Who I am.

I've always been into tech; I grew up building computers with my dad. I remember building my first PC with him when I was about 7 and playing Call of Duty 4: Modern Warfare. Actually, playing it so much my dad bought me an Xbox 360 Arcade so he could have his computer back! Since then, my whole life has been a battle with wanting the newest shiniest toys and understanding when you don't actually need them.

I did a lot of silly things as a teenager. I had a DL380 G7 in my parents' cupboard running game servers for me and my friends (that was noisy). Got banned from my school's network for six months when I found out how to get into the registration system (the groups folder was public, what could I say). Me and my best friend used to use an IR blaster to turn the projectors off in Spanish class. One time I ran an ethernet cable through my parents' house, downstairs, up through the floor, while they were out for the day. In hindsight, doing something in tech was always going to find me and it turned out to be Cyber Security.

My journey into Cyber Security started straight out of college when I was 20 at CyberFit Security, a small local outfit where the SOC was being run by a single guy called Joseph. With me joining but knowing nothing Cyber Security, that made it a 1.5-person team! I got thrown in the deep end, on my first day Joseph said "here's an incident, give it a go" with no other context. Turns out that was just a bit of fun at my expense, but how was I to know, this was my first "real job" experience.

Eventually, with some time and training, we became a proper (as proper as two people can be) two-person SOC, triaging thousands of alerts a month. Our client base ran across finance, education, energy, you name an industry, we probably dealt with it. Week-on/week-off on-call, which works surprisingly well when there's only two of you. A small part of me misses those days, but it was a hard lesson. There's no gentle introduction to the industry when it's just you and one other person; you learn fast or you fall behind.

In 2023 after two years with CyberFit we merged with Meridian IT via TUPE, partnering with a larger MSP to grow the client base and build a proper MSSP managed SOC service from scratch. I'm talking the full monty: KQL detections, runbooks, reporting templates, processes, RCA docs, onboarding procedures, frameworks, the lot. More clients, more scrutiny, more process, but the core work was still SOC, still triage, still investigation.

About a year in I took over as the senior escalation point, which was the first time I had to think beyond my own queue. Owning detection quality, mentoring juniors through SC-200 prep, maintaining the runbook library, being the person the rest of the team came to when things got weird. I liked it, teaching is its own kind of problem-solving.

After that I got the chance to jump across to the Cyber Security Engineering team for 16 months on a greenfield CNI programme, CIS Level 2 hardening across the estate, HA firewall pairs, internal PKI, out-of-band management, site acceptance testing, production handover. The whole lifecycle from design doc to sign-off. It was a deliberate detour, and easily the most useful stretch of my career so far. You see the same security problems from a completely different angle when you're the one building the thing.

End of 2025 the project wrapped, and I came back to the SOC as Manager, inherited a team of five, and spent the first few months rebuilding the commercial framework, the old time-allocation model was untraceable, and it was costing us. Day-to-day I still sit as the senior technical escalation point. I will always and forever be a technical body; that's a key part of the job I don't want to lose.

Long-term I want to end up as a Security Architect. I've always cared about growing and learning and knowing how infrastructure is built is a real edge for anyone working in detection. You can't detect what you don't understand, and the best SOC work I've seen comes from people who know the infrastructure well enough to predict where it'll break.