Simon Biles

Simon Biles

Information Security & Digital Forensics Specialist

Oxford, United Kingdom
Computer & Network Security

As a LinkedIn member, you'll join 300 million other professionals who are sharing connections, ideas, and opportunities.

  • See who you and Simon Biles know in common
  • Get introduced to Simon Biles
  • Contact Simon Biles directly

View Simon's full profile

Simon Biles's Overview

  • Subject Matter Expert at ContentMaster / Microsoft
  • Associate Lecturer at Open University
  • Aspire Security Architect at Capgemini
  • Information Security Consultant at Parkhill
  • Senior Network Security Application Engineer at 3Com
  • Security Consultant and Developer at Science and Technology Facilites Council ( Formerly CCLRC )
  • Forensic Consultant at CIA Excel
  • Infrastructure Security Analyst ( SOx ) at Vodafone UK
  • Linux Consultant at Cable and Wireless
  • Kerberos Consultant at Golden River Traffic
  • UNIX Security Analyst at JP Morgan Chase
  • UNIX and Security Consultant at Institute of Cancer Research
  • Author & Reviewer at O'Reilly & Associates
  • UNIX Systems Administrator at CFX, AEA Technology Plc.
  • UNIX Systems Administrator at EdNet

500+ connections


Simon Biles' Summary

Digital Forensics & Information Security

► Digital Forensics

⇨Currently taking on new cases for Prosecution and Defence in the UK.

♦ Fraud
♦ Computer Misuse
♦ Hacking / Cracking / Industrial Espionage
♦ Intellectual Property (IP) / Data Theft
♦ Employee Disputes

⇨ Specialising in networks and networked computers & alternate Operating Systems.

♦ Unix & Linux
♦ Windows Server & Active Directory
♦ Network Attached Storage (NAS)
♦ Intrusion Detection / Prevention System Evidence

⇨ Forensic Readiness Policies & Procedures.

♦ In line with HMG Good Practice Guides GPG 13 ( Protective Monitoring ) and GPG 18 ( Forensic Readiness )

► Information Security

♦ Security Reviews & Audits
♦ Risk Assessment & Business Impact Analysis

⇨ Penetration Testing

♦ White Box & Black Box Penetration Testing
♦ Vulnerability Assessments

⇨ Security Architecture

♦ Design and Review of Systems
♦ Security Controls
♦ Firewall rule set creation and review

⇨ Policy and Procedures

♦ Creation, Review & Audit

⇨ Accreditation & Compliance

♦ ISO 27001

⇨ Intrusion Detection and Prevention Systems

♦ Security Incident Event Management (SIEM) Systems compatible with GPG 13

Simon Biles' Experience

Co-founder & CEO

Thinking Security Ltd.

Privately Held; 1-10 employees; Computer & Network Security industry

April 2002Present (12 years 6 months) Oxford, United Kingdom

Co-founder and CEO of Thinking Security Ltd. (previously Computer Security Online Ltd.) an Information Security & Digital Forensics company near Oxford in England.

Established in 2003, Thinking Security set out to provide pragmatic and cost effective security advice without the use of fear, uncertainty and doubt. We believe strongly in sustainable solutions that don't leave our clients reliant on us, but enable them to further their business goals with the assurance that their information risks are well managed.

Security to us isn't solely about technical solutions (although we constantly feed our inner geeks), it is about a holistic approach that encompasses all aspects of the information lifecycle. We pride ourselves on our ability to speak English, something that we have been complimented on by many of our customers, because without your understanding we don't feel that the potential of any technical solution can be truly realised. In order to better enable future management decisions and to fuel continual improvement, we strongly believe in the use of meaningful metrics.

Before we became consultants, we operated at the IT coalface, securing and managing heterogeneous UNIX, Linux and Windows networks for multinational companies. We have authored or co-authored a number of books and articles on a wide range of security topics, and have been invited as guest speakers and lecturers to a number of conferences, universities and organisations.

