Resume

Objectives

To achieve my ultimate potential in an innovative and commercial environment that fully utilises my CyberSecurity and IT skills.


Experience

Head of Delivery Managed Security Services
(July 2021 – to-date)
Atos (Doha, Qatar)

Head of Cyber Defence & Security Operations
(April 2020 – June 2021)
Al Futtaim (Festival Tower, Dubai, UAE)

SIEM and TDR (Threat Detection & Response) lead, delivering a Security Operations Centre to meet CIS and ISO 27001 standards.

Leading and mentoring a team of security analysis to respond to security threats. Providing managed detection and response, vulnerability management, SOAR (Security Orchestration, Automation and Response), threat hunting and forensics. 

Documented and assessed incident response, play books and security policies for the Security Operations Centre, utilising NIST & MITRE ATT&CK frameworks.

Technical Product Manager – Safety, Security & Compliance
(August, 2019 – March 2020)
Emirates Group (Emirates Group Headquarters, Dubai, UAE)

Led Cybersecurity Technical Product Owners, developing strategy, grooming product backlog and providing professional development feedback. 

Worked with Cybersecurity Operations Centre to deliver security products and technical controls to meet business and regulatory requirements.

Governance, Risk and Compliance to support the aviation security services: AVSEC, Fraud, Airport Security, CyberCrime, Facilities and Surveillance.

Senior Business Analyst
(March, 2016 – August, 2019)
Emirates Group (Emirates Group Headquarters, Dubai, UAE)

Provided business analysis and solutions design for IT, Safety and CyberSecurity. 

Subject matter expert for Endpoint Protection, Privileged Access Management, Security Awareness and Data Protection (EU GDPR).

Technical management and leadership for the analysis and delivery of a Cyber Security Operations Centre.

Provided full life cycle expertise in the design, development, integration, testing of the SOC.

Senior Business Analyst
(March 2015 – March 2016)
dnata (Emirates Group Headquarters, Dubai, UAE)

Senior business analyst to dnata and Emirates Group IT – providing business solutions design for IT, Safety and Security. 

Delivered a safety data system (GRC Platform) to dnata ground handing in the UAE and across 8+ outstations Internationally.

Technical analysis and review of an IT cybersecurity assessment to provide a Security Operations Centre.

Solutions Architect
(November, 2011 – March, 2015)
Mibtree Ltd (Bedfordshire, UK)

IBM Practice solutions architecture, design and technical pre-sales covering Europe, Middle East, Asia and Africa. 

IT Security lead for SOC analysis, design and implementation.

Subject matter expert for IBM Security Portfolio.

Key Projects:
Carphone Warehouse, UK – Compliance for Firewalls
Vodafone, UK – Operations Support System and Network Service Assurance
Omantel, Oman – Business Service Management and Service Assurance
Virgin Media, UK – Performance Management, Service Assurance & IT Security
Oman Airports, Oman – Performance Management
Network Rail Telecom, UK – Performance Management and IT Security (SOC)
UBS – Business Service Management

Principal Consultant
(January, 2011 – November, 2011)
Innovise ESM Africa, Pty (Johannesburg, South Africa)

Solutions architecture, design and technical pre-sales for Innovise ESM Africa. 

Principal Consultant and Instructor
(September, 2009 – November, 2011)
Innovise Plc (Slough, UK)

Solutions architecture, design and on-site consultancy to Innovise customers. Technical pre-sales – IBM practice (EMEA). Sales support for Innovise business development managers. Responsible for responding to RFP. 

Subject matter expert for IBM Tivoli (Automation, Performance and Security).

Key Projects:
Habib Bank Limited, Pakistan – Event, Fault, Performance Management and IT Security (SOC)
UBS, Switzerland / UK  – Business Service Management and Service Assurance
T-Systems, South Africa – Operations Support System
Mobilink, Pakistan – Network Management System and Service Assurance 

Principal Consultant
(January, 2005 – September, 2009)
Abilitec Ltd (Bedfordshire, UK)

On site consultancy and training to Abilitec customers – primary product capabilities: IBM Netcool, GuardedNet NeuSecure and Managed Objects. 

IT Manager / Exhibitions Manager – Director
(August, 2001 – January, 2005)
Maxon Computer Ltd (Bedfordshire, UK)

Responsible for securing the Maxon Corporate network and maintaining websites, FTP and email servers.  Other duties included managing user forums, roadshows and trade fairs.

3D Software event, London, UK

Systems Administrator
(October, 1995 – August, 2001)
HiSOFT (Bedfordshire, UK)

C++ Programmer and Systems Administrator (Linux, Atari, Commodore and MacOS).


Education

University of Bedfordshire, UK – Computer Science, BSc Hons
(1992-1995)

Luton College, UK – National Diploma in Computer Studies
(1990-1992)

Accreditations

IBM Tivoli Automation Solution Sales Professional v4, in 2014
IBM Tivoli Internet Security Systems Sales Professional v2, in 2012
IBM Tivoli Security Solution Sales Professional v4, in 2012
IBM QRadar Technical Sales Professional v1, in 2012
IBM Certified Deployment Professional – Tivoli Netcool/OMNIbus V7.3, in 2012
IBM Certified Deployment Professional – Tivoli Business Service Manager, in 2009
IBM Certified Deployment Professional – Tivoli Netcool/Proviso V4.4.1, in 2008
IBM Certified Administrator – Tivoli Netcool/Proviso V4.4.1, in 2007
Micromuse Netcool Certified Consultant, in 2005

Awards
Emirates Group Programme of the Year 2018-2019 Runner Up – GDPR Phase 1

Emirates Group Najm Silver – dnata Safety Hub, in 2017
Skills

A security expert with specific skills in SIEM, TDR, APT, Endpoint Security, PAM, Cloud Security, Security Intelligence, Data Protection (EU GDPR).
IBM specialisation in Cloud & Smarter Infrastructure / Tivoli / IBM Security
Novell / NetIQ specialisation in Business Service Management.
Security Tools: Nmap, Snort, Portsentry, Wireshark, DSniff, Nessus, IBM Security Portfolio, Microsoft Security Portfolio
SIEM: NfSM, NeuSecure, TSOM, QRadar, Splunk, Secureworks Taegis XDR
GRC: MetricStream, Ideagen and Eramba.
Linux, Unix, SQL, Microsoft skills and general networking knowledge. Understanding of Oracle and DB2 databases. Excellent problem investigation and solving skills. ITIL v3
Framework and standards: ISO 27001, EU GDPR, PCI DSS, NIST, CIS, MITRE
Excellent presentation and demonstration skills.
Technical team lead and pre-sales.
Certified Novell Instructor (CNI) for NetIQ Operations Center.
Certified IBM Instructor for Tivoli Netcool OMNIbus, Tivoli Business Service Manager and IBM Tivoli Netcool Performance Manager (Wireline).

Interests and Activities

Karate (35+ years experience), keeping fit
motorsport and technology.

Steve Marriott Karate & CyberSecurity