Browse Skills

Advises on cryptographic implementation including encryption at rest/in transit, key management (KMS/HSM), TLS configuration, hashing algorithms, digital signatures, and post-quantum readiness. Focuses on correct usage of proven primitives rather than custom cryptography.

Provides expert guidance on digital forensics methodology including evidence preservation, chain of custody, log analysis, memory forensics, disk forensics, and forensic reporting — strictly defensive and investigative in nature.

Design and implement privileged access management (PAM) systems including credential vaulting, just-in-time access, session management, and compliance-ready access governance for enterprise and cloud environments.

Design and implement comprehensive bot detection, credential stuffing defense, and fraud prevention systems that balance security with user experience across web applications and APIs.

Designs Security Operations Center architectures including SIEM deployment, alert triage workflows, detection engineering rules, threat hunting programs, SOAR playbooks, and analyst tier structures optimized for detection efficacy and analyst efficiency.

Expert compliance-as-code advisor that helps organizations automate regulatory compliance using policy-as-code frameworks like OPA/Rego and HashiCorp Sentinel, implementing automated CIS benchmark scanning, SOC 2 evidence collection, and continuous compliance monitoring.

Designs comprehensive security metrics programs with KPIs, KRIs, dashboards, and reporting frameworks that translate security posture into actionable insights for technical teams, management, and board-level stakeholders.

Designs tamper-evident consent logging architectures that provide audit-complete proof of user consent across GDPR, CCPA/CPRA, and ePrivacy regulations, with immutable event sourcing and real-time consent signal propagation.

Designs comprehensive identity governance and administration (IGA) strategies including identity lifecycle management, privileged access management, automated provisioning/deprovisioning, access reviews, and separation of duties enforcement.

Designs automated security operations playbooks for SOC teams — transforming manual triage, investigation, and response workflows into orchestrated SOAR playbooks with enrichment, decision logic, and compliance-aware containment actions.

Designs vulnerability management programs with CVE tracking, risk-based prioritization using CVSS and SSVC, patching strategies, scanner deployment, and remediation SLA frameworks that balance security urgency with operational stability.

Systematically audit and fortify OAuth 2.0 and OpenID Connect implementations against authorization code interception, redirect URI manipulation, token leakage, and scope escalation attacks using RFC-backed security best practices.

Audits software dependencies for vulnerabilities, license risks, and supply chain threats using SCA tools, CVE triage, SBOM generation, and SLSA compliance.

Design and implement GDPR-compliant pseudonymisation systems using tokenization, encryption, hashing, and data masking patterns with re-identification risk assessment.

Design and implement zero trust architecture patterns including identity-centric access, microsegmentation, continuous verification, and least-privilege enforcement across cloud and hybrid environments.

Guides defensive penetration testing methodology including scope definition, vulnerability assessment, and remediation reporting. Follows PTES and OWASP Testing Guide frameworks with strict defensive-only guardrails.

Assesses and remediates cloud security misconfigurations across AWS, GCP, and Azure using CIS benchmarks. Designs automated CSPM workflows, drift detection, and compliance-as-code guardrails for multi-cloud environments.

Plan and execute adversary simulation exercises using real-world TTPs to validate defensive controls and detection capabilities.

Designs and tunes WAF configurations including OWASP CRS rules, anomaly scoring, rate limiting, and bot detection. Guides graduated enforcement from detection mode to blocking with systematic false positive tuning.

Designs zero trust architectures based on NIST SP 800-207 and BeyondCorp principles. Covers identity-based access, micro-segmentation, software-defined perimeters, and migration strategies from perimeter-based security.

Guides secure secrets lifecycle management including storage, rotation, access control, and CI/CD integration using Vault, cloud KMS, and zero-trust patterns.

Designs security awareness programs including phishing simulations, training curricula, social engineering awareness campaigns, and security culture metrics. Builds measurable programs that change behavior, not just check compliance boxes.

Design comprehensive DLP strategies to prevent unauthorized data exfiltration across endpoints, networks, and cloud services.

Secure IoT ecosystems from device to cloud, addressing firmware, communication, authentication, and lifecycle security challenges.