Daniel Fanning
Brisbane
Summary
Experienced IT professional with over 15 years of technical experience, most recently in senior engineering roles. Effective and experienced at applying communication, analytical and technical knowledge to solve problems.
Eager to take the next career step, doing good on a long time interest in Information Security. A new role where existing skills are leveraged, whilst at the same time being part of a team where continued growth is enabled.
With a passion for using technology to help people, solve problems and improve business processes, an asset to the team I would be. Waiting patently for the right opportunity to join the KWM SecOps team I have.
Overview
3
3
years of professional experience
Work History
Systems Engineer (Platform Services)
King & Wood Mallesons
01.2021 - Current
In my role with Platform Services, I apply a range of technical, analytical, communication, and collaborative skills.
Daily Responsibilities
As Principle Engineer for Microsoft Exchange, I manage the firm's Microsoft Exchange environment, covering both on-premises and cloud aspects. My main focus is on ensuring secure and reliable email communications.
I handle Mimecast, specializing in the administration of the firm's Email Security Gateway. This involves advanced troubleshooting, configuration, and implementation of security policies.
I use lateral and critical thinking to analyse problems and find solutions.
I work with various operating systems and platforms on a daily basis, including Shell, Windows, PaaS, M365, and Azure.
I prioritise security considerations when designing and implementing solutions, mindful of attack vectors and techniques.
I communicate effectively with stakeholders of all levels, offering support to junior team members and advising senior stakeholders.
I excel in problem-solving, using decomposition techniques to analyse complex problems and provide effective solutions.
I use PowerShell to automate and streamline tasks.
I have a strong understanding of the firm's technology hierarchy, escalation routes, processes, and procedures.
I collaborate with SecOps, utilizing suites like M365 Defender and Purview, and considering security implications in solution implementation.
I design, implement, and document business policies, processes, and procedures related to technology workflows.
I propose system updates and changes after technical analysis, adhering to ITIL and internal Change Control processes.
I create comprehensive documentation to guide support teams and streamline troubleshooting processes.
Proud Moments & Achievements
Developed multiple custom PowerShell scripts to automate technology processes.
Analysed and improved email routing topologies to align with industry and security best practices.
Implemented DMARC email security framework across the firm's domains.
Engineered Distribution List migrations from on-premises to Cloud, including analysis & design and custom PowerShell scripting for efficient migrations.
Designed and implemented the firm's new Global Distribution List structure, collaborating with stakeholders.
Conducted audits of external email forwarding in relation to compliance objectives, providing recommendations to senior stakeholders.
Collaborate with OGC on eDiscovery requests, championing the use of Microsoft Purview eDiscovery Premium, and facilitating access to modern workflows (unofficially).
Provided technical recommendations to various stakeholders and served as a trusted technical adviser.
Fostered trust and knowledge sharing among stakeholders and team members, mentoring junior engineers.
I fully embrace the firm's principles.
Education
Bachelor of Information & Communication Technology - Major in Software Engineering
UCOL
New Zealand2014
Cert 3 Information Technology
TAFE Queensland
Bracken Ridge, QLD2007
Skills
Security Specific Knowledge & Skills
Understanding of the modern threat landscape
Understanding of the motives (money, IP, sabotage, espionage etc) and techniques used by modern cyber criminals/adversaries
Understanding of applied Social Engineering concepts, Phishing, Manipulation, Psychology, Trickery and other unsavoury techniques
Understanding of Encryption (Symmetric/Asymmetric), Hashing, Compression, Obfuscation and Steganography
Understanding of exploitation techniques and attack vectors (SQLi, XSS, CSRF, RCE, RFI, LFI, PrivEsc, Traversal, MiTM, OSINT/Profiling, Lateral Movement, LOTL, DoD/DDoS, Supply Chain, Shellcode etc), frameworks such as Metasploit, BurpSuite, Kali/Backtack etc
Understanding of Phishing Simulation (Go Phish, KnowB4, Evilginx etc)
Understanding of modern AI and its implications for streamlining of incident response, playbooks etc
