TECHNICAL OPERATIONS

CV - RESUME DOWNLOAD

Security and Network Engineering

- Security assessments and technical corrections within data centres
- Implementation and management of security tools across OT, IACS, Signalling, and Comms domains
- Application development for Splunk (SIEM/SOAR) using PowerShell, Shell, Python
- Security investigations, incident responses, and threat assessments
- Design and deployment of security systems and architectures.
- Network and security engineering, including Meraki/Umbrella implementation across medical centres.
- VMware V-Sphere ESX, VSAN, and network security redesign in alignment with ISM/ASD8 standards

Cloud and Virtualization

- Automated security configuration for cloud-based assessments and infrastructure deployments
- AWS architecture design and deployment
- Global Azure architecture planning and implementation
- VMware and Linux systems management
- Project and Infrastructure Management
- Project leadership and stakeholder management
- Infrastructure redesign and management
- Technical product management and strategy
- Senior systems engineering and design leadership.

Scripting and Automation

- Development of scripts in PowerShell, VB, Python, and HTML for system tasks automation
- Automation scripts using Octopus for operation streamlining.
- Compliance and Regulatory Standards
- Compliance with legislative and internal ISMS/CSMS standards
- PCI DSS compliance and management
- Alignment with ASD8, MITRE ICS/Ent, ISA standards
- Additional Technical Competencies
- Certificate management (SSH/PEM)
- Network analysis and design based on OSI standards.
- Configuration management including SCCM, Windows ADK, WDM, and PE buildouts.
- Management of Microsoft products, Azure, and Office 365

Vulnerability Log Management

- Qualys and Nessus
- Syslog-NG on CentOS
- ELK Stack (Elasticsearch, Logstash, Kibana)
- Datadog
- Graylog

Additional Security and Network Tools

- Darktrace
- CrowdStrike
- Network Infrastructure Management
- Cisco Prime/DNAC
- Palo Alto Networks Panorama
- Aruba Central
- Mellanox

Security Domains

- Identity and Access Management (IAM)
- Privileged Access Management (PAM)
- Multi-factor Authentication (MFA) Systems
- Data Loss Prevention (DLP) Technologies
- Endpoint Security Platforms (EPS)
- SSL and VPN Technologies
- Network Access Control (NAC) Solutions
- Advanced Threat Défense/Prevention (ATD/ATP)
- Micro-segmentation Network (MSEG)

SIEM Tools

- Splunk Technologies
- Log Collection and Ingestion
- SPL and Incident Remediation
- Splunk Enterprise and Splunk Cloud
- Splunk Phantom
- Threat Hunting and Investigation
- Security Network Zones
- Various network zones including Internet Zone, DMZ, Trusted Zone, and more.

Infrastructure and Network

- Advanced firewall configurations
- VMware Cloud Foundation components
- Cisco Routers and Switches
- Juniper Routers and Switches
- Palo Alto Routers and Switches and Panaroma
- FortiGate, FortiNet Routers, Switches and Security Devices
- AWS and Azure cloud infrastructure components

Cloud Summary

- Azure and AWS services including Azure Active Directory, Azure VMs, EC2, S3, etc.
- Tools and Applications
- Microsoft Azure and Office 365
- ServiceNow
- VMware Horizon
- Oracle and MSSQL Databases
- Docker & Kubernetes
- Terraform

Incident Response and ITSM Proficiency

- Extensive use of ITSM tools such as ServiceNow and the Atlassian suite for incident management
- Customization of ITSM tools to enhance incident response efficiency and maintain operational integrity.
- Cyber Security Expertise
- Specialization in Threat Intelligence and AnalysisIncident Remediation, Vulnerability Management, Attack Surface Discovery/Seeding, Audit and Assessment Reports, and Security Score Assessment
- Proficient use of Splunk's suite of tools for threat detection, incident response, and integrating these tools into security strategies
- Analytical Acumen and Communication
- Strong problem-solving, analytical, and communication skills developed in the dynamic and high-pressure environment of cybersecurity.
- Effective in conveying complex cybersecurity concepts in an accessible manner for strategic decision-making and alignment.

Operational Technology Cybersecurity

Management and maintenance of cybersecurity controls for OT environments.
Expertise in network Intrusion Detection Systems (IDS), Privileged Access Management (PAM) systems, and standard cybersecurity tools.
Process and Documentation
Development of processes and documentation for cybersecurity operations.
Leadership in defining work processes for technicians and ensuring quality of service.

