Lead Infrastructure & Cyber Security Engineer

Lead Infrastructure & Cyber Security Engineer responsible for technical consultancy, solution architecture, and security engineering across diverse client environments. I work directly with customers in sectors including technology and transport, human intelligence and finance, designing and implementing secure, scalable systems. I drive innovation within Nova Blue Technologies to strengthen our managed security service delivery and operational maturity. Key Achievements/Projects: Designed and deployed a fully automated M365 security configuration management platform, enabling consistent, baseline-driven deployment of 200+ security configurations per tenant within hours instead of weeks. Fully developed in-house to eliminate third-party risk, the solution makes customer change approval the only limiting factor to deployment speed. Beyond initial deployment, the platform performs continuous baseline compliance checking with drift detection and proactive alerting, ensuring tenants don’t just get secured once, but stay secured. Architected and implemented an automated import/export system enabling secure, seamless data transfer between low and high-security domains. The solution eliminated the need for a dedicated manual process (previously budgeted at ~£21,000 per year) and reduced ongoing operational costs to ~£3,000 annually, delivering a more efficient, compliant, and cost-effective capability. Designed and implemented a declarative, IaC-style permissions management system for customer shared mailboxes, built on a PowerShell automation backend and delivered via GitHub Actions into Exchange Online. Replaced a manual, knowledge-dependent process where engineers had to recall role-specific permissions individually, reducing permissions management from hours to minutes. On first execution the system automatically detected and remediated incorrectly assigned permissions, immediately improving the customer’s security posture and eliminating the risk of human error in ongoing role-based access changes. Led detection engineering initiatives that delivered unified visibility and threat detection capabilities across customer: cloud services, SASE solution, on-prem network security platforms (inc. Palo Alto, Sophos, Thor APT), Linux and Windows servers, virtualisation environments (Proxmox, VMware), OT infrastructure and end-user workstations. Enhanced detection of insider data exfiltration and identity compromise risks, addressing key business threats in a highly sensitive environment. Overhauled daily analyst workflows by developing data visualisation dashboards within the SIEM, consolidating customer environment security data into a single-pane view. Standardised proactive daily security oversight across the MSSP and reduced analyst time to complete all customer checks from four hours to one. Developed automated KPI collection systems to track customer security posture improvements over time, eliminating manual reporting effort. Enabled expansion of tracked metrics while ensuring consistent, error-free data collection and accurate trend analysis with no missed or mistyped inputs. Actively contributed to internal process improvement and scalability, developing fully documented workflows with visual flow diagrams to support workforce expansion and business efficiency improvements. Streamlined operations by identifying and removing process choke points, enabling consistent, high-quality MSSP service delivery at scale.

Technology Blog Author

I run a technical blog where I share insights, lessons learned, and innovative ideas from both professional and personal IT projects, aiming to communicate complex technical concepts in a clear, accessible way and contribute to the wider cybersecurity and IT community.

Development Lead

Development Lead for an in-house developed, multi-classification secure communications system that transformed the RAF’s approach to capability delivery. Responsible for securely integrating data centre technologies within deployed networking environments to deliver a fully service-managed platform with comprehensive network and cyber monitoring. Lead and mentor a team of eight engineers, guiding technical delivery and fostering professional development to meet operational requirements. Oversee and innovate system operation across two UK hub sites and ~86 customer sites, ensuring resilience, security and continuous improvement in mission critical environments. Key Achievements/Projects: Recognised on the King’s Birthday Honours List 2024 and awarded a three-star commendation for scaling secure remote access to high-security MoD infrastructure, a feat recognised as unique in the field. Evolved an original one-month prototype into a production-ready, dual-hub redundant solution, delivering eight additional nodes on end-user demand including a dedicated system for the UK Chief Joint Operations, Britain’s most senior operational commander. All nodes are live across active operations. Central to delivering the Raven system across live military operations at a total programme cost of ~£15M over five years, providing greater capability than a lower-performing alternative that was projected to cost ~£80M to scope and architect alone, maximising operational effect and Defence value for money. Technical lead for a £2M dual-site data centre and redundant NOC/SOC hubs, fully configuring core infrastructure and coordinating Defence and industry partners through installation. The architecture now delivers 99.3% critical service availability at each hub site and increased remote-site mission-critical availability from 92% to 100%. Designed and implemented a dual-site, single-cluster Splunk SIEM infrastructure, now recognised as the strategic analytics platform for Air Command’s deployed networks and funded for long-term adoption. Architected the system to Zero Trust and Secure-by-Design principles in compliance with NIST SP 800, JSP 440, and JSP 604, ensuring robust protection and interoperability across multi-classification environments. Led technical engagement with Palo Alto Networks, Cisco, and VMware to evaluate next-generation firewall, SD-WAN, and SD-routing solutions, producing documented architecture options that informed the programme’s technology roadmap. Led scoping and design of a migration from legacy architecture to VMware Cloud Foundation (VCF) using NSX, vSphere, and vSAN, defining capabilities, benefits, and migration paths to improve scalability, performance, and security posture. Transitioned SOC tooling from legacy IDS and PCAP to Corelight, streamlining analyst workflows, improving network visibility, and enhancing real-time threat detection. Implemented CI/CD pipelines with structured Git version control, introducing code validation and ensuring secure, traceable infrastructure deployments across all system nodes. Overhauled backup and disaster recovery processes across MSSQL, VMware, Windows, and Linux, automating tasks and delivering visualised recovery insights for first-line operators. Enhanced automated system build tooling to enable parallel environment provisioning, removing technical constraints and allowing the programme to scale effectively. Led a 14-member remote recovery team during live operations, restoring CIS services following major equipment failure and ensuring NATO operations could continue without interruption. Re-engineered the system’s network architecture from a single-hub DMVPN design to a dual-hub MPLS-over-DMVPN topology, aligning with secure service provider networking standards. Without this redesign the dual-hub infrastructure would have been unreachable to edge nodes, making this a foundational change that unlocked the redundancy, resilience, and performance improvements delivered across all ~86 remote sites. Owned full operational responsibility for an infrastructure estate of 151 physical servers, 348 virtual machines, 300+ network devices, and 201 security appliances across two hub sites and ~86 remote nodes. Maintaining reliability, compliance, and security across a mission-critical Defence programme operating continuously on live operations. Technically directed the design and delivery of Project ACHERON, a cross-domain data fusion solution that aggregated feeds from multiple low-cost sensors and high-end air platforms into a single-pane operational picture for key decision-makers. Adopted by 50+ tri-service users, the system directly enhanced operational effectiveness by ensuring commanders had real-time situational awareness to inform effect delivery across the battle space. Served on the Cyberspace Profession Advisory Team (CPAT) and 90SU Shadow Board, mentoring junior personnel and contributing to the strategic development of the RAF’s cyber profession.

