09/06/2022 updated

DM
100 % available

SIEM Consultant, SIEM and Cloud Consultant, ArcSight Content Engineer

London, United Kingdom
United Kingdom
London, United Kingdom
United Kingdom

Profile attachments

CV - Derek McCallum

Application Programming Interfaces (APIs)Amazon Web ServicesData AnalysisPenetration TestingJIRAAuthenticationsMicrosoft AzureBig DataUnixCloud ComputingComplex NetworksComputer SecurityData CentersData MigrationDomain Name System (DNS)JSONPython (Programming Language)Network SecurityMicrosoft SQL ServersOperations SecurityOracle ApplicationsWindows PowerShellSecurity Information and Event ManagementSarbanes-Oxley Act (SOX) ComplianceSyslogExtensible Markup Language (XML)OktaBoto3AWS LambdaAWS GlueFirepowerCloudwatchElastic Load BalancingVmware
Cloud, data migration, big data, AWS Glue, Athena, Kenesis, Boto3, parquet data formats, AWS, Azure, AWS Lambda, Python, Powershell, SIEM, AWS Boto3, data analysis, cyber security, CEF Syslog, Folder-Follower, JSON, XML, Okta, API, XML authentication logs, Atlassian Crowd, Jira, VMWare, DNS, Filegateway services, Firepower, CloudWatch, ELB, Checkpoint, OPSEC, Oracle, MS-SQL, complex networks, data centres, SOX, penetration testing, Network Security, Unix

Languages

EnglishGood

Project history

Cloud Solutions Architect

AXA

Banking & Financial Services

>10.000 team member

AXA is one of the world’s leading providers of insurance and financial services.

  • Currently engaged as Cloud Solution Architect and Technical Project Manager to lead the end to end delivery of a business-critical cloud data migration project to reduce costs of on-premise NAS storage.
  • Develop high level designs, roadmaps, solution options and proof of concept big data system using AWS Glue, Athena, Kenesis, Boto3 and parquet data formats.
  • Led solution proposals through global architecture review board processes, and validation of new AWS services for use throughout AXA Group
  • Manage relationships with 3rd parties to facilitate technical delivery of strategic initiatives including a major Next Gen SOC project based on Azure Sentinel.
  • AWS Lambda and Azure cross-cloud Python and Powershell function development.
  • Onboarding and integration of AXA operating companies to ArcSight SIEM.

SIEM Consultant

DXC Technology
DXC Technology is the world's leading end-to-end IT services and solutions company.
* Engaged as SIEM Consultant to lead the onboarding of applications and platforms into managers
servers for a major client - Vodafone. This involved configuring, running and deploying AWS
GuardDuty monitoring system and using Python and AWS Boto3 to extract and transform data
presentation with the aim of enhancing MI reporting capability.
* Developed and implemented customer use cases into SIEM policies, logged event information
including filters, active lists and dashboard, managed risks and developed ArcSight Flex
Connector solutions.
* Oversaw and coordinated data analysis activities and built Python toolsets to assess data spikes.
* Led the successful onboarding of the world's largest internet AS backbones into the managed SIEM
service and onboarded application log sources to ArcSight.

SIEM and Cloud Consultant

ITC Secure Networking
ITC Secure Networking provides cyber security solutions to organisations in over 180 countries.
* Engaged as SIEM and Cloud Consultant to provide technical integration insights and
recommendations to clients including YouView, Schroders and BAT.
* Conducted detailed AWS security and compliance assessment for YouView in line with AWS
Well-Architected, Security Best Practices and Cloud Adoption frameworks.
* Managed development of flex connectors including CEF Syslog, Folder-Follower, JSON and XML.
* Designed and developed system architecture and design solutions to support business requirements
in line with ongoing, business-critical transformation activities.
* Delivered ArcSight Flex Connector solutions to integrate application log sources including Okta,
API, XML authentication logs, Atlassian Crowd, Jira, VMWare, DNS, Filegateway services, Firepower
and AV.
* Led delivery of the company's greenfield SIEM Cloud deployment involving integrating AWS
CloudTrail, CloudWatch, GuardDuty and ELB / ALB log sources using Python, Boto3, and ArcSight
flex connectors.
* Developed and introduced an Ansible toolset within the managed SIEM operations infrastructure.
* Created detailed user guides and manuals for processes, systems and procedures to ensure
compliance.
* Led the response to a major security incident at Coca-Cola European Partners caused by failure of
an internal system due to a domain name being registered by external party. This involved
analysing circumstance of domain transfer, providing incident report and aiding domain recovery.

