Derek McCallum available

Derek McCallum

SIEM Consultant, SIEM and Cloud Consultant, ArcSight Content Engineer

Profileimage by Derek McCallum SIEM Consultant, SIEM and Cloud Consultant, ArcSight Content Engineer from London
  • SW16 2UW London Freelancer in
  • Graduation: not provided
  • Hourly-/Daily rates:
  • Languages: English (Limited professional)
  • Last update: 21.09.2021
CV - Derek McCallum

You need an account to view this information.

Cloud, data migration, big data, AWS Glue, Athena, Kenesis, Boto3, parquet data formats, AWS, Azure, AWS Lambda, Python, Powershell, SIEM, AWS Boto3, data analysis, cyber security, CEF Syslog, Folder-Follower, JSON, XML, Okta, API, XML authentication logs, Atlassian Crowd, Jira, VMWare, DNS, Filegateway services, Firepower, CloudWatch, ELB, Checkpoint, OPSEC, Oracle, MS-SQL, complex networks, data centres, SOX, penetration testing, Network Security, Unix
  • 07/2019 - 03/2021

    • AXA
    • >10.000 employees
    • Banks and financial services
  • Cloud Solutions Architect
  • AXA is one of the world’s leading providers of insurance and financial services.

    • Currently engaged as Cloud Solution Architect and Technical Project Manager to lead the end to end delivery of a business-critical cloud data migration project to reduce costs of on-premise NAS storage.
    • Develop high level designs, roadmaps, solution options and proof of concept big data system using AWS Glue, Athena, Kenesis, Boto3 and parquet data formats.
    • Led solution proposals through global architecture review board processes, and validation of new AWS services for use throughout AXA Group
    • Manage relationships with 3rd parties to facilitate technical delivery of strategic initiatives including a major Next Gen SOC project based on Azure Sentinel.
    • AWS Lambda and Azure cross-cloud Python and Powershell function development.
    • Onboarding and integration of AXA operating companies to ArcSight SIEM.

  • 06/2018 - 04/2019

    • DXC Technology
  • SIEM Consultant
  • DXC Technology is the world's leading end-to-end IT services and solutions company.
    * Engaged as SIEM Consultant to lead the onboarding of applications and platforms into managers
    servers for a major client - Vodafone. This involved configuring, running and deploying AWS
    GuardDuty monitoring system and using Python and AWS Boto3 to extract and transform data
    presentation with the aim of enhancing MI reporting capability.
    * Developed and implemented customer use cases into SIEM policies, logged event information
    including filters, active lists and dashboard, managed risks and developed ArcSight Flex
    Connector solutions.
    * Oversaw and coordinated data analysis activities and built Python toolsets to assess data spikes.
    * Led the successful onboarding of the world's largest internet AS backbones into the managed SIEM
    service and onboarded application log sources to ArcSight.

  • 07/2017 - 05/2018

    • ITC Secure Networking
  • SIEM and Cloud Consultant
  • ITC Secure Networking provides cyber security solutions to organisations in over 180 countries.
    * Engaged as SIEM and Cloud Consultant to provide technical integration insights and
    recommendations to clients including YouView, Schroders and BAT.
    * Conducted detailed AWS security and compliance assessment for YouView in line with AWS
    Well-Architected, Security Best Practices and Cloud Adoption frameworks.
    * Managed development of flex connectors including CEF Syslog, Folder-Follower, JSON and XML.
    * Designed and developed system architecture and design solutions to support business requirements
    in line with ongoing, business-critical transformation activities.
    * Delivered ArcSight Flex Connector solutions to integrate application log sources including Okta,
    API, XML authentication logs, Atlassian Crowd, Jira, VMWare, DNS, Filegateway services, Firepower
    and AV.
    * Led delivery of the company's greenfield SIEM Cloud deployment involving integrating AWS
    CloudTrail, CloudWatch, GuardDuty and ELB / ALB log sources using Python, Boto3, and ArcSight
    flex connectors.
    * Developed and introduced an Ansible toolset within the managed SIEM operations infrastructure.
    * Created detailed user guides and manuals for processes, systems and procedures to ensure
    * Led the response to a major security incident at Coca-Cola European Partners caused by failure of
    an internal system due to a domain name being registered by external party. This involved
    analysing circumstance of domain transfer, providing incident report and aiding domain recovery.

