STRATEGY DEVELOPMENT

• Develop a comprehensive information security framework that can address the organization’s requirements for information protection, incident prevention, detection and response based on the organization’s risk and alignment with industry best practice frameworks. Develop program on compliance management.

IT SERVICE MANAGEMENT

• Design, Create, Implement and review IT Service Management Processes as per ITIL compliance for Enterprise and Service Providers. Mapping ITIL Processes to ISO 20000 and ensure ISO certification.

SECURITY ROADMAP

• Develop customized roadmap with detailed project plans, identifying ownership, timelines and resource allocation for the effective implementation of the security strategies. Design and implement ISMS compliance framework in line with industry best practice. Standard ISO 27001, NESA and GDRP

VULNERABILITY ASSESSMENTS

• Scanning of the target infrastructure, establishing a baseline and making compliance easier by validating external posture.
• Providing an overall security picture at a lower cost with repeatable exercises.
• Periodically verifying assets are properly protected; evaluating recurring differentials and managing vulnerabilities.

PENETRATION TESTING (ETHICAL HACKING)

• Manual testing and exploits, in addition to false positive reduction of automated results.
• Taken from the perspective of a malicious external entity, or rogue internal resource.
• Verifying that defense in depth and response capabilities are working as designed, along with security controls validation.
• Required by many industry regulations and standards.

FIREWALL ASSESSMENT

• Planning, design and segmentation
• Configuration reviews
• Data center management
• Mobile Security/Cloud Computing

SECURITY EVENT MANAGEMENT (SEM/SIM/SIEM)

• Log consolidation, alerting and reporting
• Intrusion Detection / Prevention /NAC placement and tuning

BUSINESS CONTINUITY & DATA LOSS PREVENTION

• Know where the data resides and navigates
• Preventing data escaping the organization
• Plan, Design and Implement Solutions for Business Continuity
• Standard ISO 22301 Implementation and Audit

Team Certifications

• ISO 20000:2011 Lead Auditor
• ISO 27001:2013 Lead Auditor
• CISSP – (ISC)2 Certified Information Systems Security
• CFE – Certified Fraud Examiner Professional
• CHFI – EC-Council Certified Hacking and Forensics
• OSCP – Offensive Security Certified Professional
• ECSA – EC-Council Certified Security Analyst
• CEH – EC-Council Certified Ethical Hacker
• CISA – ISACA Certified Information Security Auditor
• PCI DSS Certified ex-QSA (Qualified Security Assessor)
• CCSA – Checkpoint Certified Security Administrator
• CAST-613