Andrew Pounder MBCS CITP

Experience

• 

  Cummins Inc.

  Jan 1990 - Jan 1995

  Network Technology Specialist

  Although based at Darlington, my role was more or less in a "consultancy" capacity (along with two others in the Group) on a UK basis, helping the different UK Plants where necessary and being involved in corporate strategic projects rather than plant-based operational support. One of my first projects was to set up our Milan distributorship with TCP/IP PC network capabilities, enabling it to connect to the Cummins Wide Area Network (WAN) - similar to our Lyon office, (which I'd previously set up whilst still in Office Systems Group) but doing it all from scratch. I was also part of the team that integrated our UK administrative office in New Malden, using PC/NFS, into the Cummins WAN. Show less

• 

  UUNet

  Nov 1995 - Jan 1999

  Senior Internet Systems Engineer

  Joined whilst it was still known in the UK as Unipalm Pipex, working as a senior provisioning engineer to connect business clients to the Internet and project manage all aspects of their Internet requirements, offering technical support and interactive troubleshooting where necessary. Some of the tasks involved included IP address allocations via RIPE registry, Cisco router configuration, both backbone and client-side, on-call out-of-hours network monitoring and troubleshooting, hardware firewall configuration, Internet domains (DNS) creation & management, backbone BGP peering and routing.Specific responsibilities included:• Responsibility for project managing and provisioning Internet services for allocated customer accounts. These services included, assigning ip addresses, registering and redelegation of domains, configuration & installation of Cisco routers (both at UUNet and customer premises), testing Internet connectivity (mostly from dial-up, ISDN or E1 circuits), technical support for helping customers configure their SMTP mail, ftp, news and web servers, building TIS Gauntlet and Firewall-1 servers (for customer site).• On-call duty for out of business hours alarms (for UUNet UK backbone, servers & client circuits).• Development of provisioning documentation and training for other (new) installation engineers.• Design & development of technical knowledge management system (Perl & HTML based), centred around a search engine of FAQs and discussion forums.• Technical pre-sales activities.• 3rd level support for Helpdesk problem troubleshooting. Show less

• 

  Level3 Communications

  Jan 1999 - May 2000

  Manager, Technical Support , ECO

  Integral part of the UK project development and implementation teams that created their standard Internet services; Dedicated Internet Access (leased line connections) and Colocation (cabinet hosted connectivity in the Data Centre(s)).A stand-out project that I was technical lead for involved the migration of a number of key corporate ISP clients from BusinessNet onto the Level3 ISP infrastructure, which included seamlessly changing IP addresses, Internet routing and email access, without interruption to client services.Other role responsibilities included:• Technical support and training capacity for both the provisioning and helpdesk teams, providing hands-on examples and support documentation.• Management responsibility for small team of Technical Account Managers (TAMs), dealing with the more complex customer solutions, such as resilient connections (eg. using BGP).• As part of the departmental management team, duties included review and definition of department process and application requirements for new services. Show less

• 

  Dexterus Limited

  Jun 2000 - Oct 2001

  Senior IP Engineer

  Senior IP Engineer for this startup ASP that primarily served the financial community within the City Of London by offering gigabit LAN extensions into a resilient colocation infrastructure.I designed and implemented the resilient backbone routing infrastructure (OSPF), in addition to configuration and responsibility for ISP connectivity to Level3 Communications and LoNAP members using BGP peering. Heavily involved in the topology and network design of service offerings to blue chip clients.My other responsibilities included:• Provisioning customer connections, including design of topologies, configuration of VLANs, migration of any existing ISP services, and registering of IP addresses with RIPE• Technical pre/post sales activities, clients including News International• Consultancy capacity for internal technical matters• Development of provisioning and Internet-centric processes• 3/4th line support for technical escalations and troubleshooting Show less

