Andrew GARNER BSc (hons) AMIAP
Address: 5 Tennyson Road
Telephone No: 01494532041
Mobile No.: 07866544899
DOB: 18th February 1974
2001-Present: Garner Consulting Limited
Position: Managing Director/Principal Consultant Garner Consulting Limited
· Manager of day-to-day running of Garner Consulting Limited (05/2001-Present)
· Enterprise Security Architect for The John Lewis Partnership (03/2019-Present)
I currently work as a Security Architect within the IT Security and Continuity practice of the John Lewis Partnership. I have been and am engaged in a number of projects for the organisation including the migration of the On Premise datacentre infrastructure to GCP, the design of the Enterprise DLP solution for the organisation including Endpoint, CASB and Network products, the Vulnerability Management solution, the rationalisation and migration of the enterprise AD and GPO structure, and the extension of the Click & Collect solutions. As well as my design responsibilities I also provide consultative advice and support on security matters pertinent to the Partnership. I have been involved in defining the Threat Model for the organisation and creating the Reference Architecture for security within the Partnership.
· Lead Technical Architect for The ATLAS Consortium (01/2007-03/2019)
I was employed as a Technical Architect for the ATLAS Consortium, a group of defence contractors including Fujitsu, DXC, Logica CMG and Airbus. I contracted through Fujitsu to the Consortium and was employed by Fujitsu from January 2007 to March 2019. My role was part of the Interoperability Workstream and the Pegasus Project Team, interoperating with NATO, the xGSI Community and the Five Eyes CCEB communities, including Australia, Canada, New Zealand, the United Kingdom and the United States of America.
My role at ATLAS was as a consequence of my experience at PJHQ (previous role) and because of my understanding of Gateways and their role in support of the UK operational community and their partners. I have been heavily involved in defining the requirements with the customer and regularly attend customer facing meetings and workshops. I have also been involved in extensive Threat Modelling activities for the design of the gateway solutions that have been produced and have worked closely with both MoD and CESG to realise these solutions.
My primary responsibilities for ATLAS were the design of the Email Guarding solution, the Web Guarding solution (both browsing and publishing) and the Infrastructure components for Interoperability including product selection and advice, producing the High Level Design and Low Level Designs for the solution. The solution utilised a variety of products, including DeepSecure SMTP, SNMP and Web Guards, Checkpoint Firewalls, Forcepoint Firewalls, Infonic Geo-Replicator, MS Forefront TMG, MS Forefront UAG, MS Windows Server Remote Desktop Services, MOSS and McAfee Web Gateways. I was also responsible for the design of an SMTP transfer facility between the MoD systems and xGSI systems such as the FCO and the Cabinet Office, utilising MIMEsweeper and Exchange.
Part of my role at ATLAS was to construct virtual representations of the solutions for the Interoperabilty Gateways, for development and pre-production activities and I designed and constructed these solutions within VMWare ESXi. These solutions have been large-scale virtual instantiations with complex configurations.
The focus of my work at ATLAS was primarily in the Security space; I worked closely with the Microsoft Security Practice in defining pan government clamps for Microsoft Operating Systems and in defining secure remote terminal solutions that have now been adopted as the pan government standard. My work has been at the forefront of UK Government cyber defence and I have a wide breadth of knowledge in securing Microsoft technologies, UNIX variants and Solaris.
I designed and constructed the List-X facility for Interoperability at ATLAS, utilising a variety of hardware and software products. In addition to these roles for ATLAS I also represented MoD interests in the Multi-National space, as I had for PJHQ, attending meetings and conferences to further the initiatives developed by the group. Additionally, I was responsible for the physical environments for the gateways team involving rack designs, patch schedules and procurement.
I worked in a team of 5 architects within the Interoperability Workstream working alongside our MoD counterparts. We worked in a particularly sensitive area for the UK government and worked closely with the National Technical Authority (CESG). Our design passed the technical scrutiny of CESG and achieved MoD accreditation.