Understanding of POLP, Separation of Concerns, Compartmentalization, Segmentation etc
Basic understanding of exploit code (depends) and ability to read and understand PoC code
Understanding of basic malware/payload analysis and evasion techniques (Sandbox, Static/Dynamic Analysis, Heuristics, Hooks/Trampoline, Anti-Debugging/Analysis Evasion (Time Bomb, Process Fork, Delay, Import Detection etc), Process/DLL Injection, Side-Loading, PE Cryptor, Memory Resident, Bootkit, Rootkit etc)
Great instincts and natural curiosity, good at connecting the dots and making educated assumptions
Understanding of email security principles such as SSL/TLS, DKIM, SPF, DMARC, URL Rewriting, Behavioural Analysis, ATP etc (Mimecast SME/Exchange Engineer)
Genuine interest and passion for Cyber Security
Understanding of vulnerability scanning, detection (Nessus) and it's importance to proactive mitigation
Know the difference between right and wrong, and different types of characters (White/Grey/Black Hat, Nation State, APT, Script Kiddie, Hobbyist etc) and what motivates them (Money, Power, Fame, Knowledge, Sabotage, Espionage etc)
Understanding of C2C channels, methods and obfuscation techniques
Basic understanding of data compliance and sovereignty requirements
Understanding of responsible disclosure, bug bounty etc
Understanding of HIP/NIP, Anti-Virus (Signature/Heuristic based) and Anomaly Detection
Basic understanding of SEIM and the important role it plays in consolidating logs and telemetry/artifacts for compliance, threat hunting, continuous improvement, proactive defence and incident response purposes
Comfortable in M365 Defender, Purview etc
Throw me me in, i can swim, this list is getting too long :)
Soft Skills
Naturally curious, logical and analytical
Adaptive I'm a quick learner who applies existing skills
Collaborative I'm humble, a team player
Communication I'm an excellent communicator, confident communicating with stakeholders of all levels, including vendors and executive level I adapt my approach
Mentor & Leadership I enjoy sharing my experiences and knowledge to help others
Humorous I've got a good sense of humour
Thick Skin Loyal, don't fold or quit easily, stress resilient
Attention to detail Forward thinking and strategic
Respectful
Generic Technical Hard Skills
Networking & Firewall Understanding and appreciation of networking concepts, protocols routing and firewall functionality (TCP/IP, UDP, Sockets, DNS, NAT, Tunnelling, Cryptography, Hashing etc)
Infrastructure Basic understanding and appreciation of virtualisation, ESX, segmentation, hypervisor, storage (a little), load balancers, segmentation etc
Technical/Procedural documentation I can explain how things work in an easy to understand way
Analysis, Design and Implementation (Business/Systems Analysis) of technical systems and business processes
Requirements elicitation etc I know what how to ask the right questions
Software Engineering & Development I can design and integrate solutions using various programming languages (PowerShell, C#, JS, Integration Tools etc), automation tools and API's Understanding of programming principles, flow control, data structures, OOP, data types etc
Systems & Platforms I'm a Systems Engineer, proficient with all types of systems and platforms, if im not, i learn it quick smart (Windows, Linux, PaaS, Azure, M365, Web Portals etc)
Databases Understanding of database design, ERD, cardinality, decomposition, normalization, data types Basic SQL skills Experience with relational databases such as MS SQL Server, MySQL, Postgres, SQLite
Hobbies & Interests
- Documentaries and videos on YouTube.
- Figuring out how things work/pulling things apart.
- Jade and I have 2 kids Chelsea and Harry (3 and 5).
- Spending time with Jade, our kids and extended family.
- The feeling of succeeding in things i set out to achieve.
- Helping others and being a good human.
- Learning to fly drones with my son (and fix after we crash).
- All different types of music.
Timeline
Systems Engineer (Platform Services)
King & Wood Mallesons
01.2021 - Current
Bachelor of Information & Communication Technology - Major in Software Engineering
UCOL
Cert 3 Information Technology
TAFE Queensland
Similar Profiles
Shiyun ZhangShiyun Zhang
Intern at King & Wood MallesonsIntern at King & Wood Mallesons
SILIN LISILIN LI
Summer Clerkship at King & Wood MallesonsSummer Clerkship at King & Wood Mallesons
Zheng HuiyuanZheng Huiyuan
Intern at King & Wood MallesonsIntern at King & Wood Mallesons
Qing(Jean) ShenQing(Jean) Shen
Legal Assistant at King & Wood MallesonsLegal Assistant at King & Wood Mallesons
Megan ProwseMegan Prowse
Finance Assistant at ASM Global - Brisbane Convention & Exhibition CentreFinance Assistant at ASM Global - Brisbane Convention & Exhibition Centre