1. Duncan Macgregor
32 Macrae Crescent, Dingwall, IV159NY
07554446254 • macgregor.duncan@gmail.com
INFORMATION TECHNOLOGY SECURITY SPECIALIST
As a security assurance consultant, having advanced from an entry level position in the last five years, I
have gained experience and skills across several vital IT services for our clients. During this time I have
acquired proficiency with technical solutions, liaising with support teams, and working closely with the
client to achieve their goals. I have been awarded an Employee Recognition Award for identifying a large
drain on resources and providing a solution to reduce required workload from thirty-two hours a month to
one hour by using automated processes. I am also MPS and SC cleared. I'm looking to obtain a position
that would further my skills and bring immediate and strategic value to an organisation's IT team.
AREAS OF EXPERTISE:
• Network and Systems Security
• Risk Assessment / Impact Analysis
• HMG Security Policy Framework
• ISO 27001/27002 standards
• Vulnerability Management
• Data Integrity & Auditing
• System Diagnostics
• Incident Management
TECHNICAL PROFICIENCIES
Training: ITIL (currently training), CISSP (Awaiting suitable exam date), FortiNet,
QualysGuard
Platforms: Windows 7/8/8.1, Windows Server 2008 R2, Linux, Mac OS, iOS
Tools: QualysGuard, FortiGate/Web/Sandbox, Websense, DatAdvantage, Symantec
MSS, Symantec Endpoint Protection, DESlock+, Active Directory,
PowerShell, WMIC, Vmware, LogMeIn, Microsoft Office Suite, Access
PROFESSIONAL EXPERIENCE
CAPGEMINI, Inverness, UK May 2016 – Present
Security Assurance Consultant
I was personally recommended to take over this role by the previous consultant due to my success in
the IT Security Analyst position within the same team. This role includes:
• Acting as liaison between project and client (UK Government Environment Agency) to assure risks
are addressed and remediated accordingly.
• Assessing projects with controls based on ISO27001/27002 for a full Security Profile, up to and
including a Baseline Control Set and Non-Functional Requirements.
• Experience in Vulnerability Assessment and interpreting the outputs for the Accreditor in a risk
management approach.
• Being fully conversant with HMG IA Standards, CESG SPF and GPGs.
CAPGEMINI, Inverness, UK May 2014 to May 2016
Information Security Analyst – Microsoft Compliance SME
During the relocation of security services by the company I was promoted to Subject Matter Expert on
Microsoft for the security team. However this role quickly expanded and included:
• Addressing and reporting on patch compliance standards to the client by leading vulnerability and
patching conferences covering Microsoft, Linux, and Unix.
2. • Identifying issues with patch compliance reporting, organising a project to increase accuracy from
80% to 100%, reducing time required to produce from a full week to less than an hour, and
communicating effectively to senior management and client stakeholders.
• Working with architects to determine fundamental security framework, and delivering a plan to
implement a Delegated Admin Model for the client network.
• Increasing efficiency by automating the reports for the Elevated Privileges Audit, eliminating four
days manual work per quarter.
• Addressing real-time threats and providing vulnerability assessments to known exploits, including
on-call responses.
• Actively responding to ad-hoc requests involving mail flow, web traffic filtering, high priority
conferencing and resolution and oversight of all infrastructure changes on the estate.
CAPGEMINI, Inverness, UK June 2013 to May 2014
Remote Desktop Analyst
By scoring high on the entry exam, I was directly accepted into the Remote Desktop team for assessing
and troubleshooting Windows 7 issues. With an end-user base of over 12,000 people, this included:
• Producing 300 field packs and providing assistance to field engineers as part of a short-term
project on a two man team.
• Practical use of DESlock+, WMIC and PowerShell, Active Directory and eDirectory administration.
• Frequently being given responsibility for difficult users who required not only advanced technical
assistance but sensitive customer care.
• Documenting new fixes and assisting other team members to troubleshoot issues.
CAPGEMINI, Inverness, UK January 2012 to June 2013
IT Service Desk Analyst / Change Administrator
• First line technical support including administration of eDirectory and Active Directory.
• Collated information and produced reports to assure client of business's risk management
capabilities.
• Minuted notes on client-facing and internal meetings.
• Strict adherence to procedures and policies, schedules for reporting.
• Achieved level 3 SVQ in electronic communication.
RACHAEL MACGREGOR LTD., Inverness, UK April 2011 to January 2012
CIO – Internet Marketing Training Company
• Successfully ran two live training seminars, responsibilities including: selecting the venue, setting
up the system to handle ticket payments and receipts for 100 attendees, live stream access, and
automated access to recordings.
• Ran monthly membership website and live training webinars, with security to allow access to paid-
for and drip-fed content for members only.
• Created in-house PHP scripts to distribute traffic to each client based on number of shares in co-op
from large advertisement lists purchased at bulk prices.
EDUCATION & CREDENTIALS
Bachelor of Arts in Japanese Language, Minor in International Business
PORTLAND STATE UNIVERSITY, PORTLAND, OREGON, USA
Focused on international relationships in enterprise business.
LEVEL 3 SVQ IN ELECTRONIC COMMUNICATION