ian.golding67@virginmedia.com
About Me
Work & Experience
Unilever 03/01/2005 - 05/02/2011
Enterprise Security Tools Specialist
Activities included development and management of Sarbanes-Oxley compliance process using Symantec Enterprise Security Manager compliance toolset. I automated many aspects of this process using Visual Basic scripting techniques to overcome limitations of the product. • Management of McAfee/Intel ePolicy Orchestrator. • Developing and publishing Incident Handling processes. Liaising with multisourced service providers (HP, Unisys, HCL) to provide repeatable methods for incident remediation. • Development of dashboards to provide management with simplified view of risks/ incidents/ compliance/vulnerabilities. • Delivered successful McAfee ePO improvements, after commissioning service health-check.
Unilever 05/02/2011 - 05/06/2013
IT Risk Consultant
• Providing consultancy on new and existing services using risk assessment tools (Citicus) ensuring risks are dealt with appropriately in accordance with ISF Standard of Good Practice (This encompasses ISO27000 and COBIT). • Engaging with senior business owners, programme managers and project managers to ensure full understanding of risks, associated controls and costs. • Performing risk assessments of new projects to identify areas of information risk and suggesting appropriate mitigating controls suggested by ISF Standard of Good Practice, in lieu of available internal standards. • Developing and managing and documenting the Unilever Exception to Policy (ETP) process. This process provided Unilever with a method of temporarily logging accepting risks when remediation would prove overly costly or would be reliant on ‘yet to be delivered’ solutions.
Unilever 05/06/2013 - 05/02/2016
IT Security Incident Handler
• Managing Cyber Security Incidents including malware, hacking, phishing, and computer misuse. Experience of utilising Security Incident and Event Management tools (IBM QRadar), Advanced Persistent Threat protection platforms (Seculert), and vulnerability management tools (Qualys) to detect and resolve security incidents. • Good communicator coordinating remediation activities with 3rd Party suppliers and operators of Unilever’s corporate IT services across the global enterprise. • Collection of digital forensic data using FTK Imager and EnCase Enterprise, both for internal investigations and IT Security incident support. • Engaging with IBM SOC PCR process for ‘noise’ reduction (management of false positives and whitelists). • Performing eDiscovery tasks adhering to the EDRM to support global legal and HR teams. • Delivery of data to satisfy UK DPA Subject Access Requests. • Documentation of operational processes and procedures, e.g. Malware incident handling. • Managing 3rd party vendor relationship (IBM QRADAR Service)
Shop Direct/The Very Group 05/02/2016 - 02/08/2021
Computer Security Specialist
• Managing Cyber Security Incidents coordinating with multiple 3rd party vendor service providers (mainly IBM) and internal Service Management Team. • Managing public facing DNS allocation across multiple legacy hosting vendors, using DigiCert console. • Managing SSL/TLS certificate issuance with external provider (DigiCert). • Monitoring/updating Akamai Kona WAF rules, working closely with Akamai SME team. • Leading Cybersecurity Incident detection and response utilising Carbon Black, Akamai • Writing playbooks for Cybersecurity Incident detection and response • Documenting and publishing Shop Direct/Very Group Information Security Policy • Trend Antivirus/Deep Security Agent across the Very Group estate. • Successful rebranding exercise from Shop Direct to The Very group as IT Security lead. • Managing all required DNS redirects/new domain registrations. • Updating all email protections and integrations into Trend Hosted Email Security Updating all DMARC/DKIM/SPF records to ensure marketing materials delivery. Updating Akamai WAF artefacts to enable protections to be applied to the new Very site. • Redeployed Qualys tooling through liaison with 3rd party project team.
The Very Group 02/08/2021 - 08/23/2021
Threat and Vulnerability Manager
• Managing Cyber Security Incidents coordinating with multiple 3rd party vendor service providers (mainly IBM) and internal Service Management Team. • Managing public facing DNS allocation across multiple legacy hosting vendors, using DigiCert console. • Managing SSL/TLS certificate issuance with external provider (DigiCert). • Monitoring/updating Akamai Kona WAF rules, working closely with Akamai SME team. • Leading Cybersecurity Incident detection and response utilising Carbon Black, Akamai • Writing playbooks for Cybersecurity Incident detection and response • Documenting and publishing the Very Group Information Security Policy • Documenting and publishing the Very Group Vulnerability Management policy and processes
GKN Automotive (placed as Netcompany Senior Infrastructure Consultant) 10/04/2021 - 03/25/2025
Threat and Vulnerability Manager
• Leads and manages Patch and Vulnerability Management activities on behalf of the client. Engaging key in-house and 3rd party stakeholders across the business responsible for patching and remediation of operating system and application vulnerabilities across the IT and OT estate. Holding stakeholders accountable for agreed remediation actions and timescales, in accordance with policy. • Liaise with 3rd party supplier to manage Qualys tooling infrastructure to monitor and improve service through engagement with service management team. Using this approach detections have been reduced by over 50% since engagement began. • Coordination and management of Penetration tests ensuring full coordination with projects, BAU services and 3rd party suppliers. Scoping Penetration Tests with internal stakeholders and key 3rd party vendors to meet audit requirements and to ensure delivered projects comply with organisational requirements. This includes follow up verification of issue criticality (considering local mitigations) assigning remediations and agreeing timescales for delivery. Residual risks are then passed into the risk management process. • Developed and deployed tactical response to achieve TISAX compliance. • Develops playbooks processes and procedures for Microsoft Azure Sentinel Security Incident Management process. Engaging with analysts and stakeholder teams to agree, develop and document responses. This can involve several sets of tooling including Carbon Black and Microsoft Azure Sentinel. Work with outsourced SIEM to agree/tune detection response process. Review 3rd party SIEM against SLAs, agreeing improvements with supplier team lead. • Documented and developed Daily manual Cyber Threat Intelligence process established to complement automated MISP approach. • Liaise with 3rd Party DNS management provider to maintain effective control over client IP artefacts. • Engaging the Risk Management processes to capture residual risks to treat, terminate, tolerate or transfer. Risks are logged together with their justification, likelihood and impact, evidence of compensating controls and future plans for remediation.
Portfolio