ArcSight Content Engineer

Telefonica O2
Telefonica O2 is one the leading mobile and web telecommunications providers in the world.
* Engaged as ArcSight Content Engineer to manage and coordinate the end to end implementation of
ArcSight services to the Telefonica Smart Metering business transformation programme.
* Led the implementation of ArcSight ESM 6.8 with ownership for overseeing configuration and
ensuring minimal operational downtime.
* Created content for policies, rule filters, active lists and scheduled reports in line with GPG13
and defined strategies and solutions to support the delivery of the Smart Metering programme.

ArcSight SIEM Engineer

Bluefish Communications Ltd
Bluefish Communications Ltd provides innovative technology solutions to drive tangible business
change.
* Engaged to provide technical integration support to the Npower Smart-Metering project with
ownership for directing SmartConnector integration across a broad IT platform and application
estate.
* Managed complex network environments including Checkpoint, OPSEC, Oracle and MS-SQL.
* Led and coordinated the end to end implementation and configuration of ArcSight ESM 6.9 system.
* Conceptualised, developed and produced innovative policy content for a greenfield SIEM
installation.

ArcSight SIEM Engineer

HPE Managed Security Services
HPE Managed Security Services helps protect vital data from information predators.
* Engaged as ArcSight SIEM Engineer to lead and coordinate the end to end deployment of SIEM
systems and processes in collaboration with the HP Enterprise MSS ArcSight Deployment team.
* Designed user cases and led testing and QA environments to ensure delivery of fit for purpose
solutions.
* Led the successful onboarding of global clients and deployment of ArcSight SIEM solutions to
shared multi-client environments ensuring alignment with client requirements.
* Oversaw the integration of the SmartConnector system to client devices, managed upstream ArcSight
infrastructure across complex networks and led implementation of ArcSight ESM systems, connector
appliances and ArcMC.
* Directed the end to end lifecycle of ArcSight platforms including tiered architecture platform
sizing, upgrades and deployments.
* Spearheaded the successful integration of HPE Hellion Cloud infrastructure with managed SIEM
services which involved defining event collector architecture from global data centres to UK SIEM
operations.

Technology Risk Consultant

Shell- Treasury IT
Shell is a global group of energy and petrochemical companies operating in more than 70 countries.
* The purpose of the role was to oversee and represent Shell's internal IRM function as a key
member of the Treasury IT team with ownership for managing and coordinating information security
on liquidity and cash management projects for the group.
* Managed ArcSight SIEM monitoring operations and policy content development whilst additionally
providing trusted insights and recommendations to business units and key stakeholders.
* Led the end to end automation of SOX control execution via ArcSight and ensured all IT projects
were delivered in line with SOX, Finance, IT General, Data Privacy and Technology Export
regulations.
* Oversaw and coordinated the treasury IT penetration testing programme and audit response.
* Played a pivotal role in identifying and analysing opportunities for continuous systems
improvement within the production environment through upgrades, security and incident response
executions.

Cyber Threat Analyst

Royal Bank of Scotland

Network Security Engineer

Virgin Media

Unix and Network Security Engineer

Deutsche Bank AG

Contact form

Log in to get in touch

You need to be logged in to use the contact form.

Sign upLog in