CLAS Consultant - Fraud, Security & Risk

Virgin Media

Public Company; 10,001+ employees; VMED; Telecommunications industry

February 2014Present (8 months) Hook

• Part of the Project Team providing close technical security support to deliver an inter-connected service as part of the PSN.
• Conducting technical security reviews of low level designs and plans to achieve interconnected services at IL2 and IL3;
• Routinely contributing to the production and maintenance of Risk Management Accreditation Document Sets (RMADS).
• Working in close support of Virgin Media’s Information Assurance organisation to ensure successful completion of the necessary HMG Accreditation requirements.
• Producing and maintaining supporting documentation that forms part of interconnections, such as Codes of Connection (CoCo), MoU’s etc;
• Practical application of the HMG Risk Management methodology to identify appropriate risk treatment plans;
• Application of HMG Information Assurance standards, including handling, disposal, protection of information and in accordance with the Government Classification Scheme (GCS);
• Translating ISO 27000 series objectives to align with HMG Security Policy Framework (SPF) for incorporating with a Baseline Controls Set;
• Working closely with various technical groups and external parties to specify the necessary technical security requirements needing to be satisfied for facilitating secure interconnections;
• Liaison with HMG authorities, including CESG, GCHQ, PSN, CPNI, in pursuance of secure interconnections and necessary accreditation;

Visiting Lecturer

De Montfort University (DMU)

Educational Institution; 1001-5000 employees; Higher Education industry

February 2013Present (1 year 8 months) Leicester, United Kingdom

Visiting Lecturer for a part of the Forensic Examination of Network Computers module of the postgraduate MSc in Forensic Computing for Practitioners assisting Professors Brian Jenkinson & Tony Sammes.

This module develops expertise in the forensic examination of both Client and Server machines. The module consists of an academic discussion of Networks and how they operate followed by practical hands-on development of a Network from the point of view of a small business. Starting from a stand alone machine students will build a working network via crossover connection to the use of switches on a small network to a full-blown domain with controller. Forensic artefacts and methods of recovery for evidential purposes are discussed and practically experienced along the way. Examinations/analysis are carried out on prepared hard disks with suitable scenarios.

Visiting Lecturer on the Alternate Operating Systems module of the postgraduate MSc in Forensic Computing for Practitioners - developing and delivering the whole module.

Security Assurance Consultant


Public Company; 10,001+ employees; HO; Defense & Space industry

November 2012December 2013 (1 year 2 months) Basingstoke

Developing, reviewing, maintaining and updating all RMADS documentation and Security Operating Procedures associated with Thales’ networks, systems and applications, in accordance with Mandatory Requirements of HMG Security Policy Framework (SPF) and applicable CESG Information Assurance Standards.

Assisting with remediation planning to ensure that systems are designed and implemented in accordance with the defined requirements. Assist with training and awareness briefings to ensure that support staff and users are working in accordance with the defined requirements.

Assisting with IAMM L3 certification and ISO27001 compliance.

Assisting with assurance activities to ensure that all Thales UK List X sites and systems continue to achieve accreditation.

Assisting with the evaluation and implementation of cost effective security requirements and controls for IL0 – IL6 environments.

CLAS Consultant

ATLAS Consortium

Partnership; 1001-5000 employees; Computer & Network Security industry

January 2010November 2012 (2 years 11 months) Reading, United Kingdom

Lead TPSL (Trusted Platform Service Line) Security Architect - presentation of security compliance. RMADS & supporting documentation for accreditation of infrastructure and applications to HMG standards.

Information Security Consultant


Nonprofit; 5001-10,000 employees; Nonprofit Organization Management industry

June 2009October 2012 (3 years 5 months) Oxford

Thinking Security are currently contracted to Oxfam GB to review, direct and implement Information Security solutions.

Subject Matter Expert

ContentMaster / Microsoft

March 2005October 2010 (5 years 8 months)

Produced assorted pieces of work for Microsoft through ContentMaster, including "Building Unix Security and Directory Solutions using LDAP, Kerberos & Windows Server 2003", "Converting UNIX Daemons to Windows Services using C#" and some testing work.

Associate Lecturer

Open University

Educational Institution; 5001-10,000 employees; Higher Education industry

October 2008January 2010 (1 year 4 months)

Associate Lecturer on the Postgraduate Information Security Management Course - M886

Taught students on the postgraduate Information Security Management (M886) course, which is based around the ISO27001 standard. This course is accredited by the Cabinet Office as a practitioner level course within the InfoSec Training Paths and Competencies (ITPC) scheme, and covers all related standards – PCI/DSS, Sarbanes-Oxley and BASEL-II.

