WHO AM I
Zoë Rose is a highly regarded hands-on cyber security specialist, who helps her clients better identify and manage their vulnerabilities, and embed effective cyber resilience across their organisation. Whilst retaining deep technical expertise, Zoë has extensive experience in designing and executing cyber security awareness programmes to help people become more aware of cyber threats and uplifting critical cyber security processes and ways of working. She also has experience in maximising the value and effectiveness of technical cyber security controls across a variety of programmes and industries.
Rose is a Cisco Champion and certified Splunk Architect, who frequently speaks at conferences. Recognised in the 50 most influential women in cyber security UK two years in a row, and the PrivSec 200, Rose is quoted in the media, has presented on National News, has been featured in Vogue magazine, and was the spokesperson for Nationwide’s Oversharing campaign which reached over 306 million citizens.
INTERNAL SIEM AND AWARENESS PROGRAMME
Developed a highly effective internal cyber security awareness programme, focusing on the most valuable piece of security: humans. Using gamification and intrinsic motivators to enhance long term engagement. Teaching personal and professional security to create a safer and more knowledgable world.
INTERNATIONAL KEYNOTE SPEAKER
A strong presence in the information security community, with the aim to protect those whom cannot protect themselves. Zoë is a recognised international keynote speaker, and frequently travels internationally to share experiences across industries.
Featured in Vogue Magazine as a digital defender. Part of the PrivSec 200. Identified within the Top 50 Most Influential Women in the UK by SC Magazine two years running. Selected to be part of the Cisco Live Dream team 2015, and subsequently became a Cisco Champion since 2016 to current.
My Roles & Responsibilities
Regional and Supplier Information Security Lead, Canon EMEA
February 2021 - Present
Working with the regional offices to ensure security alignment, security and maturity assessments, ISO 27001 and Cyber Essentials Plus, mentorship, supporting incident response, vulnerability management, and security awareness.
CYBER SECURITY ANALYST, BH CONSULTING
February 2020 - January 2021
Incident response investigation, digital forensic support, penetration testing and vulnerability management. Mentorship and technical review. Cyber security assessments, security reviews, and due diligence.
SECURITY WRITER, BORA - IT SECURITY MARKETING
December 2019 - Present
Demystifying security for the every day person, sharing insights, and responding to the current security landscape.
CONSULTANT, BARINGA PARTNERS
November 2017 - October 2019
What do I do? Definitely a lot less consultanty work than you may expect. Baringa tailors the roles around their people, therefore, I adventure around the world sharing our passion of security and privacy by design. I focus on human behaviour, ethical hacking, education, and creating an accepting, safer world.
SENIOR CYBER SECURITY ANALYST, SCHILLINGS
March 2016 - November 2017
Specialising in supporting prominent individuals and their businesses establish better privacy and reputation resilience by improving their cyber security. Focusing on advisory and hands-on implementation across a variety of practices, including, best practice consulting, key security controls, awareness and culture, and secure communication environments designed to defend against highly funded and motivated threat actors, such as hostile governments.
OWNER, GLASS FROG TECHNICAL SERVICES
September 2014 - February 2016
Network analyst, project manager, consulting and information security. Worked with the Canadian Museum for Human Rights during setup of exhibits and grand opening. Work with not-for-profits with planning and online presence, as well as commercial and residential managed services. Consultant for ISP with upgrades to network configuration and implementation of new protocols
(PART TIME) TECHNICAL SALES ENGINEER, OCTOPI MANAGED SERVICES INC
November 2014 – March 2015
Enhanced culture of the company for more productivity and teamwork, managed sales, communication with clients, and information technology project management. Created customised network proposals for each client, organised contractors, purchased hardware and software
INTERNSHIP, ENTERPRISE OPERATIONS, MANITOBA LIQUOR & LOTTERIES
June 2014 – August 2014
Second response support, troubleshooting tickets while escalating calls as needed. Start of day security monitoring of systems and services, creating procedures, application end user training, disaster recovery, and slot machine management
IT MANAGER, LAZER GRANT LLP
May 2010 – December 2013
Information Technology Manager, responsible for managing the corporate network, ensuring adequate information security, improving the technology estate, and creating best practice policy and procedures
Rainbow of titles given throughout the years: Ethical Hacker, Researcher, White Hat Hacker, Security SME, Cyber Security Consultant, Cyber Security Analyst, Information Security Officer, Supreme Technical Commander, Technical Sales Engineer, NOC, IT Operations, Network Architect, Network Ninja, Social Engineer, Cyber.
TECHNICAL CYBER SECURITY
Logging and monitoring (experience with Splunk Enterprise and Enterprise Security),
Vulnerability management (experience with Rapid 7 Nexpose),
Patch management (experience with Solarwinds MSP, GFI LandGuard),
Access Control and Encryption (experience with Cisco ASAs, and SonicWall)
NETWORK AND COMMUNICATIONS
Network Security (IPSec, SSL VPN, Data Loss Prevention, Segregation, R&S security)
Operating system technologies (Windows, MacOS, Linux)
Enterprise infrastructure (Active Directory, DNS, Group Policy, Virtualisation and Cloud)
Scripting (Bash, Python)
What I’ve Learned
SPLUNK CERTIFIED ARCHITECT
BUSINESS INFORMATION TECHNOLOGY, RED RIVER COLLEGE