Hemel Hempstead, UK
+44 777 157 6028
I wish to carry on my international career and am looking for a position with an established and stable company. I have international management experience and a strong technical background in programming, Unix administration and network security. I am a very motivated person, with a thirst for knowledge.
07/2001- Present -British Petroleum (BP Plc)- London, UK
Global Security Administration and Monitoring Manager
I am managing a team of 12 people across the world. My role is to make sure the team runs efficiently and the work is delivered to SLA. A lot of my work is to do with communication, organization, coaching, planning and decision-making. I also have to provide technical expertise to the team and therefore had to learn exactly what they are doing.
The team does user administration and monitoring for approximately 450 Unix servers across the world. We will soon be adding the monitoring of over 10.000 NT servers.
§ Monitoring - This consists of analyzing the logs sent to the monitoring mailbox and looking for any suspicious user activities (repetitive bad logins, login to secure server, sharing of UserID, etc).
§ User Security Administration - Creation, deletion and modification of Unix UserID and setting up permissions using Keon and other BP in house tools. Requests either come from our team’s website developed internally (tracking, consistency check, database query, etc) or by email to our support mailbox.
§ VPN - We administrate how users logon to the BP intranet over the Internet (iLink/iPlanet). User administration of 5 ACE servers for over 2000 Users. Investigation of any problems with SecureID used to logon remotely and for privileged access.
§ Database Integrity / Assurance Process - Database consistency check, update of user Information, chase accesses given to users which have not been requested nor authorized.
§ Security Projects - In order to improve the team efficiency, I have designed and managed many projects. As a result the team is now in a position to produce statistics, improve the SLA, automate check, etc.
Here are the 3 main projects I worked on:
i) Statistics project- A webpage displaying live stats on each task the team is doing and sending team leaders auto warning if the SLA goes down.
ii) Monitoring project - A webpage to offer a front end for the monitoring to do it more quickly, deal with more logs (i.e.: Unix, NT) and reduce the number of human errors and better coordination. It also provides a tracking system to search previous problems.
iii) Report Project - A webpage to produce reports on the fly (i.e.: number of people with privileged accounts per countries, etc) for management, audit and other teams.
On top of being able to do any of the tasks described above and give guidance to the team, I had to improve how they work:
§ Communication - I have started a weekly team meeting and a monthly individual meeting allowing me to identify problems more quickly and give and receive constant feedback.
§ Training - I made sure the whole team was trained on each of the tasks we are doing. This is to avoid having key people in some areas causing problems when taking time off. I also motivated the team to get IT training relevant to our work.
§ Procedures - I have re-written almost all the procedures and made sure all of our work was documented.
§ Work improvement - The team is now using standard documents. The different emails sent to users have also been standardized for consistency. Improved how the team handles requests and as a direct result our SLA went from an average of 43% a month to 92% for the last 5 months. For each of our key tasks one person is assigned a “prefect” and will have to monitor daily how the task is doing and let me know its status.
§ Work planning - I re-organized the way the team was working by creating a new monthly rota taking in consideration the time difference and staff location.
§ Security Consultancy - I am involved in different projects and teams to provide guidance with the BP User Security policy. (Security handover to local, Windows Back office migration, SAP)
When I joined BP I had been asked to improve the way the team was working. I would say that my achievement in this role has been to learn quickly how to be independent, re-motivate the team, bring standards and professionalism to the work we are doing and have new ideas.
03/2001–06/2001 -Bluestone Consulting- CA, USA
Unix Field Consultant
My duties were to provide Unix administration support to the different clients Bluestone was working with. This includes Shell/Perl Scripting, Security administration, Software installation and support.
1999–2001 -Merrill Lynch Investment Managers- London, UK
Senior UNIX Specialist
While at Merrill Lynch my duties were split between project work and manning the UNIX support desk, which was rotated around the team on a daily basis. I was also the Unix security specialist.
My general UNIX Administration Duties were:
- 24x7 support of 50 Unix servers (Ultra 10 to E4500) and tuning
- Setting up new user logins or deleting old users
- Providing support and consultation to Sybase DBAs and
My main project work were:
§ Firewall and Network Security – I was part of the team in charge of the Chekpoint Firewall I and Nokia Firewalls. We had to design, check and implement firewall rules, address translation, fail over, VPN. I was also conducting security audits, penetration testing and keeping updated on every new security issue by subscribing to security mailing list and searching the Internet. For this project some of the tools I used were TCPdump, snort, Cops and ASET.
§ Advanced Shell Script FTP Scheduler - Development, implementation and support of an extra FTP layer allowing automatic and secure FTP transfer. It has been done in C-shell/Perl script and was transferring critical financial data to company's worldwide offices. The main difficulties were to deal with all the different type of file transfer servers (XCOM, ftp on Unix and NT) and all the different file systems using SAMBA. The key words for this project were security, modularity, and efficiency.