• 

  WANWISE LIMITED

  Nov 2001 - now

  Director

  I originally established Wanwise to take advantage of the boom in Broadband Internet and promote the associated potential savings for businesses when compared to leased lines or "always-on" dial connections. However, the services and technical consultancy offered to SMEs has expanded over the years, as technologies and my own commercial focus evolved.A number of milestone events over the course of the years include:• Completion of a client's ISO 27001 information security project, helping a client pass their stage 2 audit for certification, by being a leading technical role in driving technical aspects through to ensure the newly introduced network infrastructure and information security tools were able to support the Information Security Management System (ISMS) and policies.• Consultancy for Energise-IT, which included the design and implementation of a robust data-centre-based solution for their parent company (Hedley Purvis (now Hydratight)) to access their servers remotely and securely from the Morpeth HQ and other locations (e.g. Aberdeen, Blyth, single-PC secure connections). I continued to be a key figure in the integration of their sites to the global Actuant wide area network - this included firewall and network router configurations, liasing with the parent company's IT department on change management etc.• As consultant, management of Energise-IT's external clients Internet-centric services, including web servers, domains and connectivity.• Assisting British Engines (BEL) to migrate away from their existing Gateway firewalls to Juniper alternatives. This meant the design of robust, failover hardware firewalls in their key UK locations, and the associated routing protocols (BGP and OSPF).• Other projects include full end-to-end technical project management and installation of Small Business Server networks, including secure remote VPN access to shared company documents and email. Show less

• 

  SPX Bolting Systems

  Dec 2013 - Dec 2015

  Engineer, Technical Services

  Key roles within the software development team:• Information Security OfficerResponsible for working towards ISO 27001 information security certification for the department & ensuring that all customer-confidential data was handled in an ISO 27001 compliant manner. This included interactions with our CISO & cloud security vendors to ensure that secure tools were used for both internal & customer-facing platforms. The role demanded that my info security knowledge remained relevant; this was aided by attending conferences (e.g. Infosec), webinars, security journals & bulletins• Management of internal server infrastructure & external cloud-based customer portalFor our internal architecture, this involved the maintenance & patching of our Windows 2012 servers & the associated SAN & Hyper-V virtualisation of the team’s Team Foundation Service (TFS). Set up & maintained the associated backup procedures & use of iSCSI technologyIn close relationship to our cloud-hosting provider, for the customer-facing cloud-based platform, ensuring the customers’ published application environment was secure, stable & available. This required Citrix skills, as well as raising technical support tickets with the vendor. I had begun researching the technical elements of taking the customer-facing platform to the next stage of evolution and capacity planning. This included evaluating our current vendor’s next-stage technical proposal according to my strategic requirements• QA/QC Software TestingAs the only non-developer in the team, my role was that of version release testing & reporting bugs and feature changes/enhancements. All testing and bug reporting performed within the TFS/Visual Studio environment• Customer ServiceInteraction with customers regarding software licence generation, bugs & an enabler for customer project provisioning. Other tasks included application demonstrations, customer training & providing feedback to the team Show less

• 

  ENGIE

  Sept 2017 - Jul 2021

  ICT Security Officer

  Responsibilities for IT Security within a regional Northeast England Local Government Authority, including:- PSN (Public Service Network) submissions (and remediations) - successfully facilitated the annual renewal of PSN accreditation for the Council for three years running- Business-As-Usual duties (firewalls, technology security advice and recommendations, network scanning, helpdesk tickets), - Projects participation, with security perspective- Recommendations for improvements to the estate infrastructure- Working with multiple technologies with a security perspective (O365 & Azure, LogPoint SIEM (Certified Administrator), scanning software (Nessus, Rapidfire Tools, OWASP Zap), NCSC's Protective DNS)- ISO 27001 input regaridng policies and auditor reviews Show less

• 

  CyberNorth

  Oct 2022 - Nov 2024

  Skills Lead

  Promoting cyber security within the Northeast of England:On behalf of CyberNorth, I was part of the region's NCSC CyberFirst schools project team, responsible for industry engagement, both for companies and cyber security professionals signing-up as Cyber/STEM Ambassadors. I am also a Cyber/STEM Ambassador, with DBS enhanced clearance.As skills lead, represented CyberNorth on local further education industry advisory panels, as well as communication with Northeast Universities, and participation in national UKC3 meetingsHelping promote cyber security awareness and collaboration within the Northeast of England technology community, via business networking (e.g. OWASP, ISC2, ISACA chapters), local technology events, and those events hosted by CyberNorth. Show less