Career
Professional Experience
5+ years delivering enterprise security across complex hybrid environments.
Senior Cyber Security Analyst / Engineer
University of the Arts London (UAL)
Hybrid / London, UK
- ▸Administer and optimise CrowdStrike Falcon EDR across a hybrid estate of 8,000+ users, managing detection tuning, alert triage, threat hunting and incident response workflows.
- ▸Manage SIEM and SOAR platforms including Microsoft Sentinel and CrowdStrike NG-SIEM, building analytics rules, automation playbooks and KQL-based detection and hunting content.
- ▸Administer Identity and Access Management controls including Azure AD (Entra ID), Conditional Access, MFA, SSO and RBAC across cloud and on-premise systems.
- ▸Manage Microsoft Intune for MDM and MAM across the estate, maintaining device compliance policies, security baselines and endpoint configuration standards.
- ▸Administer BeyondTrust PAM, Mimecast email security gateway and DLP controls, ensuring appropriate protection of sensitive data and privileged access.
- ▸Manage the vulnerability management programme using Pentera, Tenable.io and AppCheck, overseeing scanning, prioritisation and remediation.
- ▸Lead incident response activities end-to-end aligned to NIST 800-61 and MITRE ATT&CK, producing technical and executive post-incident reports.
- ▸Deliver PowerShell-based automation and SOAR workflows to improve security operations efficiency, reducing manual triage workload.
- ▸Mentor junior cyber security engineers and deliver security awareness guidance across IT and business teams.
Cyber Security Analyst, Cyber Security and Identity
University of the Arts London (UAL)
Hybrid / London, UK
- ▸Led the evaluation, proof-of-concept and full enterprise deployment of CrowdStrike Falcon EDR and NG-SIEM across an 8,000-user estate, replacing legacy endpoint tooling and establishing detection engineering, threat hunting and incident response capabilities from the ground up.
- ▸Administered Microsoft Defender for Endpoint (MDE) and Defender for Identity (MDI) as daily operational practice, conducting dashboard reviews, alert triage, platform health checks and incident response.
- ▸Managed Azure Active Directory (Entra ID), Conditional Access, SSO and RBAC controls, ensuring appropriate access governance and identity security across cloud and on-premise systems.
- ▸Managed Check Point Harmony firewall administration, network security controls and Mimecast email security gateway, maintaining web and email security posture.
- ▸Migrated vulnerability management from Nessus to Tenable.io and introduced Tanium for asset discovery and patch management; introduced Pentera for Breach and Attack Simulation.
- ▸Deployed BeyondTrust Privileged Access Management (PAM) across the organisation, strengthening privileged account governance.
- ▸Developed incident response playbooks, runbooks and SOAR automation workflows aligned to NIST 800-61 and MITRE ATT&CK, covering ransomware, phishing, insider threat and identity-based attack scenarios.
IT Engineer: Security, Quality and Infrastructure
HICX Solutions Ltd (SaaS/FinTech)
Remote, London, UK
- ▸Deployed CrowdStrike XDR (Extended Detection and Response) across the full estate, establishing centralised endpoint detection and response capability for a remote-first SaaS organisation.
- ▸Integrated Azure Active Directory (Azure AD) Single Sign-On (SSO) across multiple SaaS platforms, strengthening Identity and Access Management, access governance and MFA coverage.
- ▸Managed endpoint security, device compliance, email security and DLP controls across a distributed remote workforce.
- ▸Co-led Cyber Essentials+ and ISO 27001 certification programmes, implementing security controls, hardening configurations and preparing audit-ready documentation end-to-end.
Key Achievements
CrowdStrike EDR Deployment and Operations
Led the end-to-end evaluation and enterprise deployment of CrowdStrike Falcon EDR and NG-SIEM across an 8,000-user estate, establishing detection engineering, threat hunting and Tier 3 incident response capability from scratch.
Security Estate Management
Managed the full breadth of a hybrid security estate including SIEM/SOAR, EDR, IAM, MDM/MAM, PAM, email security, vulnerability management and firewall controls across a complex multi-platform environment.
Vulnerability Management Transformation
Transformed the organisation's vulnerability management programme by migrating to Tenable.io and introducing Pentera for continuous Breach and Attack Simulation, significantly improving remediation prioritisation and control validation.
Automation and Efficiency
Designed and implemented PowerShell-based automation and SOAR workflows that reduced manual alert triage workload and improved response speed and consistency across the security team.