Mike F.

Security Architect

Greater London, England, United Kingdom

About

A Security Architect for a major financial player with a background in networks and operational security, providing everything from the long term Security Architecture roadmap, down to the day to day advice for those who need to achieve immediate requirements within the approved architectural framework. Effective at Collaboration to bridge the silos between stakeholders such as the Business, the architects, and IT Security, whilst retaining an oversight of operational security architecture issues. Driving the company towards borderless network access, from secured access points to protected data - in order to provision cost effective access to cloud services from a diverse and mobile user base. My approach is to understand the present Architecture before trying to change it - and to engage proactively with the Customers and IT to become a trusted partner in effective collaboration. My vision is to achieve a layered model of controls that provide both a strategic mix of best practice in prevention, combined with a consolidated log and monitoring view to enable a rapid and appropriate incident response. I have a broad and experienced background in operational security - with a strong instinct for the genuine threats that require a pragmatic response implemented through enterprise architecture. I enjoy success as an effective leader of change. Key Skills and Qualities 28 years experience in IT via a large variety of operational, consultancy and architecture roles. Patient, mature and professional. Security conscious, self-motivated, and keen team player. Loyal, trustworthy, dedicated, honest and enthusiastic. CISSP qualified Security Professional. Flexible and thorough in completing tasks and objectives. Excellent interpersonal, documentation, and communication skills. Highly analytical, with strong consultancy skills. Strong conceptual thinker, and able to research and review best practice in many IT disciplines.

Experience

  • Security Architect at Financial Services
    Aug 2014 - Present · 12 yrs

    Effecting Security Architecture to promote the good of the people of the United Kingdom.

  • EPSCA Under 11 coach at Sussex Junior Chess
    Jan 2009 - Present · 17 yrs 7 mos

    Sussex Junior Chess Coaching at a Non-Profit voluntary organization.

  • Security Architect for Friends Life working for Diligenta at Diligenta
    Mar 2012 - Jul 2014 · 2 yrs 5 mos

    Responsible for execution of all Security Architecture for large Financial Services Client. Friends commissioned Diligenta to perform a number of key transformation activities in a “Service improvement program.” This included most of the IT support for a major BPO outsourcing deal, and the migration of data away from the Friends Mainframe system into a new strategic Datacentre. For the new Datacentre design I set the strategy for a segregated data centre using virtualised internal firewall zones with a long term goal for Role Based Access control. I reviewed all the security layers in use and recommended the approach that would consolidate them into a single Security Architecture. This considered the multi tenancy principles for a shared data centre environment and the types of system which could be shared, versus those that would need separation. During this period many system changes were initiated, shaped, evaluated and are progressing, including a cloud contact centre technology, A cloud email and collaboration solution, a strategic and borderless solution for internet access, the central logging systems, Vulnerability scanning systems, Dual factor authentication, PCI compliance, a major DLP project, and internet segregation. I was engaged in requirements gathering, shaping, the evaluation of products, design reviews, and governance - including a multi-million pound migration of IT support towers from the legacy IT supplier to Diligenta. Simultaneously: Consultant within IT security: As part of the IT security team I had visibility of significant IT security issues. This included pen test findings as well as new client work orders and all significant changes with a security impact. This continued to enable a pragmatic view of the priority issues needing urgent remediation and ensured I was able to collaborate with a broad range of experienced security professionals as well as a specialized team of enterprise architects.

  • Security Architect at Friends Life group
    Jan 2009 - Feb 2012 · 3 yrs 2 mos

    Security Architect: I was accountable for the overall Security Architecture of the organization. This included the long term strategic roadmap and security architecture principles, and the anticipated changes required to enable future business access to critical cloud services, partner organizations, and mobility services, while maintaining and driving existing core architecture implementations - all in a secure way. I communicated the business benefits of the Security roadmap to allow Senior Management to take up opportunities (such as cloud web security services) as they arose. I also delivered the Security Architecture relevant to the short term tactical requirements that are necessary to meet the immediate needs of the business. These short term changes included the separation and integration of a number of merging businesses, into a target operating model that will service the combined organization. There was also a need to secure transformation, and service improvement, in conjunction with a large scale outsourcing and off-shoring project. I maintained and documented the existing Security Architecture including all layered Security components, and their interfaces with critical business components such as ecommerce, web access, email, and core IT services. I also lead the governance of provider services relevant to this architecture. Within the IT security team I also provided Security consultancy and was accountable for all changes affecting the security architecture.

  • Friends Provident (Dorking)
    • Network Security Consultant
      Oct 1995 - Dec 2008 · 13 yrs 3 mos

      Network Security Architect / Support Engineer Accountable for the strategy and posture of all firewalls and the Tiered Network Design – including the design, integration, and evaluation of ecommerce reverse proxy servers and associated firewalls into the legacy ecommerce architecture. Responsible for the allowed protocols and zones of network trust within the organization. Responsible for the project management and coordination of the network team resources to deliver a safe, successful, security posture. Managed the transition from internal firewall appliances to an upgraded vendor independent solution. Leading the SME strategy for the planning and usage of firewalls, Web content control, & the vulnerability scanning implementation, while also providing support cover as required for all aspects of Networks services and systems. Responsible for regular attendance of Security Strategy meetings at both a technical level (with other service hosting consultants), and at a policy level (to assist the key security policy makers). Principal Bugtraq reviewer for operational services. Principal operational consultant for arranging, specifying, implementing, reviewing, and moderating external Pen test audits against the Network Infrastructure, and helping to prioritize remediation work required. Reviewed and specified browser security settings. Audited security controls for perimeter network devices.

    • Systems Engineer
      Oct 1985 - Sep 1995 · 10 yrs

      Starting in IBM Mainframes as a Systems programmer - and progressing via a Technical projects group to lead client server implementations through from design into implementation and subsequent support and handover.