Scott is the IT Security Team Leader for a growing IT security function at Barnett Waddingham.
His role involves driving security standards across our various systems and networks, while also proactively identifying gaps and implementing his strategy on how these gaps should be addressed.
Scott is also involved writing policies to improve our security posture and managing the workloads of security engineers.
His main areas of expertise are networking, network security, incident response, vulnerability management, attack surface reduction and security information and event management (SIEM).
Among his recent achievements, he has been Technical Lead on BW's Liverpool office move, involved in a Cisco 802.1x NAC project, and has delivered 20+ training sessions to Network Support/IT Security teams.
Significant experience:
- Cyber Essentials+ certifcation – this is a UK government backed accredetation that we have now gained for two consecutive years and demonstrates that we have taken steps to safeguard our systems and data.
- SIEM – implemented a centralised log management solution to ensure that our systems and data are monitored for abnormal and malicious behaviour.
- Vulnerability management – configured and optimised a new vulnerability management solution along with scan scheduling to assess security vulnerabilities across our systems and applications.
- Email security – onboarded a new email security solution focusing on machine learning, natural language processing and AI. Scott also provided training sessions on the product and what to expect for our internal IT teams.
- Automated response – put measures in place to ensure that if our systems are compromised then they are automatically taken offline so that the infection can’t spread.
- Security policies – Scott has written a patch management policy detailing timeframes for remediating vulnerabilities based on their severity and criticality. Scott also wrote an incident response plan which outlines how we should respond in the unfortunate event our systems are ever compromised by a threat actor.
- Chair of the security champions guild, bringing together members of different teams and working together to improve the security posture of the organisation