OT and Cybersecurity Tools Proficiency

Experience with enterprise-level software applications in cybersecurity.
Familiarity with Splunk, SIEM systems, and a variety of OT systems like DCS, SCADA, and HMI.

Purdue Model Understanding

Knowledge of the Purdue Model for ICS network architecture, emphasizing OT security and hierarchical data flow.
Cybersecurity Challenges in ICS
Addressing unique cybersecurity challenges in Industrial Control Systems (ICS), including IT-OT convergence and the application of zero trust principles in OT environments.

Azure / Cloud Security and Understanding

Cloud Security and CASB (Cloud Access Security Broker)
Detailed understanding of CASB operations, specifically Microsoft Defender for Cloud Apps.
Expertise in cloud discovery, sanctioning apps, data control, threat protection, and governance.

Microsoft Defender Suite

Proficiency across the suite, including Endpoint, Identity, Office 365, Cloud, IoT, and more.
Integration of cloud security tools with enterprise security strategies.

Cloud Security Architecture

Designing cloud security architectures involving data flow analysis from systems like Microsoft Defender to anomaly detection systems.
Application of NIST Cybersecurity Framework and cloud security best practices.

Microsoft Partner ISV / CSP and Partner Portal alignment

Recognition for expertise in Microsoft technologies, with pending updates on certification linkage.
Microsoft Learn: Active engagement in continuous learning through Microsoft's platform, enhancing skills in various Microsoft technologies and cybersecurity principles.

Technical Design and Architecture

Emphasis on reliability, security, cost optimization, operational excellence, and performance efficiency as core pillars of technical design.

Security Clearance and Vetting Process

Understanding of the Australian Government Security Vetting Agency (AGSVA) security clearance process and (PSPF).
Knowledge of security classifications: Baseline, Negative Vetting 1 (NV1), Negative Vetting 2 (NV2), and Positive Vetting (TSPV).

Compliance and Integrity Assessment

Familiarity with the Protective Security Policy Framework (PSPF) for personnel accessing security classified resources.
Skills in integrity assessment, focusing on honesty, trustworthiness, maturity, tolerance, resilience, and loyalty.

Security Clearance Levels

Expertise in managing and understanding the requirements for various security clearance levels and the associated vetting checks.

Other / Various

Operational Technology (OT) Management: Oversight of OT cybersecurity, implementing Splunk for monitoring, leading incident response, compliance with ISA 62443 and MITRE standards.
Senior Security Engineering: Strategic planning, risk assessment, and security management across infrastructure and cloud architecture.
Network and Security Engineering: Meraki/Umbrella implementation, VMware V-Sphere redesign, security framework design, deployment of Qualys and Nessus, and API implementations.
Cloud and Infrastructure Engineering: Daily security tasks under PCI DSS, external/internal certificate management, PowerShell scripting for automation, AWS design and deployment.
Systems and Security Engineering: Maintenance of research environments confirming to ISO 27001, deployment of technology solutions including SAN virtualization, network configurations, and firewall/GPO/AD management.

Strategic Leadership and Risk Management

Long-term IT Industry Insight: 28 years of technical experience in the IT industry, witnessing and contributing to the evolution of large enterprises.
Digital Transformation Leadership: Led numerous digital transformations across various vendors and management frameworks, aligning with compliance and security standards.
Advanced Risk Management: Offers a rare level of risk management assessment, understandable and explainable at enterprise and government scales.

Architectural Design and Security Engineering

Security Engineering Evolution: Evolved from a network engineering role to specialize in security, developing comprehensive GRC aligned architecture documentation (LLD/HLD/DLD and As Built).
Team Growth and Knowledge Sharing: Advocates for a collaborative growth environment, bridging skills gaps through respectful knowledge sharing.
Complex Environment Architecture: Years of architecture design and delivery experience in complex environments, producing top-level architecture documentation including financial and risk assessments for executive understanding.

General Competencies

Technical Operations and Engineering Expertise: Three decades of experience in infrastructure, cloud, network, and security engineering, underscoring a well-rounded technical leadership.
Future-Oriented Design: Focuses on agnostic solution design for future adaptability, emphasizing non-technical language for broader understanding.

