easyJet PLC

European airline and holidays business.

• Monitor, triage and analyse SIEM alerts and incident tickets across IT operations security, using Microsoft Defender and Splunk for security alerting and investigation.
• Contribute to incident response, on-call support and incident management processes.
• Report on security events and create intelligence to support tuning and response improvements.
• Support IT security risk, governance and operational security activities.
• Develop and improve security incident investigation and resolution workflows within the ServiceNow Security Operations module.
• Build automation using Python, ServiceNow and PowerShell to improve remediation workflows.
• Work with cloud application security controls and operational security tooling.

New Web Sites Limited

• Managed websites for small businesses, including hosting, maintenance and operational support.
• Supported marketing campaign hosting and tracking using Mautic and Tracking202.
• Delivered DevOps support across WordPress, PHP, JavaScript and NPM-based workflows.

Smiths Group PLC

Global engineering and medical technology group.

• Provided Level 3 IT security support across enterprise security operations.
• Supported implementation and operational use of security tools including Rapid7 SIEM and Trend Micro enterprise security suite.
• Participated in change approvals scrutiny and high-level design review boards.
• Worked with security tooling, event logging and operational risk processes across a complex global environment.

T-Systems / EE

• Worked on RSA enVision, enabling log feeds from PCI environments, critical servers and key network segments.
• Provided IT-related security alerts and event visibility for SOC analysts to investigate.
• Trained compliance teams to understand which RSA enVision alerts could affect PCI integrity and required SOC investigation.
• Progressed from contract to permanent employment during the five-year engagement, with approximately 60% contract and 40% permanent tenure.