Bleah!/ Curriculum Vitae

Navigation

Simon Edward Ward

Email: simon+cv@bleah.co.uk

Date of birth: 18 December 1981

Work Experience

Nov 2005—present

Westpoint Limited, Manchester

Senior Operations Consultant: Operating, maintaining, and enhancing the vulnerability assessment and web application testing services provided by the company. Security research, keeping track of security vulnerabilities, and developing and updating test sets. Administration of systems and ancillary services. Providing support for the services to customers, and advising on security issues and policies.

My role has involved security testing for and consulting with clients ranging from SMEs to major multi-national corporations. I have helped overcome challenges such as testing sites in virtual hosting and cloud-based environments, and remotely testing private networks.

I am a qualified Approved Scanning Vendor employee, approved to perform PCI Data Security Scans. I reviewed and implemented many of the changes to our infrastructure and worked with others on policies and procedures in order to meet the requirements for ASVs and scanning solutions.

I am responsible for system administration, and implementation of security policies, and develop tools to facilitate the operation of our services. I have built up an extensive knowledge of our systems, tools, and report generation, and am one of the first points of contact for colleagues.

I generated test cases for an in-house tool that checks the validity of x.509 certificates used for TLS and SSL. This led to the discovery of a weakness when validating wildcard certificate common names found in multiple web browsers.

Nov 2004—Sep 2005

Central Manchester CLC, Manchester

Software Developer: Responsible for system and network administration. Extending an online version of action plans used in schools. Developing a system to present pupil performance summaries.

Dec 2004—Feb 2005

Streamline Studios, Purmend, The Netherlands

Software Developer (off‐site): Developing parts of a web‐based project and task management software. Creating a client‐side task‐oriented front‐end for developers.

Aug 2002—Sep 2004

Park Hall Properties, Manchester

Network Administrator: Setup a local area network for a university hall of residence, with a netfilter (iptables) based firewall, basic QoS, and dnsmasq for DHCP and DNS forwarding.

Technical Skills

System and network administration: TCP/IP networking (including IPv6), routing, firewalls, traffic management, remote access, DNS, mail services, web services, x.509 (SSL/TLS) certificate management, Debian GNU/Linux, SUSE Linux Enterprise and other GNU/Linux-based systems, Microsoft Windows. - Software: Nessus, Nmap, Burp Proxy, Zed Attack Proxy, tcpdump, hping, Wireshark, OpenSSH, OpenSSL, GnuTLS, netfilter/iptables, Apache HTTP Server, nginx, Squid, ISC BIND, ISC DHCP, Postfix, Exim, Courier IMAP, version control systems (including Subversion and CVS), Trac, PostgreSQL, Oracle Database. - Programming and markup languages: Python, Perl, Bash and POSIX sh, C, C++, Java, NASL, GNU Make, JavaScript, Oracle XSQL, XSLT, XSL-FO, XPath, HTML, CSS, LATEX.

Education

Sep 2000—Jun 2004

The University of Manchester, Manchester

B.Sc. (Hons) Computer Science (Result: 2.1)

Project: Regular Expressions and Finite State Automata

Course modules studied in the subject areas of: Computer systems and networks, database systems, formal methods, software engineering, and professional issues.

Sep 1998—Jun 2000

Oldham Sixth Form College, Oldham

GCE A‐Levels: Computing (B), Mathematics (B), and Further Mathematics (D).

Sep 1993—Jun 1998

Royton & Crompton Secondary School, Oldham

GCSEs: 8 at grades A*—C including Mathematics (A*), Science (BB), and English (C).

Acheivements

I took part in the UK Mathematical Challenge and achieved gold and “Best in School” certificates. At school, I assisted in the running of an “I.T. lunchtime club”–working as part of a team, I helped other pupils learn how to use computers effectively. At university, I was a leader in the Peer Assisted Study Sessions (PASS) scheme, which involved mentoring first year students and providing help with course materials.

Interests

I like working with, and have contributed to, free software, and am an active member of the local free software and GNU/Linux users groups. I am interested in cryptography and key distribution, especially in distributed models such as OpenPGP’s ‘web of trust’. I enjoy casual cycling, socialisng, and reading, particularly science fiction.

Referees

Available on request.