Skills

Cybersecurity

  • Security Assessment and Testing
  • Security Operations
  • Log management, audit, intrusion detection and prevention, data protection, security policy, information classification,
  • Security and Risk Management: Business Continuity Planning, DRP, vulnerability assessment, security controls, penetration testing, ethics, MITRE ATT&ACK.
  • Asset Security: information classification, security policies, standards & guidelines, data remanence, roles and responsibilities, Identity and Access Management.
  • Security Engineering: NIST SP 800 series, ISO 27001 series, PCI DSS, Virtualization, security monitoring, secure communications (IPSec, VPN, SSL/TLS, PKI, key management), threat management (natural, supply systems, manmade).
  • Firewalls and filtering (iptables, Fortinet, Sophos, shorewall, fail2ban, ipf, filtering bridges, access lists, WAF), follow up, change detection, rules reviews and audits, IDS/IPS, network port security.

Tools (non-exhaustive list):

  • Host IDS: open-source tools such as OSSEC HIDS, Wazuh, Tripwire, AIDE,
  • Vulnerability management: Tenable.sc (Security Center), fully implemented.
  • SIEM: QRADAR, Splunk, ELK Stack which were installed or managed by third parties,
  • Scanners, pentesting: Nessus, nmap with plugins, Kali Linux.

Network

  • network architecture and design,
  • TCP/IP protocols, IPv6, OSI models,
  • routers, multilayer switches (Cisco, HP ProCurve),
  • LAN (including STP, MSTP), WAN, VLAN, WLAN,
  • SAN, Fibre Channel,
  • VPN, VoIP, routing protocols(BGP, OSPF), QoS, DVB. High-availability (incl. VRRP, HSRP), Network traffic analysis, remote access management.

Operating systems

  • UNIX based systems: Linux (Debian, Gentoo, Ubuntu, RedHat, CentOS, Oracle Linux), FreeBSD, OpenBSD, Solaris, AIX, Mac OS,
  • various hardware platforms (PC, Oracle/Sun, IBM, Blade servers, Raspberry Pi),
  • Virtualization technologies (vmware, QEMU, Xen, containers, Virtual Desktop Infrastructure),
  • System tuning & Troubleshooting.

Services

  • Email services and servers (SMTP, IMAP, anti spam, anti virus, mailing lists) and communication tools,
  • web (Apache, nginx, squid, Traffic server, haproxy), Web Application Firewalls (rWeb, ModSecurity, R&S WAF),
  • monitoring (Nagios, Cacti, Observium, OSSEC, ZenOSS, Zabbix, Checkmk, Prometheus, Icinga, custom development of extensions/plugins),
  • domain names and DNS.

Programming languages

  • Perl,
  • PHP,
  • shell,
  • Python,
  • concepts of C.

Databases

  • MySQL / MariaDB,
  • PostgreSQL,
  • Oracle,
  • MongoDB.

Misc

  • Process Improvement & Automation,
  • Staff & Business User Training,
  • Strategic Business / Project Planning,
  • Systems and applications integration,
  • Open Source Culture and Knowledge.

Attic

Obsolete, superseded or unusual products/technologies:

  • Newsgroups (INN),
  • NetSaint,
  • DenyAll rWeb,
  • serial lines.

Current trainings

  • Cloud Security: studying the CCSP guide,
  • IoT security,
  • GIS.