John Steele is a retired Information Technology Specialist who has in-depth skills across the IT industry. This knowledge has been acquired through working for over 50 years in the industry.
Before he retired his recent work had been for the defence sector, and other security sensitive government projects, where his broad knowledge base and experience enabled a unique insight into security vulnerabilities, especially at the network and security layers. He has experience in both hardware and software design and implementation as well as working with security accreditors to achieve an accreditable design in systems that carry a high protective marking.
The level of detail about some projects and clients provided below is constrained by confidentiality considerations due to the nature of the work undertaken.
Current Certifications | Year |
---|---|
BSc Hons Electrical Engineering | 1963 |
Member of British Computer Society (MBCS) | 1991 |
Chartered Engineer (CEng) | 1998 |
Chartered IT Professional (CITP) | 2003 |
Area | Years |
---|---|
Hardware design | 25 |
Operating system kernel design/implementation | 5 |
Network Architecture/implementation | 40+ |
Software design and implementation | 40+ |
System Architectures | 20+ |
Computer manufacturer | 14 |
Financial market (Trading room) system architecture | 7 |
Defence Sector systems design | 20 |
Software/systems/security consultancy | 20+ |
Where | When |
---|---|
Manchester Grammar School | 1954 to 1960 |
Manchester University | 1960 to 1963 |
Area | Years |
---|---|
Experience with design, implementation, and ongoing support, of remote access to Application software providing compliance to relevant Data Protection legislation (including accountability for user actions) and implementing appropriate technical defensive measures depending on whether commercial levels of security and system availability was adequate, or whether far more stringent measures for government high availability and sensitive systems were required | 30 |
Familiar with the Cabinet office Security Policy Framework and particularly with the related topic of Auditing and Protective Monitoring | 10 |
Expertise with TEMPEST threats and related protective measures | 20 |
Networking, including secure design for LAN, WAN, and satellite communications for commercial and military applications, and problem investigation | 40+ |
Visualisation of both Server and Desktop using mainly VMWare | 8 |
Automation of VMWare environment deployment using PowerShell | 3 |
Windows Operating Systems from Windows 1 onward | 30 |
Software development tools e.g. Visual Studio | 20 |
Familiarity with most of the current programming languages including C, C++, C#, Python, Java etc. | 25 |
Knowledge of XML/XLST technology | 10 |
Relevant Project Expertise | Years |
---|---|
Large Defence system project delivery | 20 |
Finance sector project delivery | 10 |
Relevant Industry Expertise | Years |
---|---|
Computer manufacturer | 15 |
Special hardware and software design | 10 |
Defence contracts | 20 |
Finance sector | 7 |
Role = Network/Security Architect
The system was supplied, and operated, as a managed service for a government department.
The role was to work with the existing system operation team to design and manage the implementation of the network enhancements for an existing IL4 system which was being expanded to a further 30 sites and extended to access additional external services over the xGSi. This was a follow on to the previous contract.
A further objective was to facilitate migration to a Tier 2 system under the new protective marking scheme which about to be implemented.
The WAN bearer was to be capable of using ADSL as a low cost network solution where this level of availability can be accepted by the local business community. Some sites were to use conventional leased circuits where the site needed the higher level of assured availability.
The protect documentation set was updated to incorporate this and some earlier changes in preparation for accreditation and testing prior to acceptance.
The role included working with the CLAS consultant to update the RMADS (Security Documentation)
The design was successfully presented to the end customer and to their security accreditor for their approval prior to entering live service
Role = Network/Security Architect
Network design enhancement for a proposed major expansion to a current IL4 Government system
The task was to consider and compare system and network options for adding a new group of users to an existing important IL4 system and to address the conflicting needs for minimal cost, fast deployment, and system availability while maintaining appropriate levels of confidentiality within the existing system.
The options were presented as a change proposal to the existing and new stakeholders by the managed service provider
The design concept was developed and then discussed with the end user stakeholders and agreement with the approach obtained in principle before the options were finalised
The system high level designs were updated to be ready for deployment once approval has been given
The system design was prepared in conjunction with, and accepted by, the project's CLAS consultant
Role = Technical/Security Architect
Technical consultancy on Security for an internal IT IL3 system accredited for connection to government networks
Provide advice on system design to meet project security objectives to the design team as required
Provide detailed technical review of design documents as part of the Security Approval process
Contribute to the security documentation prepared for accreditation
Design of Protective monitoring solution (ArcSight) together with HP SME
Documentation of existing Lenel building access system design and to design remedial action to mitigate certain security risks with current installation identified during this process
Role = Technical/Security Architect
Thin client/VDI Desktop system for a sensitive government system
Network design and consultancy including major review and update of the network design documentation identifying a number of security issues that need to be addressed especially in the network management area
General security consultancy to project on VDI, Windows and general architecture issues
Role = Technical/System implementation
Automation of AppV sequencing for applications that support “silent install” using a standard installer. This process also requires programmatic interaction with VMWare ESX to control virtual machines and was implemented using PowerShell.
Role = Technical/Security Architect
Prototype/proof of concept of a design using thin client solution to deliver streaming video/web access from remote resources with varying security/reputation challenges across a common network
Role: System and Network Architect
Responsibilities
Delivery of classified system design overview document
Design/delivery of in-house system to support classified Office Automation plus Development and Integration support.
