My CV

Information Security Engineer

I am a results driven security professional with experience building and settings up security teams and policy. I am currently living in Leeds, England. I hold UK residency, Irish Residency and American Citizenship.

I enjoy working with Linux based systems and learning about new technology. I enjoy working in a team or on my own. I enjoy taking the lead on new projects and delivering results.

Outside of my official job, I also work on campaigns as needed to keep the internet free and safe. I helped organise the political campaign against acta in Ireland. I believe in a free, safe and open internet.

I also run a small business on the side with my Wife where we offer a number of consulting services.

Experience

2015 - Present

Security Analyst
William Hill - Leeds, England
  • Incident Response, Including 24-7 on-call 1 week per month. Covering a broad type of security incidents.
  • Penetration Testing of company sites and assets. Including automation of certain attack types to ensure the continued system readiness.
  • PCI DSS, Ensuring systems are up to PCI standards and collecting evidence for Auditors.
  • WAF (Web Application Firewall) management. Maintaining, upgrading and improving the WAFs. Including F5 ASM and LTM.
  • Audit and approval of Firewall access rules.
  • Email Security management.
  • Developing and using data from log correlation in order to identify issues.
  • Managing anti-virus and other corporate security systems.

2004 - Present

Co-Owner / Engineer
Wrights Consulting
  • IT consulting.
  • Security consulting and Penetration testing. Including manual penetration testing and automated monthly scanning for customers.
  • Email Services, including designing and building custom email solutions.
  • Wide range of services encompassing many areas of IT as needed or on request.

2014 - 2015

Security Engineer
Amazon Web Services - Dublin, Ireland
  • Security operations and Incident response. Including on-call rotation.
  • Testing for vulnerabilities and managing patching of critical exploits.
  • Testing of some 3rd party Amazon Machine images (AMI’s) with high rate of compromise to determine cause of issue. Working with 3rd parties to fix these AMI’s to ensure customers using them would not be effected.
  • Interviewed and trained new employees using the Amazon leadership principals.
  • Founding member of AWS security in Dublin, helped to establish a team in Ireland.
  • Other: Planned yearly company BBQ’s. Was building Fire warden.

2013 - 2014

Abuse Engineering Specialist
Amazon Web Services - Dublin, Ireland
  • Technical lead for AWS Abuse operations for Dublin and Cape town. Interviewed, mentored, trained and helped develop abuse team agents technical abilities.
  • Researched new abuse patterns and trends to find a solution to lead to contact reduction. Shaped policy and work flows at a high level in order to reduce the amount of outbound abusive activity from AWS and well as hosted content such as DMCA violations.
  • Worked to identify and implement automation of routine task to reduce amount of man hours needed in certain areas.
  • Investigate escalated issues and cases.
  • Applied throttles and/or blocks to customer resources or accounts as needed.
  • Created, Documented and shaped new and existing policies and workflows.
  • Helped to establish and train abuse team in Cape town. Was technical escalations and QA for the CPT site.
  • Oversaw daily abuse team operations for Dublin team.

2012 - 2013

Cloud support Engineer
Amazon Web Services - Dublin, Ireland
  • Part of the AWS paid technical support offering providing cloud specific assistance to customers.
    Re-created and troubleshot issues relating to Cloud Security, Linux Security, EC2, Linux, EBS, S3, SES, SNS, SQS, Route 53 and cloud front, among other issues.
  • Created internal technical documentation.
  • Interviewed, trained and mentored new hires.

2011 - 2012

Abuse TCSA
Amazon Web Services - Dublin, Ireland
  • Processed and investigated AWS abuse reports. Both from 3rd party reports and from internal monitoring systems.
  • Mitigated attacks outbound from AWS such as Brute force attacks, DDoS and botnets.
  • Worked with customers to properly secure their AWS resources.
  • Documented Abuse processes and technical details.
Education

2006

Georgia College and State University
Milledgeville, Georgia

Bachelors in Computer Science
Associates in Psychology

References

Email address and Phone numbers are available for references on request.

Recommendations are also available on my linkedin page

Continuum Security SL

Paul Santapau
CTO

Amazon Web Services

Daniel Urson
Associate Security Engineer

Redshift & Aurora at Amazon Web Services

Wayne Dunn
System Development Manager