Aspire Security Architect


Public Company; 10,001+ employees; CAP; Information Technology and Services industry

October 2008April 2009 (7 months) Telford, United Kingdom

Aspire Security Architect - RMADS work for HMRC

Created Risk Management and Accreditation Document Sets (RMADS) in line with HMG Security Standards for both Level 1 (Business Group Specific) and Level 2 (Organisation Wide) RESTRICTED information processing systems within Revenue and Customs for existing architectures, providing gap analysis and mitigation where designs failed to meet set government standards.
Managed full RMADS lifecycle from Accreditation Planning Agreement (APA) to completion dealing with all stakeholders and accreditors.

Information Security Consultant


March 2009March 2009 (1 month) Newham, London

Post Incident Response Security Assessment at the Newham University Hospital Trust, and the Newham Primary Care Trust on behalf of Parkhill. Fully managed project from setting scope to presenting final report at a board level. Assessment was benchmarked against the Information Security Forum (ISF) “Standard of Good Practice” and ISO27001, and was to strength controls following a specific breach incident that had caused significant financial loss.

Senior Network Security Application Engineer


Public Company; 5001-10,000 employees; COMS; Computer Networking industry

June 2008August 2008 (3 months)

Doing security test work on the next generation of 3COM appliances - Anti-Virus, Anti-Spam, IDS/IPS and Firewall.

Security Consultant and Developer

Science and Technology Facilites Council ( Formerly CCLRC )

April 2007June 2008 (1 year 3 months)

Using Shibboleth to develop/implement a single sign on solution for the JISCMail Service.

Forensic Consultant

CIA Excel

April 2008April 2008 (1 month) London, United Kingdom

Carried out a full forensic investigation for a client of CIA Excel from imaging to final report. The investigation involved live acquisition and examination of a server to trace the source of leaked documents and to identify the culprit, and also a concurrent internet investigation to enable the client to further limit the distribution of the leaked material.

Infrastructure Security Analyst ( SOx )

Vodafone UK

Public Company; 10,001+ employees; VOD; Telecommunications industry

December 2006March 2007 (4 months)

Ensuring Sarbanes-Oxley compliance for Vodafone UK with regard to OS, DB and Application patching.

Linux Consultant

Cable and Wireless

Public Company; 5001-10,000 employees; CW.; Telecommunications industry

November 2006December 2006 (2 months)

Linux consultant for government project.

Kerberos Consultant

Golden River Traffic

August 2006November 2006 (4 months)

Kerberos Consultant for UK Government Highways Agency project. Designed and tested Kerberos authentication solution for emebeded traffic monitoring devices.

UNIX Security Analyst

JP Morgan Chase

Public Company; 10,001+ employees; JPM; Financial Services industry

November 2005April 2006 (6 months)

UNIX Security Specialist working with ETrust and Keon.

UNIX and Security Consultant

Institute of Cancer Research

Educational Institution; 1001-5000 employees; Research industry

July 2004July 2005 (1 year 1 month) London, United Kingdom

UNIX skills on Solaris, Linux and MacOS X. Evaluated, specified, built and maintained UNIX and Linux servers. Consulted for the IT Security Manager in BS7799 compliance certification and general security best practice. Constructed policies and procedures for incident response. Performed security testing, vulnerability analysis and asset identification. Consulted on Checkpoint and Nokia firewall configuration and installation. Developed, configured, tested and maintained a VPN solution. Installed IDS solution using Snort. Maintained existing Citrix installation for financial and cross platform systems. Performed in house forensic work as required by HR.

Author & Reviewer

O'Reilly & Associates

Privately Held; 201-500 employees; Information Technology and Services industry

20052005 (less than a year)

Co-authored the Snort Cookbook and reviewed a number of other O'Reilly titles.

UNIX Systems Administrator

CFX, AEA Technology Plc.