Member of Central Engineering team supporting delivery teams
Role: network/security lead
Responsibilities
Design of visualization solution, infrastructure, implementation of demonstrations
Proposal material for above
Role: Technical Architect
Responsibilities
Liaise with NATO on technical solution to ensure successful accreditation including documentation of solution
Technical direction of implementation team to deliver working solution in short time as an "Urgent Operational Requrement" for the MoD to an opertional area abroad
Implementation of virtual network for reference system including simulated encrypted SATCOM communications
Design of visualised reference rig used for development in support of team on-site in "Theatre"
Provide remote technical support to our volunteer installation team working in several potentially dangerous operational areas
Operational system comprising initially three resilient interconnected sites supporting initially 700 rugged workstations and fully integrated into the NATO HQ was fully installed in "Theatre" in under 5 months and received commendation from UK government department as an "exemplar project"
Role: Technical Leadership
Responsibilities
Audit and accounting
Network Architecture
Windows Security (working with other consortia members)
John worked on the council’s site for many months to evaluate all of the IT systems being used by each Directorate in the council to establish whether they were technically fit for purpose as the managed service and to make proposals for remediation where there were deficiencies. The council IT staff would become BT employees (TUPE) when the contract was put in place.
A number of significant security issues were identified and a very serious software licencing error, made by a previous system supplier, that could have resulting in a claim for a large sum of unpaid licenses was discovered. These issues were all brought to the council’s attention and remedial actions were put in place urgently and the project was granted to BT. John then worked on site during the first phase of migration of the services to BT ownership.
Role: Technical Leadership
Responsibilities
Design of TEMPEST infrastructure
Design of specialised monitoring tools
working with subcontractors assisting with their implementation
Required detailed knowledge of military versions of protocols
Role: Owner and Principal Consultant
Consultancy services to a number of clients including BT, DrumGrange and Berkshire County Council including security documentation, implementation of software for a prototype for a bid etc.
Role: Chief Engineer of Engineering division, consultant to sales team for dealing room bids to financial institutions and then Resident Technical Support Manager based in Tokyo
Example projects:
Design of communications device to reliably communicate with remote depot sites for Express Dairy supporting concurrently both asynchronous 2400 bps VDUs and printers in the remote sites over a dial-up connection. Otherwise knows as a “statistical multiplexer”.
Designed a dialled backup facility for a USA designed range of modems, manufactured by USA company, and sold by Data Logic in the UK that would automatically fail over to a dialled backup should the full duplex leased line service fail. This, at the time, required obtaining BT approval for connection to the public network. This initially predated the BABT approval process.
Design of a portable computer to be used for stocktaking by Allied Breweries for managed public houses
Design of a bar code scanner as a low cost alternative for small libraries using a BBC Micro as the platform
Initially detailed hardware and software design of dealing room system and then for the continued development to a networked solution delivering data to dealers in real time. This went from an initial project delivering 70 dealing positions to become a £40m Per Annum business. Ultimately providing the Technical support to Japanese business partner located in Tokyo and resident there for almost two years.
Role: Initially joined as a hardware design engineer but became Team Lead and design authority for the Operating System Kernel team
Responsibilities
Design of their Magnetic tape controller for the Modular One range of CTL computers
Joined their E4 Operating System kernel team to implement Disk drive support and then add virtual memory capability to their OS by swapping memory segments to/from disk
Became leader of the E4 implementation team and took the E4 operating system through several revisions and enhancements to a stable product supporting, in one case, up to 70 concurrent interactive users with a maximum memory capacity of 224 KILO bytes (text only of course!)
Designed and implemented an Index Sequential Filing System to support an emerging transaction based processing market
Role: Initially a junior engineer responsible for the logic design of the Argus 400 computer and several other related components and then promoted to a senior engineer with responsibility for selection of, and designing interfaces for, most standard peripherals (e.g. printers, punches, card and paper tape readers) and the Magnetic Tape controller. The Automation Systems Division in Ferranti supplied Industrial Process Control computers building on their success with the Bloodhound military system computers.
Responsibilities:
Argus 400 logic design - one of the worlds first integrated circuit computers and John's first ever logic design
Evaluated and selected all peripheral devices (printers, paper tape readers and punches etc., used for the Argus range (Argus 400, 500, 600 and initially Argus 700 computers) to the standard interface bus - Interface A
With a colleague, designed an IBM compatible Magnetic Tape Controller supporting either 7 track or 9 track tape decks
Provided ultimate escalation path for service calls from sites.
The main business was Process Control and Ferranti provided a fast escalation path for resolutions of any problems on customer sites with any of John's designs on site that impact production. A service engineer would visit site and if they could not identify the cause in 2 hours their supervisor went to site. If the problem was not fixed in a further 4 hours the design authority went to site. In most cases that was John! John went to site just three times during his time at Ferranti.
In two cases the problem was identified before the system was controlling production. There had been a last minute extension to the installed system and the installation rules had not been adhered to however John was able to implement a suitable, properly engineered, solution on the site and leaving it in a fully working state.
In the third case John deputised for another group and found a flaw in their design. John implemented a workaround on site leaving a temporary working system but the backplane on the equipment needed to be redesigned.