Role: Systems Administrator — Departments of Computer Science, Information Security (ISG), and Mathematics
September 2006 – February 2017 · Egham, Surrey · On-site
Where It All Began#
Royal Holloway is where my career started — and where I learned that security is never an afterthought.
I joined straight out of university in 2006 as part of a small IT team — four of us at first, growing to five after the Information Security and Computer Science IT teams merged — and stayed for over eleven years. In that time I grew from a graduate putting theory into practice for the first time into an experienced systems administrator responsible for infrastructure, procurement, and platform strategy across three departments.
It’s the longest I’ve spent anywhere, and the foundation of everything that came after.
The Environment#
I supported three departments at Royal Holloway: Computer Science, Mathematics, and the Information Security Group (ISG).
The ISG is not an ordinary academic department. It is one of the most renowned cyber security research groups in the world — the first university anywhere to offer a postgraduate course in information security, back in 1992. Its MSc is GCHQ-certified, it holds NCSC Gold status and a Queen’s Anniversary Prize, and it has been home to figures like Whitfield Diffie, co-inventor of public-key cryptography. The Department of Computer Science ranked 11th in the UK’s 2014 Research Excellence Framework.
Together, the three departments comprised over 70 staff, 25 researchers, around 100 PhD and CDT students, 120 postgraduate MSc students, and 300 undergraduates — a diverse and demanding user base with requirements ranging from the ordinary to the extraordinary.
Being part of the Information Security Group came with high responsibility. No matter what hat I was wearing, data security and the reputation of the ISG had to be at the forefront of every decision. That instinct — security as a first-class concern — has stayed with me throughout my entire career.
I didn’t just keep the servers running, either. I immersed myself in the subject, attending the lectures for the ISG’s MSc in Information Security — the world-first, GCHQ-certified course. Being surrounded by that depth of expertise, and taking the chance to learn from it directly, is a large part of why I’ve never treated security as something you bolt on at the end.
Growth#
This role was where I learned to work in a team, and where I put my university education into practice in a live environment for the first time. Early on, I gained hands-on experience managing and supporting Linux servers — something I had studied but never done professionally. That first professional Linux experience became the bedrock for everything that followed.
Over the years I took on increasingly broad responsibilities:
- First and second line support — the front line for a diverse academic user base
- Systems administration — managing servers running Ubuntu, SUSE, and Windows across four distinct networks
- Network administration — configuration and management of network infrastructure
- IT platform solutions architecture — researching, evaluating, and implementing new services
- IT purchasing management — procurement of desktop, server, and infrastructure hardware across three departments
Key Achievements#
Apple Platform Adoption#
One of my most significant projects was introducing Apple laptops to replace Windows desktops for the Information Security Group. The move delivered increased reliability, an improved user experience, and — crucially for the ISG — combined the usability of macOS with the power of a Unix-based operating system. This gave researchers and academics the best of both worlds: a polished desktop environment with native access to the Linux tooling they needed for their security research.
Desktop Replacement Programme#
I managed the full lifecycle of desktop hardware across three departments, from initial specification through to deployment and disposal:
- Specification — selecting systems that met departmental needs within budget, with long-term product roadmaps from HP or Dell, scalable specs (RAM, storage, CPU, graphics), and support for both Windows and Ubuntu Linux LTS
- Requirements capture — consulting individually with academics to capture specific needs (OS preference, hardware requirements, upcoming research demands, DSE requirements), compiled into an ordering matrix
- Testing and imaging — prototyping builds on early-delivery hardware, creating stable images using Symantec Ghost for in-house deployment or pre-delivery imaging by the supplier
- Deployment — PXE-based imaging with automated domain joining via custom scripts, or direct desk-side deployment
This was early automation in practice — scripted, repeatable provisioning long before I’d ever heard the term “Infrastructure as Code.”
VOME Research Project#
I was approached by the lead researcher of the VOME project (Visualisation and Other Methods of Expression) to handle the project’s systems administration. VOME was a three-year collaborative research project between Royal Holloway’s ISG, Salford and Cranfield Universities, Consult Hyperion, and Sunderland City Council, exploring how people engage with concepts of information privacy and consent online. My responsibilities included web server creation and maintenance, WordPress and Moodle platform management, and acting as creative consultant for the project’s web presence.
Virtualisation & Storage#
I managed the departments’ virtualisation infrastructure — VMware with EMC storage across two datacentres, using High Availability and Dynamic Resource Scheduling — and led the physical-to-virtual (P2V) migration of legacy servers. I also provided dedicated user VMs for long-running computation, supporting researchers whose work demanded it.
Other Notable Work#
- Deployed and managed WordPress multi-site hosting for the Mathematics, Information Security, and Computer Science departments
- Wrote and delivered an “Introduction to Linux” course for new ISG and Computer Science students — my first experience teaching and coaching, something that would become central to my later leadership roles
- Directed and filmed an interview with Jeff Widener, the photographer behind the iconic Tiananmen Square “Tank Man” image, for the university
- Liaised with the central IT Service Department to deliver larger projects to the departments and the wider university
Responsibilities#
- Provide excellent customer experience to staff and students across three departments
- Manage and maintain servers running Ubuntu, SUSE, and Windows across four distinct networks, minimising user impact and outward-facing downtime
- Research, evaluate, and implement new services in consultation with the Network and Systems Manager
- Manage hardware lifecycle from procurement to disposal in line with college and departmental policy
- Maintain computer labs and provide teaching support for internal and external courses
- Document procedures and technical documentation in line with department policy
- Contribute to and maintain departmental IT policies
Technology#
- Operating Systems: Linux (Ubuntu, SUSE), Windows (Server and Desktop), macOS
- Virtualisation & Storage: VMware (HA, DRS), EMC storage, across two datacentres
- Deployment: Symantec Ghost, PXE imaging with scripted domain joining, Microsoft SCCM, Group Policy
- Networking: firewalls, VPN appliances, network infrastructure, four distinct networks
- Web & Platforms: Apache, WordPress (multi-site), Moodle, SaaS hosting
Why Royal Holloway Mattered#
Royal Holloway is the foundation of my entire career.
It’s where I learned to be a systems administrator, where I first worked with Linux, where I first managed virtualisation, and where I first taught. But more than any single skill, it’s where I learned to think about security — embedded for eleven years in one of the world’s leading cyber security research groups, where protecting data and reputation was the starting point for every decision.
That security-first instinct has shaped every role I’ve taken since: secure environments at Vodafone, sovereign cloud at UKCloud, classified defence systems at SiXworks, and NIS2 security governance at VIB. It all traces back here.
These eleven years were also my manual systems administration years — over a decade of doing the work by hand, building the kind of deep, practical understanding you can only earn the hard way. In 2017 I left for the University of Surrey to turn that hard-won, hands-on expertise into automation-first practice. It was the start of the DevOps chapter of my career — but you can’t automate well what you’ve never done by hand, and everything I automated later stood on the groundwork laid here.