Jibran Ilyas DIRECTOR



Similar documents
Minnesota State Community and Technical College Detroit Lakes Campus

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

Cyber - Security and Investigations. Ingrid Beierly August 18, 2008

Hunting for Indicators of Compromise

Data Center security trends

FALSE ALARM? Incident Management Case Study. Carlos Villalba

Project Title slide Project: PCI. Are You At Risk?

Advanced Threats: The New World Order

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Executive Cyber Security Training. One Day Training Course

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

University of Central Florida Class Specification Administrative and Professional. Information Security Officer

It Won t Happen To Me! A Network and PCI Security Webinar Presented By FMS and VendorSafe

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

Encyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted.

TOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE. ebook Series

CGI Cyber Risk Advisory and Management Services for Insurers

BAE Systems PCI Essentail. PCI Requirements Coverage Summary Table

Working with the FBI

PCI COMPLIANCE FOR HIGHER EDUCATION BEST PRACTICES CHECKLIST. Presented By: The Treasury Institute for Higher Education.

EC-Council Ethical Hacking and Countermeasures

Defending Against Data Beaches: Internal Controls for Cybersecurity

WHITE PAPER. PCI Basics: What it Takes to Be Compliant

How To Protect Yourself From Cyber Threats

Trend Micro VMware Solution Guide Summary for Payment Card Industry Data Security Standard

Top Five Data Security Trends Impacting Franchise Operators. Payment System Risk September 29, 2009

Principles of Information Assurance Syllabus

WILLIAM OETTINGER PHONE (702)

CHEAT SHEET: PCI DSS 3.1 COMPLIANCE

2010 Data Breach Investigations Report

Sniper Forensics v3.0 Hunt

Information Security Services. Achieving PCI compliance with Dell SecureWorks security services

Protecting Energy s Infrastructure and Beyond: Cybersecurity for the Smart Grid

HOW SECURE IS YOUR PAYMENT CARD DATA?

EMERGING THREATS & STRATEGIES FOR DEFENSE. Stephen Coty Chief Security

Information Technology Cluster

Assuria can help protectively monitor firewalls for PCI compliance. Assuria can also check the configurations of personal firewalls on host devices

Preempting Business Risk with RSA SIEM and CORE Security Predictive Security Intelligence Solutions

PCI Requirements Coverage Summary Table

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

Jumpstarting Your Security Awareness Program

What does it mean to be secure?

Allegany College of Maryland. 239 Cisco Networking 2 * Offered Fall semester and

Credit Cards and Oracle: How to Comply with PCI DSS. Stephen Kost Integrigy Corporation Session #600

How we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz)

PCI Requirements Coverage Summary Table

The Protection Mission a constant endeavor

How To Protect Visa Account Information

A PROVEN THREAT A TRUSTED SOLUTION MCCANN CYBER SECURITY SOLUTIONS

APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

How To Protect Your Credit Card Information From Being Stolen

Version 7.4 & higher is Critical for all Customers Processing Credit Cards!

Presented by Evan Sylvester, CISSP

Cybersecurity and internal audit. August 15, 2014

Using Automated, Detailed Configuration and Change Reporting to Achieve and Maintain PCI Compliance Part 4

Security. Tiffany Trent-Abram VP, Global Product Management. November 6 th, One Connection - A World of Opportunities

Agenda. Agenda. Security Testing: The Easiest Part of PCI Certification. Core Security Technologies September 6, 2007

Cybersecurity Awareness. Part 2

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

Data Security for the Hospitality

Securely Yours LLC IT Hot Topics. Sajay Rai, CPA, CISSP, CISM

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED

Keynote: FBI Wednesday, February 4 noon 1:10 p.m.

Everything You Always Wanted to Know About Log Management But Were Afraid to Ask. August 21, 2013

PCI Compliance: Improve Payment Security

Guidelines for Website Security and Security Counter Measures for e-e Governance Project

Becoming PCI Compliant

Tenzing Security Services and Best Practices

Cyber Risk Mitigation via Security Monitoring. Enhanced by Managed Services

PCI: It Never Ends. Why?

