Jack Stuart, CISSP, CCSP

Cyber Security Professional, Bristol, UK

Professional Profile

Cyber security professional with experience across security operations, vulnerability management, and security testing within complex enterprise environments. Fully certified CISSP and CCSP, with completed OSCP training (labs and exercises).

Highly hands-on and technically strong, with the ability to bridge blue team, purple team, and red team activities by pressure‑testing controls, translating findings into remediation programmes, and reducing organisational attack surface. Experienced working to CIS, NCSC, NIST, and OWASP guidance, and communicating risk clearly to both technical and non‑technical stakeholders.

Core Skills & Expertise

  • Cyber Security Testing & Control Validation
  • Vulnerability Management & Remediation Programmes
  • External & Internal Attack Surface Management (EASM)
  • Penetration Test Scoping & Assurance
  • Web Application Security Testing
  • Threat Hunting & Incident Investigation
  • SIEM / EDR Operations & Engineering
  • Active Directory, Server & Endpoint Hardening (CIS / NCSC)
  • Cloud & Hybrid Security (Microsoft & SaaS)
  • Security Tooling, Automation & SOAR
  • Stakeholder Engagement & Risk Communication
  • Python, Bash, and PowerShell scripting

Certifications & Training

  • CISSP – Certified Information Systems Security Professional
  • CCSP – Certified Cloud Security Professional
  • OSCP Training Completed (coursework and lab exercises)
  • ITIL v4 Foundation
  • Automating Administration with Windows PowerShell (QA)

Professional Experience

IT Security Analyst

Public Sector Regulator | September 2021 – Present

Senior security analyst role covering vulnerability management, security testing, and security operations across a mixed on‑premise and cloud estate.

Responsibilities & Activities

  • Lead vulnerability management, including prioritisation, risk scoring, and remediation planning from scanner and penetration test outputs.
  • Scope, manage, and assure third‑party penetration tests, acting as technical point of contact.
  • Translate penetration test findings into actionable remediation plans and track delivery with infrastructure and application teams.
  • Perform web application scanning and in‑depth vulnerability investigation.
  • Conduct internal and external attack surface monitoring to identify exposure drift and reduction opportunities.
  • Design and run phishing simulation campaigns, feeding outcomes into awareness and control improvements.
  • Monitor and investigate SIEM and EDR alerts, performing root cause analysis and incident investigations.
  • Conduct threat hunting and proactive perimeter assurance activities.
  • Perform user access reviews and privilege assurance.
  • Harden Active Directory, servers, and endpoints in line with CIS and NCSC guidance.
  • Develop SOAR automation to enrich alerts with contextual and OSINT data.

Key Achievements

  • Delivered remediation programmes that significantly reduced enterprise vulnerability risk.
  • Led implementation and integration of SIEM, vulnerability management, and automation tooling.
  • Designed automation workflows that reduced SOC investigation time.
  • Migrated and optimised vulnerability scanning infrastructure to improve coverage and performance.
  • Expanded endpoint and asset visibility through full deployment of vulnerability agents.
  • Conducted firewall testing and hardening against reverse‑shell and C2 techniques.

IT Service Desk Engineer / Systems Administrator

Public Sector Organisation | November 2016 – September 2021

Progressed from service desk into systems administration, supporting enterprise Windows infrastructure and contributing to major security and cloud transformation initiatives.

  • Administration of Windows endpoints, Active Directory, and Microsoft 365.
  • User lifecycle management (joiners, movers, leavers) and access provisioning.
  • Email security, spam filtering, and web proxy management.
  • Build, image, and deploy hardened workstation builds.

Selected Projects

  • Supported migration from on‑premise infrastructure to federated cloud identity (Azure AD & Exchange Online).
  • Assisted with Azure MFA rollout and secure identity adoption.
  • Contributed to organisation‑wide Microsoft 365 deployment.
  • Designed and built hardened virtual desktop solutions aligned with NCSC baselines.

Sound Engineer / Studio Manager

Commercial Recording Studio | April 2012 – April 2016

Managed a commercial recording studio, combining technical engineering expertise with business ownership responsibilities.

  • Designed and administered studio IT and network infrastructure.
  • Delivered recording, mixing, and mastering for professional clients.
  • Managed marketing, bookings, and day‑to‑day business operations.

Home Labs & Personal Projects

  • SOC‑focused SIEM stack using Docker Compose (EDR, log management, DFIR tooling, and dashboards).
  • Proxmox virtualisation platform hosting security labs, Linux services, and penetration testing environments.
  • Active Hack The Box subscription for continuous offensive security skills development.
  • Privately hosted AI security lab using local LLMs for security analysis and testing workflows.
  • Experimentation with LLM fine‑tuning for penetration testing and security analysis assistance.