Info Tech Security via Intrusion Prevention / Detection and Penetration testing
Whilst IT security must considered part of every networking and development throught it's become a dicipline in it's own right so I've included a specific section on it.
Intrustion Detection and Prevention
1) Through observation, IT monitoring and Development
Graphs, Nagios, Software testing and good practice development to avodinf first and second order SQL injection
2) Specific systems
Snort as an IPS at layer 2 using regex to provide an additional layer of protection, without the complexity of a application firewall / proxy to mitigate data loss (DLP) alert on a higher OSI level compromise
Active / Dynamic Firewalling
In 2019/20 I became very interested in dynamic firewalling (particularly in light of the COVID-19 pandemic where services that might otherwise be limited to LAN access moved to public acess).
Null routing IP addresses from FireHOL Cybercrime IP Feeds is a good start. Null routing is more efficient than using a packet inspection firewall.
(Automated) log analysis is used to detect and dynamically block abusive traffic. NXLog (installed with PowerShell) was used to get windows logs to central point.
Familiarity with Kali Linux automated Web pentesting tools and OBD-II / Canbus hacking (latter in a personal capacity only)
Happy to work as an Employee, Consultant, Contractor / Self Employed or via Limited Company