  • 03/2017 - 07/2017

    • Telefonica O2
  • ArcSight Content Engineer
  • Telefonica O2 is one the leading mobile and web telecommunications providers in the world.
    * Engaged as ArcSight Content Engineer to manage and coordinate the end to end implementation of
    ArcSight services to the Telefonica Smart Metering business transformation programme.
    * Led the implementation of ArcSight ESM 6.8 with ownership for overseeing configuration and
    ensuring minimal operational downtime.
    * Created content for policies, rule filters, active lists and scheduled reports in line with GPG13
    and defined strategies and solutions to support the delivery of the Smart Metering programme.

  • 09/2016 - 01/2017

    • Bluefish Communications Ltd
  • ArcSight SIEM Engineer
  • Bluefish Communications Ltd provides innovative technology solutions to drive tangible business
    * Engaged to provide technical integration support to the Npower Smart-Metering project with
    ownership for directing SmartConnector integration across a broad IT platform and application
    * Managed complex network environments including Checkpoint, OPSEC, Oracle and MS-SQL.
    * Led and coordinated the end to end implementation and configuration of ArcSight ESM 6.9 system.
    * Conceptualised, developed and produced innovative policy content for a greenfield SIEM

  • 02/2015 - 08/2016

    • HPE Managed Security Services
  • ArcSight SIEM Engineer
  • HPE Managed Security Services helps protect vital data from information predators.
    * Engaged as ArcSight SIEM Engineer to lead and coordinate the end to end deployment of SIEM
    systems and processes in collaboration with the HP Enterprise MSS ArcSight Deployment team.
    * Designed user cases and led testing and QA environments to ensure delivery of fit for purpose
    * Led the successful onboarding of global clients and deployment of ArcSight SIEM solutions to
    shared multi-client environments ensuring alignment with client requirements.
    * Oversaw the integration of the SmartConnector system to client devices, managed upstream ArcSight
    infrastructure across complex networks and led implementation of ArcSight ESM systems, connector
    appliances and ArcMC.
    * Directed the end to end lifecycle of ArcSight platforms including tiered architecture platform
    sizing, upgrades and deployments.
    * Spearheaded the successful integration of HPE Hellion Cloud infrastructure with managed SIEM
    services which involved defining event collector architecture from global data centres to UK SIEM

  • 09/2010 - 02/2015

    • Shell- Treasury IT
  • Technology Risk Consultant
  • Shell is a global group of energy and petrochemical companies operating in more than 70 countries.
    * The purpose of the role was to oversee and represent Shell's internal IRM function as a key
    member of the Treasury IT team with ownership for managing and coordinating information security
    on liquidity and cash management projects for the group.
    * Managed ArcSight SIEM monitoring operations and policy content development whilst additionally
    providing trusted insights and recommendations to business units and key stakeholders.
    * Led the end to end automation of SOX control execution via ArcSight and ensured all IT projects
    were delivered in line with SOX, Finance, IT General, Data Privacy and Technology Export
    * Oversaw and coordinated the treasury IT penetration testing programme and audit response.
    * Played a pivotal role in identifying and analysing opportunities for continuous systems
    improvement within the production environment through upgrades, security and incident response

  • 11/2008 - 10/2009

    • Royal Bank of Scotland
  • Cyber Threat Analyst

  • 05/2008 - 11/2008

    • Virgin Media
  • Network Security Engineer

  • 08/2004 - 03/2008

    • Deutsche Bank AG
  • Unix and Network Security Engineer