AND RISK MANAGEMENT
I have held multiple roles in the field of information security, allowing me to develop expertise in policy and standards, practical business applications, security tools, projects, risk management, metrics, investigations, stakeholder management and managing outsourced services. This culminated in three years as the head of Global Infrastructure Security for Shell, based in Cyberjaya, Malaysia.
There, I led a team of 30-60 staff managing directly or via contract the security, regulatory compliance and BCPs and DRPs for all Shell's infrastructure, both insourced and outsourced. We covered circa 120,000 PCs, 20,000 servers, a dozen data centres and global networks to hundreds of locations, and the common services which supported them. Our key IT suppliers were HP, T-Systems and AT&T, and we worked collaboratively with teams from each organisation to operate security in an outsourced model, to identify issues and get them fixed and to deliver sustainable improvement to Shell's architecture. During this period I had to lead the response to more than one major incident relating to the security or operational integrity of the corporate infrastructure.
Areas of personal experience and expertise include:
* Security metrics (I developed a portfolio of leading and
lagging indicators, structured around ISO)
* Sarbanes-Oxley controls
* Regulatory compliance for IT (export controls, privacy, local hosting)
* Security project and programme delivery (including global two-
factor user authentication and password vaulting for admin accounts)
* BCP and DRP in theory and practice
* Security risk identification and management
* CERT and incident investigation and response.
* Root cause analysis (fishbone approach)
* Malware detection and response
* Advanced Persistent Threat (APT) response (Mandiant etc)
* Vulnerability management (Damballa, others) and device hardening
* Rogue device detection and removal
* Intrusion detection and prevention (IDS and IPS)
* Two-factor authentication
* Data Loss/Leakage Prevention (DLP)
* High security zones
* Internet content filtering.