Information Security Key Management

TONY JAMES

Address Phone +44-797*******

*** ******** *****, ******** *******, LU7 2TZ, UK Email ****@*************.*** INFORMATION/PAYMENT SECURITY

SECURITY ENGINEER CONSULTANT SALES ENGINEER

A top-performing and CISSP qualified previously UK SC cleared Senior Security Consultant with extensive experience in Payment Hardware Security Products, Security, Support, and Pre-Sales. A proactive expert with a successful track record of providing administrative direction and developing and implementing operational strategies critical to organizational success. An excellent understanding of the Payments industry through his employment at ACI Worldwide and Thales e- Security, from in-depth knowledge of EMV issuance through to the acquiring of transactions with experience of selling, supporting and training companies throughout EMEAI. Instrumental in developing customer specifications for HSM customization to the Thales payment HSM, delivering training and technical advice to customers, and facilitating installations and support of customer projects. Poised for senior security position in Space Sector/Payment Industry.

“Knowledge of satellite orbits and communications, space robotics, ground stations for spacecraft communications, GNSS (specifically Galileo), Unix Shell programming, HPUX and AIX system administration, Tandem, SQL and PL/SQL client server languages, Electronic Key Management for

"data at rest" and "data in motion", and hardware security for encryption, key management and PKI”. CSSSP (from February 2021), ITIL 2011 Foundation (from December 2013), PCI QSA (February 2012 to September 2013), CISSP (since January 2008), and MBCS (since August 2008). AREAS OF EXPERTISE

Information & Network Security/Governance Cryptography & Encryption

EMV, Smart Cards, CISSP, PKI, CCSDS and ECSS Vulnerability Management

Product Management Testing & Analysis Payment Systems Security Policies

Systems Engineering UNIX, SQL, Linux Risk Management Two-factor Authentication

ITIL v3 Foundations Certified Observational Astronomy Infrastructure Management

Systems Design Program Management Satellite Communications Space Robotics

Spacecraft Design Rocket Launch Systems Space Cyber Security

Team Building Electronic Payments Effective Communications Conflict Resolution PROFESSIONAL EXPERIENCE

GEO SPACE LIMITED (My limited company), LEIGHTON BUZZARD FEB 2014 – PRESENT Since April 2014 GEO Space Limited is an official Associate Member of the international "Consultative Committee for Space Data Systems" (CCSDS) through the UK Space agency. FOUNDER AND SECURITY CONSULTANT, DIRECTOR

Deliver security, key management and risk services to companies working in the Payment and Space Industries.

TONY JAMES 2

Co-operative Bank, Manchester AUG 2022 – MARCH 2023 CRYPTO SECURITY ENGINEER HSM/SME (CONTRACT VIA MODIS) Managing the migrating of HSM Estate to latest hardware, including payShield 9000 to 10K, Safenet Luna SA5 to SA7, Safenet KeySecure to Ciphertrust manager, and Entrust nShield to nShield connect XC. Support the demise of old HSMs, and implement the new replacement devices. adding support for TLS, and ensuring the devices have PCI HSM compliant configuration. Assist with updating documentation, and planning any other improvements to the systems including better utilization of test lab equipment.

HSBC, SHEFFIELD JAN 2021 – MARCH 2022

CYBER SECURITY ENGINEER HSM/SME (CONTRACT VIA PROTIVITI) Analyse further the configuration and use of HSM within the bank, and implement best practice security in all areas and move away from the application driving the security requirements and put the HSM at the forefront driving requirements in the applications. Update to new versions of firmware and demise any legacy and custom command where possible. Migrating payShield 9000 to payShield 10K. Support the demise of payShield 9000, and thus implement the payShield 10K with payShield manager, payShield monitor. Adding support for TLS, enabling multiple LMK, and ensuring the devices have PCI HSM compliant configuration. Liaising with applications teams in India, Turkey, Saudi, Malaysia, and UK to ensure a smooth transition to the new HSM devices. Using project management, risk assessments and system architecture skills along with in-depth knowledge of payShield 10k HSM to enable easy identification of issues arising from incorrect configuration of the HSM against the baseline configs’ MYHSM limited, AYLESBURY MARCH 2020 – AUGUST 2020

