Projects & Achievements

University of the Arts London · 2022–2023

Led the end-to-end evaluation, proof-of-concept and full enterprise deployment of CrowdStrike Falcon EDR and NG-SIEM across an 8,000-user hybrid estate, replacing legacy endpoint tooling.

• ✓Established detection engineering, threat hunting and Tier 3 incident response capability from scratch
• ✓Replaced legacy AV/EDR with modern XDR capability across Windows, Mac and Linux endpoints
• ✓Created detection content library covering MITRE ATT&CK techniques relevant to UAL's threat profile
• ✓Reduced mean time to detect (MTTD) and mean time to respond (MTTR) significantly

University of the Arts London · 2022–2024

Transformed the organisation's vulnerability management programme by migrating from Nessus to Tenable.io and introducing Pentera for continuous Breach and Attack Simulation.

• ✓Migrated vulnerability scanning from Nessus to Tenable.io, improving coverage and reporting
• ✓Introduced Pentera (BAS) for continuous control validation across the hybrid estate
• ✓Introduced Tanium for asset discovery and patch management
• ✓Established a risk-based remediation prioritisation process aligned to CVSS and business impact

University of the Arts London · 2022

Deployed BeyondTrust Privileged Access Management (PAM) across the organisation, strengthening privileged account governance and reducing the attack surface for credential-based attacks.

• ✓Implemented just-in-time (JIT) access for privileged accounts
• ✓Reduced standing privileged access across the estate
• ✓Integrated PAM with existing SIEM for privileged activity monitoring
• ✓Established session recording for privileged user activity

University of the Arts London · 2023–2024

Designed and implemented PowerShell-based automation and SOAR workflows to reduce manual alert triage workload, covering ransomware, phishing, insider threat and identity-based attack scenarios.

• ✓Automated alert triage, enrichment and initial response for common attack scenarios
• ✓Reduced manual triage time per alert significantly
• ✓Developed playbooks aligned to NIST 800-61 and MITRE ATT&CK
• ✓Integrated with Microsoft Sentinel and CrowdStrike NG-SIEM

HICX Solutions Ltd · 2021–2022

Co-led the organisation's Cyber Essentials+ and ISO 27001 certification programmes, implementing security controls, hardening configurations and preparing audit-ready documentation end-to-end.

• ✓Successfully achieved Cyber Essentials+ certification
• ✓Supported ISO 27001 certification programme from scoping through to certification
• ✓Implemented security controls across technical and process domains
• ✓Produced audit-ready documentation, risk registers and policy frameworks

University of the Arts London · 2022–2023

Built out Microsoft Sentinel as the organisation's primary SIEM, creating KQL analytics rules, detection content, threat hunting queries and automation playbooks.

• ✓Created a comprehensive library of KQL analytics rules aligned to MITRE ATT&CK
• ✓Built automated incident enrichment and response workflows
• ✓Integrated data connectors across Microsoft 365, Azure AD, CrowdStrike and network infrastructure
• ✓Established regular threat hunting cadence across large datasets