20002002 (2 years)

UNIX Systems Administrator

UNIX Systems Administrator


19972000 (3 years)

ISP Systems Administrator

Simon Biles' Volunteer Experience & Causes

  • Volunteer Interests

    • Causes I care about:

      • Education
      • Science and Technology
    • Organizations I support:

      • Oxfam
      • NSPCC

Simon Biles' Honors and Awards

  • Chartered IT Professional


    The CITP standard is based on the needs of industry - employers, academics and Government have told us that they value a status which:

    - is rigorous and demanding to achieve

    - shows that holders understand the business they are working in and add business value through the use of technology

    - tells an employer something about the holder which they cannot find out easily themselves
    is underpinned by periodic revalidation

Simon Biles' Languages

  • French

    (Elementary proficiency)
  • German

    (Elementary proficiency)

Simon Biles' Certifications

  • CLAS Consultant

    • CESG
    • September 2010 to September 2012

    • ISC2
  • BS 17799 Lead Auditor

    • BSI
  • OPSA

    • ISECOM
  • CITP

    • BCS
    • January 2006

Simon Biles' Publications

  • Snort Cookbook

    • O'Reilly Publishing
    • 2005

    O'Reilly Cookbook for the Open Source Intrusion Detection System - Snort.

  • Hacking Exposed Linux

    • Osborne/McGraw-Hill
    Authors: Simon Biles, ISECOM

    The Latest Linux Security Solutions This authoritative guide will help you secure your Linux network--whether you use Linux as a desktop OS, for Internet services, for telecommunications, or for wireless services. Completely rewritten the ISECOM way, Hacking Exposed Linux, Third Edition provides the most up-to-date coverage available from a large team of topic-focused experts. The book is based on the latest ISECOM security research and shows you, in full detail, how to lock out intruders and defend your Linux systems against catastrophic attacks. Secure Linux by using attacks and countermeasures from the latest OSSTMM research Follow attack techniques of PSTN, ISDN, and PSDN over Linux Harden VoIP, Bluetooth, RF, RFID, and IR devices on Linux Block Linux signal jamming, cloning, and eavesdropping attacks Apply Trusted Computing and cryptography tools for your best defense Fix vulnerabilities in DNS, SMTP, and Web 2.0 services Prevent SPAM, Trojan, phishing, DoS, and DDoS exploits Find and repair errors in C code with static analysis and Hoare Logic.

Simon Biles' Skills & Expertise

  1. Information Security Management
  2. Information Security
  3. Computer Security
  4. Penetration Testing
  5. Security
  6. ISO 27001
  7. Computer Forensics
  8. Network Security
  9. CISSP
  10. Firewalls
  11. IDS
  12. Encryption
  13. Policy
  14. Vulnerability Assessment
  15. Security Awareness
  16. Security Audits
  17. Vulnerability Management
  18. PCI DSS
  19. Cybercrime
  20. Forensic Analysis
  21. Technical Writing
  22. Unix
  23. IPS
  24. Auditing
  25. IT Audit
  26. Application Security
  27. CEH
  28. Information Assurance
  29. Infrastructure Security
  30. VPN
  31. Intrusion Detection
  32. Vulnerability Scanning
  33. Antivirus
  34. Network Forensics
  35. Shibboleth
  36. Open Source
  37. Content Filtering
  38. Proxy
  39. Hardening
  40. Sarbanes-Oxley Act
  41. JSP440
  42. Kerberos
  43. Ethical Hacking
  44. Digital Forensics
  45. Data Security
  46. Security Architecture Design

View All (46) Skills View Fewer Skills

Simon Biles' Education

De Montfort University

MSc, Forensic Computing


Transfer of MSc from Cranfield to De Montfort

Cranfield University

MSc - modules, Forensic Computing


The University of Edinburgh

DipHE, Computer Science and Artifical Intelligence


I studied, in addition to CompSci and AI, Company, Criminal and Contract Law, Electronics, Industrial Management, Oceanography and Geomorphology.

Simon Biles' Additional Information


Computers, Land Rovers ...

Groups and Associations:


Contact Simon for:

View Simon Biles’ full profile to...

  • See who you and Simon Biles know in common
  • Get introduced to Simon Biles
  • Contact Simon Biles directly

View Simon's full profile

Not the Simon Biles you were looking for? View more »

Viewers of this profile also viewed...