Information Risk Management and Penetration Testing
Traditional security models focus on keeping external attackers out. The reality is that there are as many threats inside an organization as outside. Mobile technology, cloud computing, social media, employee sabotage and many many more.
Increasing the level of confidence in information security and risk assessment process is one of the most fundamental ways to focus on mitigating overall enterprise risk, determining appropriate levels of effort and resources and identifying where to add value.
Being keen on Information Security, I'm constantly increasing level of knowledge in that area for more than 10 years, having hands-on experience as a primary method and providing consultancy on threat intelligence, vulnerability identification, remediation, detection and countermeasure planning.
- Cloud security and privacy, information protection.
- Vulnerability assessment performing a regular attack and penetration (A&P) reviews of different systems, web apps, xxs, rce, injections.
- PKI, SSL, key exchange methods, cipher specs, types of encryption algorithms, hashes, MACs, etc.
- Network security audit, wireless networks and Physical Access Control Systems (PACS) penetration tests.
- IT Japanese version of Sarbanes-Oxley (JSOX), Enterprise Information Risks and Internal Controls assesment counterpart.
- In a process of application for CISSP cerification.
Enterprise Identity and Access Management
RFID and Near-Field Communication
Application and Software Development
Cloud Infrastructure Management and Architecture
Nix Architecture and System Administration
Windows Server Environment and Active Directory
Database Design and BI
Scripting and Automation
Firewalls, Enterprise and Application Gateways
Continuous Integration and Delivery
Office 365 Enterprise Services
SEO, Google, Yandex, Bing
Enterprise Mobility and Mobile Device Management
Information Technology Management
Servers, Hardware and Storages