My role at ATLAS involved me in many different areas, such as Performance Modelling, Procurement, Testing, Requirements Analysis, Penetration Testing, Trialling, Support and physical implementation whilst also being the Technical SME for Gateways as a whole. This work enabled me to enhance my technical skill set with delivery orientated knowledge and understanding from a large programme perspective (the ATLAS programme was the largest Defence programme in Europe).
I am well versed in working to defined methodologies, to timelines and budgets and engaging with stakeholders throughout the delivery lifecycle to ensure successful outcomes. I pride myself on professionalism, self-motivation and seeing tasks and projects through and this has been borne out by the many complex projects and activities I have engaged in and delivered successfully. I am comfortable acting as an authority on my areas of expertise and advising other accordingly, managing relationships and communicating effectively.
· OSE for the Permanent Joint Headquarters (PJHQ) of the MoD (05/2003-01/2007)
As part of my role at PJHQ I was part of the UK representation to the Five Eyes coalition CCEB Griffin (Pegasus pre-cursor) programme. I attended a number of international meetings as a representative for MoD on the Pegasus programme and provided advice and support for the UK engagement in the initiative primarily in the email, web and cryptography space.
My position for the MoD also meant I was supporting and administering a large network of Windows NT and UNIX servers deployed both locally and at remote sites around the world. We supported a number of systems at PJHQ primary of which was the Joint Operational Command System (JOCS). JOCS was brought into service during 1999; this system provides a sophisticated operational picture, along with staff tools for controlling joint operations. It uses the latest commercial technology and web browsing techniques for publishing and distributing information.
I primarily supported the messaging and routing infrastructure, mainly utilising CISCO routers, MS Exchange 5.5 servers and UNIX servers. I also managed a number of links between key players in the intelligence sharing community of nations, which was of particular importance to the operations in Iraq and Afghanistan. Whilst at PJHQ I was also awarded a Certificate of Commendation for my efforts in support of Operation Telic (IRAQ).
Other software of note on this project was Cyberguard Firewall, CA Unicenter, Gauntlet Firewall and Nexor messaging. Hardware of note was CISCO routers and switches, dedicated Cyberguard UNIX machines, TACLANE cryptographic equipment and Brent secure telephones.
· Consultant to Her Britannic Majesty’s Foreign & Commonwealth Office (05/2001-05/2003)
My role at the FCO was similar to my position when employed there previously. This project involved upgrading and implementing NT 4 networks in British Embassies, High Commissions, Consulates and Trade & Cultural Offices around the world. These networks were fairly complex, operating on a hub and spoke basis with London being the hub. I also performed several inter site links, for example an X.25 link from Pretoria to Cape Town, utilising many different types of technologies.
Due to the nature of the work (Diplomatic) there was obviously a large amount of security related work. I was involved in configuring 3 different levels of encryption devices for communications between the remote and host sites. Prior to this I used Gauntlet firewall extensively for restricting access both in and out of the network. The routing devices employed, primarily CISCO, were also configured to maintain maximum security possible.
The Foreign & Commonwealth Office WAN utilised NTSE 2.0 (the security enhancements for NT), Exchange Server 5.5, SQL Server 6.5, Compaq Insight Manager, Gauntlet Firewall Manager, Cisco Routers, Compaq Servers, Compaq Workstations, Goldfax 5.05, Reachout, Remotely Possible, Network Associates TVD and ZAC, Office 97, 3Com Transcend Hub Management, RAID 5, Microsoft Index Server and IIS, amongst other technologies. Secure encrypted links, as mentioned previously, were utilised between posts due to the sensitivity of the operation.
The British Government clears me to secret level and my role meant I would have to work in confidential areas of British Missions around the world. This obviously led to me being involved in various different elements of security, both physical and virtual. My position with the Foreign & Commonwealth Office also meant I had diplomatic status and was expected to act accordingly.
2000-2001: Arthur Andersen
Position: Business Consulting Advanced Technology Manager
· Project Manager for the separation of Mothercare’s and Bhs’s systems
· Project Manager of various other projects for Mothercare
· Manager of the training of 25 members of the Connectivity & Infrastructure division of the Advanced Technology division within the Business Consulting practice.
