Tamara Samuel

• Proactively identified business gaps within vulnerability patching and developed a cross-departmental project to ensure services, applications and operating systems are kept in line with government regulations and accreditation standards.
• Participated and supported regular security incident meetings, assisting security leadership with critical tasks to enhance overall security posture.
• Analysed Penetration Test findings and managed the rollout of remediation for the Pen Test results across the last two years.
• Generated regular vulnerability reports using Tanium, contacting affected users to support remediation efforts.
Created reports such as; Weekly Vulnerability Breakdown which analysed machines in line with CVSS Scoring and Environments that required immediate attention; Top Ten Vulnerable Machines that addressed specific machines most at risk on the estate; Software Breakdown, highlighting required updates and Out Of Support applications; OS EOL Tracker monitoring Operating Systems that are no longer in vendor support to aid in efficient tracking of vulnerabilities and remediations.
• Produced a MOD Cert Tracker to monitor government-mandated responses to security incidents.
• Validated new technology configurations for security and risk, including (COTS) commercial off-the-shelf devices and open-source applications.
• Managed the timely and efficient processing of security alerts and related queries within defined SLAs.
Initiated full ownership of the Change Control process, spearheading the development of documentation, policies, and request forms. Centralized all Information Security Requests within the procedure, ensuring seamless integration. Meticulously documented and tracked each request through all approval and review stages.
• Directed and supported employees in offering security expertise, ensuring the protection of business security while enabling smooth and efficient business operations.

• Actively solved security problems as part of a team such as; Issues involving Cloud Infrastructure, SOC, Risk Management, Auditing processes, Vulnerability Assessment, Threat Intelligence, GRC and creating and delivering Training and Awareness programs.
• Managed and Configured User Permissions, Access Controls and security operations on Windows 10.
• Troubleshot and conducted analysis on existing network architectures and presented findings; using software such as Splunk, Virus Total and IBM QRadar and Wireshark .
• Firm understanding and experience of vulnerability assessment (ISO27001, NIST), penetration testing and threat analysis.
• Installed and Reconfigured IOS and Windows Operating Systems, experienced altering configuration of firewalls.
• Identified vulnerabilities and risks within organisational structures
• Produced Awareness and Training Programs regarding compliance policies.
• Created systems and procedures through the use of Incident Response planning, informed by up-to-date research and incidents, and aided outlining appropriate response plans for future breaches.

• Liaised with stakeholders regarding updates, resolving 20+ queries daily regarding ongoing or completed projects.

• Compiled reports and correspondence consisting of data and conducted analysis on retrieved findings.
• Collaborate interdepartmentally with co-workers to assist in acquiring solutions to issues and maintaining communication through informing colleagues of updates or changes to systems or errors that have occurred.
• Ensuring updates and amendments of records are completed in a secure and timely manner.