System Development Engineer

System Development Engineer for the Raven secure deployable communications system, responsible for architecting, and implementing enhancements across the platform to improve capability, reliability, and security for UK Defence users. Combined broad technical expertise with hands-on delivery to develop and integrate new features, streamline operations, and continually evolve the system in line with emerging operational and cyber requirements. Key Achievements/Projects: Developed and implemented a full automation system for deployed site build/configuration, reducing manual deployment time from 3 months to 5 days. Enabled junior engineers to independently manage the end-to-end process, freeing senior personnel for high-value work and directly supporting delivery across 7 operations and 5 testing exercises within a condensed timeframe. Awarded the RAF Innovation Award for designing, prototyping, and deploying (within 1 month) a first-of-type clandestine expeditionary UK MoD SECRET solution for non-technical personnel, overcoming bearer-agnostic connectivity challenges on a system not designed for field use. Outperformed industry timelines and remains UK Defence’s sole low-SWaP SECRET capability 2+ years later. Led a 6-person team to architect and deploy the communications backbone for the UK’s Air Policing mission, ensuring timely delivery of mission-critical digital infrastructure to meet NATO commitments. Implemented Windows and Linux server automation for reliable scaling and de-scaling of UK hub infrastructure, complementing deployed site automation and providing consistent, repeatable provisioning across the full system estate. Applied ITIL-aligned service management processes ahead of the system’s first live operations, establishing structured fault reporting and rectification workflows that were critical to operational success from day one. Developed and delivered targeted technical training for newly qualified engineers, bridging the gap between standard RAF training and the complexity of the Raven system. By building on fresh foundational knowledge rather than assuming experience, rapidly brought junior engineers to a level where they could independently support a system significantly beyond their initial training scope, directly expanding team capacity across live operations, exercises, and new feature delivery.

Solutions Architect

Solutions Architect within the RAF’s RAID Flight, responsible for scoping, designing, and delivering innovative solutions to complex Defence IT problems. Produced formal scoping papers outlining technical options, risks, costs, and recommendations, then led technical delivery, rigorous testing, and documentation. Regularly translated highly technical solutions into clear language for non-technical stakeholders, senior officers, and industry partners, ensuring shared understanding and informed decision-making. Key Achievements/Projects: Contributed to a 4-star Multi-Domain Integration demonstration on Ex RAVEN STAG and Op AGORA, delivering innovative communications solutions that directly influenced future capabilities, including those later deployed on operations and in support of Police Scotland during COP26. Independently scoped, designed, and delivered a low-cost solution to remotely control ground-to-air radios for Ex COBRA WARRIOR, engaging with industry partners and authoring a widely circulated report that led to adoption of a new air combat communications capability. Appointed technical lead for interoperability between 90SU’s RAVEN CIS and in-service radar systems, resolving critical faults during Project GUARDIAN acceptance testing and enabling radar feed sharing to meet timelines for the UK Control and Reporting Centre upgrade. Selected as Subject Matter Expert for the Falcon Early Entry Capability (FEEC), routinely consulted by senior engineers and unit leadership on complex network design, troubleshooting, and enterprise networking concepts.

Network Engineer

Deployed network engineer responsible for designing, implementing, and operating secure communications infrastructure in austere environments, typically supporting 50–250 end users per site. Provided the backbone connectivity that enabled air operations to function, ensuring networks were robust, resilient, and secure through proactive monitoring, fault-finding, and close coordination with UK-based data centre teams and operational leads. Rapidly progressed to lead network engineer on an overseas operational tour after only one overseas exercise, reflecting strong technical ability, reliability, and leadership under pressure. Key Achievements/Projects: Ranked in the top 2% of 189 engineers across TCW and recognised as a go-to technical lead, consistently performing at a level expected of more senior ranks. Designed and deployed secure network infrastructures across multiple exercises and operations, establishing IPsec VPN links over varied underlay networks to deliver reliable, protected reach-back to UK infrastructure in austere and contested environments. Led resolution of complex network incidents during live operational deployments, minimising downtime and maintaining continuity of mission-critical communications under pressure.