· Member of various management level teams
My position at Arthur Andersen was that of a manager, although I also functioned as a consultant within this role. The main piece of work I performed for Arthur Andersen was the separation of Mothercare and Bhs’s systems. I functioned as a project manager for Mothercare and managed 8 separate projects, ranging from the migration of an i2 retail planning application on an RS6000 from one site to another to the provision of a credit card settlement system.
1998 – 2000: Computacenter
Position: IT Consultant, System Engineer and Team Leader
· Implemented global IT project for the British Foreign & Commonwealth Office
· Project managed and consulted on Y2K roll-out for Cable & Wireless in the United Kingdom
· Implemented Y2K project for Zurich Insurance
· Implemented an Intranet for Rothmans International
· Installed NT Servers for various other clients
My position at Computacenter meant I was employed in various different roles depending on the project, the most notable of which was the global IT rollout for the British Government. As before, this project involved implementing NT 4 networks in British Embassies, High Commissions, Consulates and Trade & Cultural Offices around the world.
I was team leader on the majority of my trips with the Foreign & Commonwealth Office and quickly became a valued team member. My role encompassed many different areas, including project management and planning, system analysis and design, network planning, consultancy, training, troubleshooting and Y2K testing, amongst other areas.
The other projects I worked on for Computacenter are also of note and were for large corporate organisations implementing mission critical software and hardware. Due to my position within the company I would normally be the most senior member of the team, which would involve being employed in many different areas, from project management to system planning and implementation.
1997 – 1998: South Buckinghamshire NHS Trust
Position: Senior Directorate Information Technology Manager, Project Manager, System Analyst and Developer
· Implemented NT 4.0 network (including PDCs, BDCs, member servers, NT workstations and Windows 95 clients)
· Installed DHCP, RAS and WINS servers
· Implemented Exchange Server 5.0
· Designed and implemented clinical data management system in Access 97 deployed throughout the Dermatology department
· Supported network and applications
· Member of organisational and departmental business teams
· Consultant for other departments within the NHS
· Implemented ICL mainframe gateway server
· Implemented a proxy server
· Implemented, designed and maintained an intranet
· Helped develop a European allergy data management system
· Performed general IT tasks
· Configured hardware (including routers and hubs)
My role at the South Buckinghamshire NHS Trust incorporated many different areas; I was primarily the IT Manager which meant that I supported all the IT within the directorate with which I was concerned. I administered and supported an NT 4.0 network, which consisted of various different elements. The network had 4 NT 4.0 servers, which performed a variety of roles, including an Exchange Server, a RAS Server, a Proxy Server, a Mainframe Gateway Server, a Database Server, a Primary Domain Controller and a Backup Domain Controller. I configured and installed the majority of these servers and am conversant with the use of all.
I was also the Project Manager and had to manage a variety of different projects, the most notable of which was the development of a new clinical system, which I developed myself using MS Access and MS Visual Basic. As stated previously I was the sole Analyst and Developer within the directorate, I was involved in many different systems and projects, involving a variety of hardware and software. I was also a member of a European team of developers, developing a system for doctors throughout Europe. This position involved travelling to Germany and I built up a number of contacts throughout Europe.
I also sat on two management teams within the department, these being the organisational team and the departmental team. The teams were involved with the running of all aspects of the department. The position was an autonomous position within the organisation, my superior being the Clinical Director, commonly I would report to him once every month.
1997 – 1997: Theta Computer Services Limited
Position: System Developer and Project Manager
· Supported and developed a tracking system for the MoD in Access 2.0
· Supported an NT 4.0 network
· Performed consultative duties for clients
· Performed general IT tasks
The position at Theta Computer Services involved supporting a Ministry of Defence (MoD) contract and was a customer-facing role. I was based in London supporting several sites around the UK. The core duties of this position were to support the database that was employed by the MoD, support the users on both the hardware and software utilised at their sites, manage the entire project and to analyse, develop and implement Modifications and new MoD rules for this system. I was also involved in supporting the needs of Theta’s mother company, Eurogate International, which commonly meant supporting its employees on hardware and software products. The main products I was involved with were NT 4.0, AS/400, Office, Access and VB.
