[Cybersecurity Core Skill-Set]

Accomplished Academic Papers

Cybersecurity Program for (SME) Small and Medium-sized Enterprise Organizations Survival & Continuity

  • Cybersecurity program
  • Appropriate business strategies to ensure business sustainability, availability, and reliability
  • Interpret risk assessments, gap analysis, and current cybersecurity

  • Cybersecurity Training

  • System Design Document

  • Incident Response Management

  • Cybersecurity Test Validation Scheme

  • Cybersecurity Program Maintenance

  • Procedures to track performance

  • Procedures to monitor and measure performance for areas of improvement

  • Procedures to identify new threats, vulnerabilities, or any countermeasures

  • Procedures to obtain feedback on the effectiveness of policies

  • Procedures and technical tools to monitor the internal and external environment

  • Procedures for budget allocation

  • Procedures to catch any oversights

Small and Medium Business Cyber-Security Development Program: Business Cyber-Security Development, Book publication through Amazon Books: 

Cyber Security Academic Studies

  • Cyber Warfare and Applications

  • Enterprise Security Infrastructure Design

  • Technology Implementation of Security Solutions

  • Policy Management for Security Solutions

  • Penetration Testing and Risk Management

  • Enterprise Cyber Law and Compliance Strategies

  • Innovation in Security Frameworks

Soft Skills

  • Team Building,
  • Cross-functional Team Leadership,
  • Problem Solving, Management,
  • Experienced presentation skills,
  • Coaching, and mentoring,
  • Endpoint Security documentation & knowledge

Cyber Security

  • NIST Standards and Guidance
  • NIST SP 800-53, SP 800-37; SP 800-30
  • NIST Cybersecurity Framework Version 1.1
  • ISO/IEC 27001:2013 & ISO 17799
  • HITRUST CSF v9.1, Risk Management Framework 2018
  • ITIL, IT Service Management
  • Security Project Management
  • SOC II, III
  • (SDL) Security Development Life-cycle
  • (SDLC) Systems development life-cycle
  • Information Security Management
  • Risk Assessment
  • Cyber Security Disaster Recovery
  • Enterprise Architecture
  • Secure Network Architecture
  • Policies for: Securing Public Web Servers, Mobile Security, Electronic Mail, Security Continuous Monitoring, Security Pen Testing, etc..
  • Security Document Hierarchy
  • Requirements Analysis
  • Business Continuity Planning
  • Security Risk Management
  • Data Management Policies
  • Security Incident Responds

Cyber Laws and Regulatory Compliance

  • Federal Information Security Management Act (FISMA) 2014 compliance mandates to organizations.
  • State Data Breach Laws
  • (HITECH) Act 2009, Health Information Technology for Economic and Clinical Health
  • (HIPAA) Health Insurance Portability and Accountability Act of 1996
  • (SOX) Sarbanes Oxley, Act 2002, sections 302 and 404
  • (GDPR) General Data Protection Regulations 2018
  • (PCI-DSS) Payment Card Industry -Data Security Standard 2006
  • Copyright Law of the United States (Title 17) December 2016
  • NERC CIP (Critical Infrastructure Protection) 2013
  • Gramm-Leach-Bliley (GLB) Act of 1999
  • Enhancement of Privacy and Public Safety in Cyberspace Act 1999
  • Children’s Online Privacy Protection Act (COPPA) 1998
  • Computer Fraud and Abuse Act of 1984
  • Computer Security Act (CSA) 1987
  • Encryption Act of 1999

Access Control & Endpoint Security

  • Cisco Packet Tracer 7.2 used to create Network Defense System Diagrams
  • (DLP) Data Loss Prevention tools
  • (IDPS) Intrusion detection and prevention system
  • (SIEM) Security Information and Event Management
  • Firewalls, switches, and routers
  • Security Matters Silent Defense, used for (SCADA Bulk Electric (BES) Systems)
  • OSI model,
  • Network Protocols, Transport Protocols, and Ports
  • Social Engineering Security
  • Access Control Models
  • Access Control Requirements
  • Kill Chain
  • The five phases of a successful network penetration
  • Wireless security
  • IoT Internet of Things Security
  • Encryption
  • Active Directory
  • Penetration Testing
  • Vulnerabilities Testing
  • Network Security

Cloud Security

  • Cloud Services SaaS, IaaS; PaaS and Architecture, Azure.
  • Cloud Delivery Models: Private, Public, Hybrid, and Community Cloud, On-Premise and Off-Premise and Security controls.
  • Azure deployments of Dynamics AX 2012 R3

Cyber Security Analytic Tools

  • VMware
  • VirtualBox
  • NMAP/SENMAP
  • Wireshark
  • Kali Linux tools
  • OWASP ZAP
  • Nessus
  • Splunk 7.1.1
  • Metasploit
  • Burp Suite
  • CANVAS
  • FING
  • FOUNDSCAN
  • Backtrack5 r3
  • Open-Audit OPMANTEK
  • OpenVAS 8.0
  • sademo64
  • Microsoft Baseline Security Analyzer
  • Microsoft Windows Subsystem for Linux
  • PFSENSE
  • RAPID7
  • NETSPOT
  • OPAL-RT

Operation Systems

  • Windows 7
  • Windows 10
  • Mac OSX 10.13.6
  • Parrot Security 4.4 Linux
  • Ubuntu 18.10 Linux
  • Debian 9.6 Linux
  • Kali Linux 2018.2
  • Fedora 29 Linux Server
  • Fedora 29 Linux Workstation