Ross Webb

Experience

• 

  Hewlett Packard Enterprise

  Jan 2006 - Jul 2016

  Responsible for delivering Managed Security Services from the EMEA SOC, leading a team of 12 Level 2 Shift Engineers and 14 Level 1-3 Security Consultants. Responsible for delivering Managed Security Services from the EMEA SOC, leading a team of 14 security consultants. Responsible for leading Level 1-2 technical engineers in both Managed and non-managed services within the Network Security Operations team.

  • SOC MSS Shift & Core Products Operations Manager

    May 2016 - Jul 2016

  • SOC MSS Core Products Operations Manager

    Feb 2013 - May 2016

  • SOC MSS Frontline Manager

    Mar 2011 - Feb 2013

  • Security Support Consultant

    Jan 2006 - Mar 2011
• 

  TalkTalk

  Aug 2016 - Mar 2024

  • Senior Security Incident & Testing Manager

    Jan 2024 - Mar 2024

  • Senior Security Incident Manager

    Aug 2021 - Jan 2024

  • Security Incident Manager

    Aug 2016 - Aug 2021
• 

  PXC

  Mar 2024 - now

  Senior Security Incident Response and Testing Manager

  - A proficient Senior Security Incident Response and Testing Manager within the Security Operations, Intrusions, and Investigations team. I have contributed significantly toward advancing and maturing cyber-security at PXC/TaIkTaIk Telecom Group.- Leading and managing incident response teams, across the group for Major and High severity security incidents. Following the principles of the NIST framework to Identify, Protect, Detect, Respond and Recover in order to manage and reduce cyber security risks effectively.- Collaborating with technical subject matter experts in Threat Intelligence, Digital Forensics, and Intrusions. Coordinating response across Senior Leadership, Data Privacy/GDPR, Press Office, Legal and Compliance teams to ensure comprehensive incident management.Working closely with the Security Director and Head of Security Operations, along with senior leadership within security and across the business to align and implement robust security strategies.- Compliance Knowledge experience in telecommunications and critical national infrastructure (CNI), ensuring adherence to regulatory requirements. Proficient in managing and reporting obligations to Ofcom, the Information Commissioner's Office (ICO), technical authorities such as the National Cyber Security Centre (NCSC), and law enforcement agencies including the National Crime Agency (NCA) and local authorities. Supporting adherence to the Telecoms Security Act 2021, IS027001 / 9001, PCI and GDPR audits.- Delivering clear and concise communication to Executive Committee members, senior leadership, and technical stakeholders. Providing regular, pertinent situation reports tailored to the intended audience.Leveraging technical SME expertise, security tooling and effective processes to identify the best detection and response strategies for incident resolution.- As a Blue team leader, responding to Red team attack simulations to document and identify opportunities to improve capability. Show less