§ Advanced Perl patch installer - Development, implementation and support of an "intelligent" packages installer script in Perl. Remotely checking packages on all the Unix servers against the software installed, version, hardware, and operating system. Generating HTML, CSV and text file reports. This script has first been used during the company Y2K testing and is now used on a weekly basis to generate reports on the different servers patch status.
§ Servers monitoring robot - Optimization of all the shell script generating the HTML files used by the Unix team to check the Unix network and servers configuration: disk space warning; network connection; network services; hardware/software listing; firewall, web server and proxy status.
§ Remote UNIX server connection - Find, evaluate, document and implement the possible replacement of Solstice used by the developers to access the Unix servers from their NT workstation and Laptop. The 3 main products I worked on were: VNC, SAMBA, Citrix Metaframe.
§ Backup Solution – I was in charge of the Veritas Netbackup solution and the StoragTek Robot Library. I had to design the backup policy, coordinate and plan the backup tapes management.
1998–1999 -Merrill Lynch Investment Managers- London, UK
Unix and NT Security Administrator
§ Financial Information eXchange (FIX): This was my most important project as I had to evaluate the security risk of the whole project, work with all the different teams and third party involved and find a solution to all the security issues. This project was mainly about cryptography and PKI. As a result of my report, the designed of the project has been changed.
§ Security administration of 50 UNIX (Solaris) Servers, 100 NT4 servers and 2 OS/2 servers
§ Access control management: setting the security policy, users access on files/servers, security risk evaluation on new projects, security support for other teams
§ I wrote an application in Visual Basic and Visual C++ to automate the Access Control Management (Adding, deleting, moving users, access on files/servers, algorithm to find UserID from part of a full name, etc). This saves up to a third of the time needed for each Access Control problem.
§ Remote access management: Managing the 'ACE' server from Security Dynamics, SHIVA. Setting and auditing the Firewall-1.
§ Penetration testing: Maintaining an up to date security database, testing security problems. This was done by a daily check on security web sites/mailing list.
§ Unix security report: Evaluating and checking the security level of the Unix company network.
§ WEB Security report: Evaluating and checking the security level of the Apache WEB server used by the company.
4/1997–4/1998 -ASI- Lyon, FRANCE
Network Security Consultant
§ Audit the company network security on a monthly basis
§ Created automatic bank deduction program
§ Created, implemented and secured a vocal courier service
§ Created a network activity monitoring robot (in C and shell script)
§ Created an e-commerce application in order to let the company’s customer buy online. The applet and server application have been written in JAVA.
1996–1998 -Teesside University- Teesside, UK
Bachelor of Science degree
§ The different subject I have chosen were: C programming, Java programming, Fortran programming, Network programming, Network administration, Artificial Intelligence
§ For my second year I specialized in Computer Security.
§ My Final year Bachelor’s project was to create my own cryptography algorithm and implement it on UNIX and Windows. Then I had to find many enhancements for my application (Hide a message in a picture, copyright a picture, use of fractal function to crypt, etc)
§ My Bachelor of Science work placement took place at Top Gun Karting (Hartlepool) where I had to create a Windows 95 application to manage a real time car race. I had to create a good graphical user interface, statistics, graduation algorithm, communication with a radio system, etc. I created the application in DELPHI.
1997 -University of Lyon- Lyon, FRANCE
DUETI (Bachelor of Science degree)
§ This is an international degree. You have to spend a year abroad in a University. At the end of the year you have to write a dissertation on your international experience. You then do a presentation in front of an academic and professional jury. This presentation last for 2 hours and the subject is free
§ In July 1997, my dissertation was accepted and I received the jury congratulation for my presentation and the success of my international experience. The presentation subject I chose was: "The benefits of an international experience for a career, and how to adapt"
1994–1997 -University of Lyon- Lyon, FRANCE
DUT (Associate Degree)
§ This degree equivalent to an HND degree in England is specialized in network administration and network programming.
§ During this 2 years degree I have been in charge of the Linux Student Network used by 200 students.
§ My final year project was to install and administrate a complex Linux network, in the aim of increasing my network knowledge (TCP/IP, DNS, NFS, NIS, FTP and SNMP.
§ My work placement took place at ASI (Lyon, FRANCE), a French ISP. I had to find and develop a solution to make secure financial exchange on the Internet in JAVA. I also had to work at the Helpdesk to get familiar with ISP network common problems and customer support.
Certifications and Training
§ Sun Solaris 7 Systems Administration I
§ Sun Solaris 7 Systems Administration II
§ Sun Solaris 7 TCP/IP
§ Sun Solaris 8 System Security
§ Integralis Firewall I Administration
§ Integralis Firewall I Advanced
§ Securing the Distributed Environment
§ First Aid at Work
§ Winner of the European individual computing competition (Artificial Intelligence) organized by EPITA: PROLOGIN 1996 where 4000 people participated and 100 finalists had to program during a 36 hours non-stop final: http://www.encryptsolutions.com/english/author/prologin.html
§ My cryptography algorithm (BUGS) is referenced on the US NAVY WEB Site and I have designed a web site for this project: http://www.encryptsolutions.com. My application is in the process of becoming part of the GNU project.