1996: Telecommunications Techniques Corporation UK
Position: Database Administrator, Data Administrator, Customer Services Representative and other general duties
· Supported and developed an Access 2.0 database
· Performed general IT support tasks
This position involved liasing with the Customer Services Manager and the Information Technology Manager, to provide data, which could be analysed to show performance levels of the division in which I was employed. The position also involved managing the departmental database, which commonly meant making modifications to the database, repairing and archiving the database and towards the end of my employment at TTC UK, analysing and developing a new system.
Misc.: I have also been working as a consultant for various clients most notably directorates within the NHS. This has involved advising clients on their strategic IT direction, IT purchasing, development work, and the installation and maintenance of hardware and software. I am also a member of the Institute of Analysts and Programmers.
Whilst I have tried to provide an outline of my previous roles, they encompassed a great deal more than it is possible to detail effectively in a Curriculum Vitae. Should you require more information on any of the roles I have been employed in, I would be only too happy to discuss these.
Education and Qualifications:
2000: George Washington University
Project Management Tools and Techniques
2000: Azlan Training
MCP (NT 4 Workstation, Server, Server in the Enterprise and Networking Essentials)
1994 – 1997: Brunel University
2:1 in BSc (Hons) Business and Information Technology
1992 – 1994: Amersham College
2 A Levels
1986 – 1990: Royal Grammar School
Firewalls, Servers, Personal Computers, Apple Macintoshes, AS/400, UNIX, Routers, Hubs, Switches, Bridges, Gateways, NAS, SAN, Cabling, Secure Cabinets, Modems (Secure and Unsecure), UPS’s, Printers, Scanners, UTP, Coaxial and Fibre Optic cabling, RAID, Wireless, Ethernet, ADSL, X21, Cryptography Devices (e.g. Brent Telephones and TACLANEs)
Extensive knowledge of:
MS Windows 2003, 2008, 2012, 2016, XP, 7, 10, Active Directory, MS ISA 2004, Forefront TMG, Forefront UAG, NTSE, HPPT, Cyberguard, Checkpoint, Forcepoint, McAfee Enterprise Firewall, McAfee Web Gateway, CA Unicenter, Compaq Insight Manager, MS Terminal Services, MS Remote Desktop Services, , MS Access, Delphi, MS Word, MS Excel, MS Visual Basic, MS PowerPoint, MS Exchange, MS Exchange Server 5.5, MS Exchange Server 2003, 2007, 2010, MS Outlook, MS Internet Information Server, MS Internet Explorer, VMWare.
MS Powershell, Pascal, Basic, SQL, MS SQL Server, MS Publisher, MS Front Page, SAGE and many other applications.
Operating System knowledge:
MS DOS, MS Windows 95, 98, NT, 2000, 2003, 2008, 2012, 2016, XP, Windows 7, Windows 10, BSD, Linux, Solaris, UNIX and Apple Macintosh.
Positions of Responsibility:
· Managing Director of Garner Consulting Limited
· Lead Technical Architect for the ATLAS Consortium
· MoD Representative in the Multi-National Space
· Commended by Rear Admiral Rees Ward CB, Chief Executive DCSA
· Security cleared to secret level (SC) by the British Government and British Ministry of Defence (MoD)
· Team leader on Foreign & Commonwealth projects
· Holder of Diplomatic Status when travelling abroad with the FCO
· Team leader for various commercial organisations
· Manager in the Business Consulting practice of Arthur Andersen
· Training Manager for the Connectivity & Infrastructure specialism within the Advanced Technology division of Arthur Andersen Business Consulting
· Project Manager for Mothercare
· Senior Information Technology Manager of an NHS Directorate
· Project Manager of a MoD contract
· Associate Member of Institute of Analysts and Programmers
Referees: Supplied upon request