PAYMENT SECURITY CONSULTANT

Building Support and onboarding processes for new customers in the fledgling company. Assisting with HSM installs for payment HSM payShield 10K from Thales and AT1000 from Utimaco. Evaluating the Utimaco HSM for use in the MYHSM cloud ecosystem. assist customers during testing and ensure smooth migration to live service. Third security officer at SoC for key generation and distribution. ROYAL BANK OF SCOTLAND, EDINBURGH SEPT 2019 – FEBRUARY 2020 PKI HSM/SME ENGINEER (CONTRACT VIA LORIAN)

Facilitated the PKI migration team within the project to migrate from 2008Server to VMs on 2016Server, with Gemalto Luna HSM configuration in testing and production environments. Building production HSM into a service offering and assisting the BAU teams and HSM support GSA on location at GSMC, Paris Saint Germain AUG 2018 – MARCH 2019 PRS SECURITY CONSULTANT (CONTRACT VIA SPRING TECHNOLOGY FOR CGI) Develop and implement future security strategies for the Engineering and Design phases of monitoring the Galileo GNSS signal in space for GSA onsite at the Galileo Security Monitoring Center. Direct management of the installation of Galileo capable Antenna, cabling and GPS receiver liaising with contract supplies, Senior Galileo experts and EU officials. Negotiate with Engineering to ratify an advanced receiver to meet future operation requirements of the Galileo PRS system. Ensure all security documentation is properly maintained and updated as the programme develops and that changes flow to TONY JAMES 3

the policy and technical areas of the programme. Establish effective working relationships with relevant onsite GSA personnel and other public bodies to engage them in System Security development and implementation for and within the programme, and to ensure that they have a common understanding of the programme’s wide-ranging security and Accreditation requirements and objectives coupled with the programme’s aims. Provide update briefings to security and system accreditation, and security input into GSA and CGI procedures as required to support the programme. Ensure that the security as a programme and business enabler rather than technically-led. Lead delivery and provisioning of system security requirements, and the implementation and system security accreditation documentation which is policy focus. Identify and challenge any programme failures and action in accordance with the security policy objectives so that it can be considered and addressed if necessary. BNP Paribas Fortis, BRUSSELS APR 2018 – Aug 2018

PKI CONSULTANT/ENGINEER (CONTACT VIA OXFORD CORPORATION) Lead consultants for the deployment of a new PKI for existing development and test systems, keeping within existing production PKI with updates and enhancements whenever possible, including ceritifcate pinning, and revocation lists CRL and OCSP. Assist with the development designs CA policies, Key Ceremony documentation, and Root CA Operations

Thales eSecurity, LONG CRENDON APR 2017 – Dec 2018 HSM CONSULTANT (CONTRACT VIA MORSONS INTERNATIONAL) Delivered HSM and associated software training courses to customer. Working with customers to design customized firmware commands inside the HSM and write specification used by engineering/development to implement commands on the HSM. Supported customer’s onsite with any HSM projects, including installation/project implementation, key migration, project management and security advice/recommendations. Assist with PreSales support for payment HSM’s and associated software.

EDUCATION & CREDENTIALS

Master's Degree, Satellite Communications Engineering, University of Surrey (*Not yet completed) BSc 2.2, Computer Communications, Greenwich University, 1996 HND, Computer Studies, Newcastle College of Art and Technology, 1987 HONOURS & AWARDS

Space Systems Engineering 101, NASA and Saylor Foundation, April 2014 PROFESSIONAL DEVELOPMENT

PCI QSA, PCI DSS License 202-407, February 2012 to September 2013 ITIL 2011 Foundation, APMG Group Ltd. License 102**-******, December 2013 CSSSP, Certified Space Security Specialist Professional, March 2021 CISSP, ISC2 License 101338, since January 2008

PROFESSIONAL AFFILIATIONS

Member, British Interplanetary Society (BIS), February 2014 to 2022

Contact this candidate