Enterprise Storage

- iSCSI
- Fibre Channel
- MPIO (Multipath I/O)
- RAID configurations.
- NFS (Network File System)
- Mellanox and Cumulus Vendors
- F5 Networks
- Juniper Networks
- Cisco Systems
- FortiGate
- Sophos
- Security
- Syslog
- Syslog
- LPR/Kern/Auth
- UUCP
- Cron/Kernal

Administration and Troubleshooting

- Active Directory
- Exchange
- ADFS (Active Directory Federation Services)
- AD Connect
- Azure
- Cloud/Virtualization
- VMware Cloud Foundation
- Zen
- Citrix Studio
- Hypervisor technologies
- Virtualisation principles
- OS/BIOS/Hardware
- Dell hardware
- Firmware management
- HBA Firmware
- UTP network and cabling
- Fiber connections
- Additional Security Skills
- AlienVault
- Splunk
- Splunk Enterprise
- General IT Skills
- VMware
- Windows Server management
- Technical Support
- Active Directory management
- Active Directory, Exchange, ADFS, AADConnect, Azure
- FSMO, AWS, Route 53, Direct Connect, ALB/NLB
- Backup Exec, NetBackup, Veeam, Arcserve, SCCM
- SCOM, WSUS, PowerShell, IIS, RAS, SharePoint
- OneDrive, Excel, Office 365/Cloud, Apache, Druva
- Oracle, Concur, ServiceNow, Salesforce
- ConnectWise, USM, UpGuard, Rancid, Signal Sciences
- Nessus, MS Office, Google Apps, Octopus
- Jira, Confluence, RSAT, DHCP/DNS Server, BitLocker
- File Services, and many more.

Enterprise Storage

- iSCSI, Fibre Channel, MPIO, RAID, NFS, SAS
- Zoning, VLANS, Trunk Port, Access Port, VRF’S
- WWPN, WWN, Target, Initiator, Path/LUN
- Controllers (HA), Local/Remote Repositories
- Firmware, Virtualisation, Hyperconverged
- 512e/512n/4k Block Size, DAS, Storage Switching
- HBAs/NIC, JBOD, SMB (Samba)
- Disks (SAS, Flash IO), Flash/Mem Card bank, ARM

Security tools

- Syslog, LPR/Kern/Auth, UUCP, Cron/Kernal
- Alert/Sev Levels, UDP/TCP/TLS Collection
- Internal/External Certs, Ingestion, SANS
- Log Management (SIEM), OutofBand-Net (Design)
- HTTPS (SSO+TLS), HTTP, SSO, IDP, IDS, WAF
- Layer 7/Session, ALB/NLB, CVE Scoping
- Cross-site Scripting Defence, SQLi/XSS Experience
- Encryption, Encapsulation, Logging, Metrics
- Event Logging, Reports, Governance, Frameworks

Network/TCP/IP

- OSI Model Layers, VLAN, VXLAN, Switching
- NAT/PAT, SNMP, ICMP, VPN, Tunnelling, LACP
- RIP, BGP, RAS
- Network Services
- DNS, DHCP, FTP/SFTP/TFTP/SCP, RDP, SCM, SSH, APIs

DevOps

- Octopus Deploy, Jira, Confluence, Containers
- PowerShell, Scripting (Bash), Zsh/Bash Shell, MS DOS
- Python, JSON, XML, HTML, Terraform

Logistical

- Licensing, Purchasing, Budgeting, Shipping, PO
- Communication VoIP/SIP, Labelling Systems
- Policy, Standardisation, Change Requests, ITIL
- Agile, ISO27001, NIST, PCI DSS, Reporting
- Monitoring, Logging, Support, Training
- Forecasting, Design/Architecture, Team Management
- Hiring, Scoping/Projects, Planning, Auditing
- Security Logging (PCI), Risk Register

Cloud/Virtualisation

- VMware Cloud Foundation, Zen, Citrix Studio, Hypervisor
- Virtualisation, ESXi, vCenter, NSX, vRealize, vManage
- Linux, LILO, GRUB, Hyper-V, Resourcing/Scoping/Sizing
- Containers, Docker, Kubernetes, NSX

OS/BIOS/Hardware

- Dell, Firmware, HBA Firmware
- UTP Network and Cabling, Fibre Connections
- Additional Security
- AlienVault, Splunk, Splunk Enterprise

General IT Skills

- VMware, Information Technology, Windows Server
- Technical Support, Active Directory, Troubleshooting
- ITIL, Linux, Virtualization, IT Service Management
- Cloud Computing, Operating Systems, Microsoft Exchange
- Data Centres, Infrastructure, Cisco Systems Products
- Firewalls, Communication, Teamwork, System Administration

Page updated

Google Sites

Report abuse

TECHNICAL OPERATIONS

ICTShiftSecurityInformation | Communication | Technology

ICTShiftSecurity

Information | Communication | Technology