Garen K.

Experience

• 

  NTT Com Security

  Oct 2012 - Sept 2014

  Security Consultant

  My first job out of university, I was working as a Security Consultant for various clients, fulfilling different requirements as need by each client agreement and contract.Key responsibilities:- Produced procedural documentation to run daily operations smoother. - Assisted with SOC type security investigations and reporting the findings to the customer.- Provided daily analysis for vulnerabilities and threats to the customer.- Raised the customer’s awareness to weaknesses and vulnerabilities within their estate. Exposure to tooling/vendors such as:- Qualys Scanner- Outpost24 Scanner- RSA enVision - RSA Security Analytics - RSA NetWitness - RSA NetWitness Administrator- RSA Archer - GRC- FireEye - Sourcefire- Wireshark Show less

• 

  Outpost24

  Sept 2014 - Jan 2016

  Managed Services IT Security Consultant

  I was responsible for up to 17 clients, delivering a managed security service for the clients’ vulnerability management strategy. I also assisted in enrolling new clients to the Outpost24 tool suite if the MSS was not purchased.Key responsibilities:- Created and organised a vulnerability management strategy for the clients. - Reviewed the results from the customer vulnerability scans.- Drafted and presented findings to a range of teams, from tactical to strategic levels. - Attended sales calls as technical support. - Conducted product training to a range of audiences; senior management to operational staff for different clients. - Delivered monthly or quarterly reports as required. Show less

• 

  BAE Systems

  Apr 2016 - Nov 2021

  As a consultant, I adopted different roles for a range of clients, depending on project requirements:Key responsibilities as a Security Operations Manager / Incident Response Manager: - Established, supported and improved collaboration practices, governance, policies, procedures and processes around security incident management within the clients’ organisations. - Managed a team of 3 people to run a security operations service for a client, leading to an increase of resolved incidents within the SLA by 95%. - Established a process for, and managed, privileged account requests for a client, leading to an increase of rejections by 50% and reduction of dormant privileged accounts by 20%. - Performed and supported security incident investigations as required. - Acted as a point of escalation for security incidents as the SME for major security incidents, providing support and guidance for resolution of incidents. - Developed my colleagues by delivering on the job training to operational staff to handle security incidents, as well as job succession training to my replacement on client accounts. - Developed ‘playbooks’ and ran ‘wargaming’ exercises for IT security incidents. - Established and drove continual service improvement activities, leading to an overall reduction of security incidents occurring. - Briefed management about security incidents, trends, and threat intelligence activity. - Conducted audit type reviews of the customer security operations capabilities.Key responsibilities as a senior Cyber Security Consultant: - Conducted audit type review of clients against the NIST Cyber Security Framework of their overall cyber security governance, risks, policies, processes and procedures. - Conducted workshops with key stakeholders to understand the organisational context and services. - Established and kept track of the project plan and resourcing using MS Project. Show less

  • Senior Cyber Security Consultant

    Apr 2017 - Nov 2021

  • Cyber Security Consultant

    Apr 2016 - Apr 2017
• 

  Deloitte

  Nov 2021 - now

  Assistant Manager