultancy, design and implementation of Firewall-1 installations/upgrades. Security consultancy and Penetration Testing.
Senior Software Engineer
RMC
Jun 1997 - Sep 1998
Research and Development of emerging technologies for reverse and forward re-engineering of mainframe computer program suites. Work produced advanced automated Y2K and currency (Euro) translation in multi-million line systems.
Clients included major global financial institutions.
Designed and implemented cross-platform email including client OS upgrades, user tuition and directory services.
Creation of corporate Internet presence, intranet services, and secure internet access. Setup and maintenance of corporate intranet and secure remote access.
Joint Founding Moderator
Comp.Lang.C++.Moderated
Nov 1995 - Jan 2017
I am a joint Founder and Moderator of the programming group 'Comp.Lang.C++.Moderated', which I helped create in 1995. It's purpose is to manage and foster directed discussion of the C++ Programming language.
Software Engineer
Schlumberger Technologies
Jun 1995 - Jun 1997
Software engineering of embedded software and graphical systems, implemented in a variety of software languages. Local network and Unix systems security expert. Planned, managed and performed Red Teaming against Global WAN & local LAN systems, advising on vulnerabilities and improvements. Identified and quantified security risks, detailed suitable mitigation and confirmed risk closure. Global recognition within organization.
Software Engineer Internship
Schlumberger Technologies
Jun 1993 - Aug 1994
Development and maintenance of in-house distributed source control and software build system. Local network and Unix systems security expert. Planned, managed and performed Red Teaming against Global WAN & local LAN systems, advising on vulnerabilities and improvements. Identified and quantified security risks, detailed suitable mitigation and confirmed risk closure. Global recognition within organization.
Student System/Network Administrator
Devizes School
Jun 1989 - Jul 1991
Student System and Network Administrator installing, configuring and managing a new IT center. Software migration of all educational software, including porting and bug-fixing.
Education
Devizes 6th Form College
A-Levels, Physics, Chemistry, Design & TechnologyUniversity of Brighton
BSc Hons (Sandwich), Computer ScienceInfoThis public profile is provided courtesy of Clay. All information found here is in the public domain.
View this profile and more…
Discover, organize, and deepen all your personal and professional relationships with Clay.Get Clay Free →