DM

Derek McCallum

available

Last update: 06.09.2022

SIEM Consultant, SIEM and Cloud Consultant, ArcSight Content Engineer

Company: Sambel Ltd
Graduation: not provided
Hourly-/Daily rates: show
Languages: English (Limited professional)

Attachments

Derek McCallum ChronoCV 20210210.docx

Skills

Cloud, data migration, big data, AWS Glue, Athena, Kenesis, Boto3, parquet data formats, AWS, Azure, AWS Lambda, Python, Powershell, SIEM, AWS Boto3, data analysis, cyber security, CEF Syslog, Folder-Follower, JSON, XML, Okta, API, XML authentication logs, Atlassian Crowd, Jira, VMWare, DNS, Filegateway services, Firepower, CloudWatch, ELB, Checkpoint, OPSEC, Oracle, MS-SQL, complex networks, data centres, SOX, penetration testing, Network Security, Unix

Project history

07/2019 - 03/2021
Cloud Solutions Architect
AXA (Banks and financial services, >10.000 employees)

AXA is one of the world’s leading providers of insurance and financial services.

  • Currently engaged as Cloud Solution Architect and Technical Project Manager to lead the end to end delivery of a business-critical cloud data migration project to reduce costs of on-premise NAS storage.
  • Develop high level designs, roadmaps, solution options and proof of concept big data system using AWS Glue, Athena, Kenesis, Boto3 and parquet data formats.
  • Led solution proposals through global architecture review board processes, and validation of new AWS services for use throughout AXA Group
  • Manage relationships with 3rd parties to facilitate technical delivery of strategic initiatives including a major Next Gen SOC project based on Azure Sentinel.
  • AWS Lambda and Azure cross-cloud Python and Powershell function development.
  • Onboarding and integration of AXA operating companies to ArcSight SIEM.

06/2018 - 04/2019
SIEM Consultant
DXC Technology

DXC Technology is the world's leading end-to-end IT services and solutions company.
* Engaged as SIEM Consultant to lead the onboarding of applications and platforms into managers
servers for a major client - Vodafone. This involved configuring, running and deploying AWS
GuardDuty monitoring system and using Python and AWS Boto3 to extract and transform data
presentation with the aim of enhancing MI reporting capability.
* Developed and implemented customer use cases into SIEM policies, logged event information
including filters, active lists and dashboard, managed risks and developed ArcSight Flex
Connector solutions.
* Oversaw and coordinated data analysis activities and built Python toolsets to assess data spikes.
* Led the successful onboarding of the world's largest internet AS backbones into the managed SIEM
service and onboarded application log sources to ArcSight.

07/2017 - 05/2018
SIEM and Cloud Consultant
ITC Secure Networking

ITC Secure Networking provides cyber security solutions to organisations in over 180 countries.
* Engaged as SIEM and Cloud Consultant to provide technical integration insights and
recommendations to clients including YouView, Schroders and BAT.
* Conducted detailed AWS security and compliance assessment for YouView in line with AWS
Well-Architected, Security Best Practices and Cloud Adoption frameworks.
* Managed development of flex connectors including CEF Syslog, Folder-Follower, JSON and XML.
* Designed and developed system architecture and design solutions to support business requirements
in line with ongoing, business-critical transformation activities.
* Delivered ArcSight Flex Connector solutions to integrate application log sources including Okta,
API, XML authentication logs, Atlassian Crowd, Jira, VMWare, DNS, Filegateway services, Firepower
and AV.
* Led delivery of the company's greenfield SIEM Cloud deployment involving integrating AWS
CloudTrail, CloudWatch, GuardDuty and ELB / ALB log sources using Python, Boto3, and ArcSight
flex connectors.
* Developed and introduced an Ansible toolset within the managed SIEM operations infrastructure.
* Created detailed user guides and manuals for processes, systems and procedures to ensure
compliance.
* Led the response to a major security incident at Coca-Cola European Partners caused by failure of
an internal system due to a domain name being registered by external party. This involved
analysing circumstance of domain transfer, providing incident report and aiding domain recovery.

03/2017 - 07/2017
ArcSight Content Engineer
Telefonica O2

Telefonica O2 is one the leading mobile and web telecommunications providers in the world.
* Engaged as ArcSight Content Engineer to manage and coordinate the end to end implementation of
ArcSight services to the Telefonica Smart Metering business transformation programme.
* Led the implementation of ArcSight ESM 6.8 with ownership for overseeing configuration and
ensuring minimal operational downtime.
* Created content for policies, rule filters, active lists and scheduled reports in line with GPG13
and defined strategies and solutions to support the delivery of the Smart Metering programme.

09/2016 - 01/2017
ArcSight SIEM Engineer
Bluefish Communications Ltd

Bluefish Communications Ltd provides innovative technology solutions to drive tangible business
change.
* Engaged to provide technical integration support to the Npower Smart-Metering project with
ownership for directing SmartConnector integration across a broad IT platform and application
estate.
* Managed complex network environments including Checkpoint, OPSEC, Oracle and MS-SQL.
* Led and coordinated the end to end implementation and configuration of ArcSight ESM 6.9 system.
* Conceptualised, developed and produced innovative policy content for a greenfield SIEM
installation.

02/2015 - 08/2016
ArcSight SIEM Engineer
HPE Managed Security Services

HPE Managed Security Services helps protect vital data from information predators.
* Engaged as ArcSight SIEM Engineer to lead and coordinate the end to end deployment of SIEM
systems and processes in collaboration with the HP Enterprise MSS ArcSight Deployment team.
* Designed user cases and led testing and QA environments to ensure delivery of fit for purpose
solutions.
* Led the successful onboarding of global clients and deployment of ArcSight SIEM solutions to
shared multi-client environments ensuring alignment with client requirements.
* Oversaw the integration of the SmartConnector system to client devices, managed upstream ArcSight
infrastructure across complex networks and led implementation of ArcSight ESM systems, connector
appliances and ArcMC.
* Directed the end to end lifecycle of ArcSight platforms including tiered architecture platform
sizing, upgrades and deployments.
* Spearheaded the successful integration of HPE Hellion Cloud infrastructure with managed SIEM
services which involved defining event collector architecture from global data centres to UK SIEM
operations.

09/2010 - 02/2015
Technology Risk Consultant
Shell- Treasury IT

Shell is a global group of energy and petrochemical companies operating in more than 70 countries.
* The purpose of the role was to oversee and represent Shell's internal IRM function as a key
member of the Treasury IT team with ownership for managing and coordinating information security
on liquidity and cash management projects for the group.
* Managed ArcSight SIEM monitoring operations and policy content development whilst additionally
providing trusted insights and recommendations to business units and key stakeholders.
* Led the end to end automation of SOX control execution via ArcSight and ensured all IT projects
were delivered in line with SOX, Finance, IT General, Data Privacy and Technology Export
regulations.
* Oversaw and coordinated the treasury IT penetration testing programme and audit response.
* Played a pivotal role in identifying and analysing opportunities for continuous systems
improvement within the production environment through upgrades, security and incident response
executions.

11/2008 - 10/2009
Cyber Threat Analyst
Royal Bank of Scotland


05/2008 - 11/2008
Network Security Engineer
Virgin Media


08/2004 - 03/2008
Unix and Network Security Engineer
Deutsche Bank AG


Local Availability

Only available in these countries: United Kingdom
Profileimage by Derek McCallum SIEM Consultant, SIEM and Cloud Consultant, ArcSight Content Engineer from London SIEM Consultant, SIEM and Cloud Consultant, ArcSight Content Engineer
Register