SecuringSteven.com

Documenting Steven's journey into becoming some sort of security person

Job History Pt1

2022-11-07 5 min read

So… How did we get here?

To be honest, looking back, the last ~10 years in tech has flown by. I really don’t know what happened but all of a sudden, I’m getting old and I’ve been tinkering with technology for a while longer than I realised!

I haven’t always been in security… I never thought it would be a thing I could do. I always assumed that you had to be a “Security person” … I now joke that Security People are just ‘paranoid IT People’. :P

In seriousness though, I started this blog really, because I wanted to prove that there’s no such thing as a “Security person”… so let’s go back… riiiight back!

I started my career way back when I was still in school, for a company called “The PC Surgery”… they’re now called Amazing Support – and if you’re a business looking for an IT Support company – give Jamie and the team a call – you won’t be sorry!

I did a school holiday’s worth of work experience there, working with the team to fix all sorts of issues with their clients’ devices… anything from “My email doesn’t work” to a client in a metal yard whose computer wouldn’t turn on cos it was so clogged up with debris!

I went back and did more work experience with Jamie and the team and really enjoyed the variety of the things that would pass my desk!

The following work experience with Amazing Support, I was also lucky to do some work experience for a small Satellite Communications Consultancy - e2E Services. I spent a week with e2E as internal IT Support, a role that they didn’t yet have and at the end of the week, they offered me a full-time role!

I finished my A levels, and decided to also pursue an Apprenticeship which e2E kindly allowed me to do while working there, so I started my career 3 weeks at work and 3 weeks in a classroom, over and over for a year! At e2E, with no one in the IT team but myself, I was everything from Helpdesk, to the infrastructure engineer – My manager was a consultant with the company and had an incredible depth of knowledge of all things linux and networking. He’d regularly baffle me with his knowledge and ingenuity!

On one of my first days, he opened my laptop, SSH’d me into one of our servers, opened VIM and said “get out of that without quitting putty”. Needless to say, my go-to linux text editor (and maybe even on windows when writing scripts…) is VIM! :wq!

During my time at e2E I was lucky to get experience of all sorts of things different tech, infrastructure and software. My days were incredibly varied, from setting up Samba Shares, connecting the director’s laptop to the boardroom projector, to editing the config on our cisco routers, I never knew quite what the day might bring.

I added a VMware qualification to the CompTIA A+ and N+ I got through my Apprenticeship and used this new found knowledge to migrate our stack from 2 physical machines to a resilient fleet of multiple virts, with redundant offsite storage to ensure we had a disaster recovery plan. (I’m not sure I even knew what the cloud was at this point!).

We also moved offices - I negotiated all our suppliers (literally all, from the access control system, to furniture and the new ISP) and I managed to keep our downtime during the move to just 65 minutes… pretty impressive when you have an onsite physical mail server, 2 flights of stairs and no lift! Nearly 5 years later, I left e2E as a pretty rounded techie. (Resisting the urge to say nerd!)… the people were great and the work was varied but I needed something I could grow into a little more!

A huge shoutout to Eliot, Caro, Alan, and the e2E folk, and the colleagues I worked with at e2E, if you’re reading!

So, after a short break, I went to work for one of, if not the biggest non-bank Foreign Exchange providers… I went from a 30-person office and 1-person satellite office, to looking after 200 folks in London, 100 In Cornwall and then another ~250 spread out over about 20 offices all over Europe! Yet again, I was a bit of a jack of all trades – from fixing emails, Bloomberg terminals, or excel to configuring the phone system alongside our MSPs, implementing group policy changes or inventing unique solutions to enable our remote teams to have a similar experience as the people working on the trade floor in London.

I didn’t realise that I was already doing some things that I could probably consider as security now… I set up WDS, not only to save me time building new machines, but to ensure that I was installing software consistently and from a credible source as well as being able to centrally manage updates… I implemented update requirements on our MDM system for mobile email as well as tightening up GPO and removing admin privileges from places that didn’t need them…

I changed the default passwords on our network connected devices such as printers, and implemented a secure printing solution to ensure that only the person who printed the document could retrieve it from the printer… Without realizing it, I was slowly but surely forging my way into becoming a security person! After nearly 2 years with possibly the best view in London, I decided it was time yet again to dip my toe into some slightly larger water…

The view from my old desk, looking out over London. The view from my desk…

To be continued…

© 2023 by Steven Phillips
Bilberry Hugo Theme