Open to cybersecurity opportunities
// James Marshall

Cybersecurity
Specialist

Endpoint security architecture, threat detection, and cloud automation. 26 years of hands-on IT experience — from building home labs at 11 to deploying CrowdStrike EDR/XDR across thousands of enterprise endpoints.

United Kingdom
26+ years in IT
Remote / flexible hybrid

About

I'm James — a self-taught cybersecurity specialist with 26+ years of IT experience. I got my first PC at a young age and never stopped learning. That curiosity led me through infrastructure, telecoms, and into enterprise cybersecurity — landing a dedicated security role through demonstrated capability rather than formal qualifications.

In June 2022 I transitioned from a Patch Lead position at Openreach into BT Group's Cyber Design & Implementation team, where I was rapidly promoted from Professional (E grade) to Specialist (D grade) within 12 months. As Subject Matter Expert for CrowdStrike XDR, I led the design and deployment of endpoint protection across thousands of enterprise endpoints within BT's Managed Security Services (MSSP) portfolio, working directly with the Technical Design Authority and Product Manager.

After three years of rapid career progression, I returned to an operational role at Openreach in August 2025. I'm now actively seeking to return to cybersecurity and continue building on my security architecture, threat detection, and cloud automation expertise. Based in Wales, I'm open to remote and flexible hybrid arrangements. I maintain an active homelab and continue studying toward CISSP certification.

Skills

Endpoint Security (SME)

CrowdStrike Falcon EDR/XDR — architecture, deployment, policy design, integration & customer onboarding across 50,000+ endpoints

Security Architecture

Design & technical governance for MSSP cybersecurity services, secure product rollouts and enterprise integrations

SIEM & Threat Detection

Securonix & IBM QRadar administration, RBAC configuration, real-time monitoring and threat detection

Cloud & DevOps Security

AWS security (EC2, IAM, S3, VPC), Terraform, Ansible — infrastructure automation aligned to compliance goals

Windows & Linux Hardening

Deep OS-level knowledge — configuration, patching, automation, monitoring and system administration

Leadership & Delivery

Team management, technical workshops, training material development, stakeholder engagement across SOC, PM & TDA

Automation & Scripting

Python & Bash scripting for security automation, log parsing, API integration and system administration. Terraform & Ansible for IaC. Git version control

Programming & Development

Python (security tooling, scripting, automation), Bash (shell scripting, cron, system tasks), HTML/CSS/JS, Terraform HCL, CI/CD pipeline configuration

Experience

Aug 2025 — Present
Patch Lead
Openreach Ltd (BT Group)
Returned to previous role to accommodate personal circumstances requiring fully remote work. Maintaining network infrastructure patch management responsibilities while actively pursuing return to cybersecurity through homelab projects and certification study.
Feb 2023 — Aug 2025
Cyber Design Development Specialist (D Grade)
BT Group — Managed Security Services (MSSP)
Promoted within 12 months for technical leadership and delivery impact. Appointed SME for CrowdStrike XDR, leading the design and deployment across 50,000+ enterprise endpoints. Developed standardised onboarding frameworks adopted across entire MSSP customer base. Delivered technical workshops to senior management, SOC teams and product owners. Managed RBAC configuration for Securonix SIEM and mentored internal teams.
Jun 2022 — Jan 2023
Cyber Security Professional (E Grade)
BT Group — Managed Security Services (MSSP)
Transitioned from Openreach into dedicated cybersecurity via TUPE transfer. Delivered critical SME support for CrowdStrike EDR deployment across 50,000+ endpoints (Windows/Linux). Designed end-to-end MSSP customer onboarding processes, uplifted Terraform codebase, and supported Sales with technical demonstrations.
2014 — Jun 2022
Network Engineer to Patch Lead (multiple roles)
Openreach Ltd (BT Group)
Progressed through Copper & Fibre Network Engineer, Senior Engineer, Patch Lead, and Covering Patch Manager. Led provisioning and maintenance of telecom network infrastructure, managed teams, and built deep Windows/Linux system administration and automation skills.

Certifications

CrowdStrike Certified Falcon Administrator

Endpoint detection & response platform — achieved 2023

Achieved

CompTIA Security+

Foundational cyber security certification — 2025

Achieved

CISSP

Certified Information Systems Security Professional

Studying

Homelab & Development

I maintain an active cybersecurity lab for continuous practical development, simulating enterprise security environments and staying current with industry tooling.

Virtualisation

VMware ESXi hosting multiple VMs simulating enterprise security scenarios

Security Monitoring

Wazuh SIEM for real-time security monitoring, log analysis and threat detection

DevOps & Containers

Docker containers, GitLab for version control, CI/CD pipelines

AWS Cloud Lab

EC2 instances, IAM policies, S3 with encryption, VPC network segmentation

Infrastructure

NAS storage with secure configuration, backup strategies and RBAC

Network Security

OPNsense firewall, managed switches, VLANs, network segmentation — full home network built from scratch

Windows Server & AD

Windows Server administration, Active Directory, Group Policy, domain services and RBAC

Scripting & Tooling

Python scripts for security automation and API integration, Bash for system hardening and scheduled tasks, Terraform for lab infrastructure provisioning

Practice Areas

Incident response drills, vulnerability scanning, security automation and reverse engineering (currently learning)

Get in touch

Email
james@marshnet.uk
LinkedIn
Connect
GitHub
Projects