Attaining HIPAA Compliance with Retina Vulnerability Assessment Technology

Achieving Compliance with the PCI Data Security Standard

Report on CAP Cybersecurity November 5, 2015

Practical Steps To Securing Process Control Networks

SECURITY 2.0 LUNCHEON

Loophole+ with Ethical Hacking and Penetration Testing

Defense Cyber Investigations Training Academy (DCITA) Pre-Approved Training for CompTIA Continuing Education Units (CEUs)

ORGANIZADOR: APOIANTE PRINCIPAL:

Cyber Security Metrics Dashboards & Analytics

Security Risk Management Strategy in a Mobile and Consumerised World

Threat and Vulnerability Management (TVM) Protecting IT assets through a comprehensive program. Chicago IIA/ISACA

Agenda , Palo Alto Networks. Confidential and Proprietary.

External Supplier Control Requirements

167 th Air Wing Fast Track Cyber Security Blue Ridge Community and Technical College

Cyber Defense Operations Graduate Certificate

Transcription:

PROFESSIONAL EXPERIENCE STROZ FRIEDBERG, LLC Director, Incident Response, July 2015 to Present Assistant Director, Incident Response, August 2014 to July 2015 Assist in development of incident response methodologies and threat intelligence initiatives. Serve as investigative lead for high profile data breaches. Uses real time experience to benefit organizations with proactive risk assessments to minimize vulnerability to breaches. Lead the development of Threat Hunting capabilities, mainly the hunt for Advanced Persistent Threats (APT) and Point of Sale (POS) adversaries. HALOCK Security Labs Incident Response and Forensics Lead June 2013 August 2014 Team Lead for Crises Management and Investigations for data breach incidents. Plan Malware Threat Assessments for principal clients and devise strategies to combat the modern day threats via innovative Malware Kill Chain Strategies and Incident Response Plans. Conduct Advanced Malware Threat Assessments to test organizations Prevention, Detection and Response Controls for incidents. Conduct Malware Risk Assessments for organizations to come up with a holistic Malware Defense Strategy. Advisor for Incident Response Plans, First Responder Training and Threat Intelligence. PAKISTAN TEHREEK-E-INSAF Overseas Volunteer Coordinator for Election Campaign/Mobile Apps Lead Pakistan March 2013 May 2013 Led the team of 3000 overseas volunteers for the Election Campaign in Pakistan and led the iphone and Android Mobile Apps project. 150 North Wacker Drive, 60606

As a member of Social Media Core Team, created content for Facebook and Twitter Accounts. Development of Anti-Rigging website and other Election Day activities. TRUSTWAVE Senior Security Consultant June 2007 March 2013 Led the investigations on high-profile and publicly disclosed data breaches across the world. Speaker at Several Global Conference and researcher for published security advisories. Designed and delivered Forensic Training to Federal Law Enforcement agencies in USA and Canada. Conducted research in Memory Analysis and presented a talk at DEFCON Skytalks on the subject. Deep knowledge of Security Threats in the Commercial, Education, and Government environments. Knowledge of Incident response methodology and forensic tools such as EnCase, FTK, SIFT, F-Response, Volatility, Memoryze, lot2timeline, Sleuth Kit. Worked on new forensic methodology using Open Source Forensic Tools. Speaker at BlackHat, DEF CON, SecTor, SOURCE Barcelona. Featured by security publications including Dark Reading, Infoworld, Threatpost, IT World and Search Security. Established relationships with all major card brands, PCI Security Standards Council, Processing Banks, and Federal Law Enforcement agencies. Member of United States Secret Service Electronic Crimes Task Force (USSS ECTF). Assisted Federal Law Enforcement agencies in intelligence & suspect profiling. AMBIRONTRUSTWAVE Network Security Engineer, Manager Security Services 150 North Wacker Drive, 60606

February 2006 June 2007 Provided Security Architecture advice to Fortune 500 clients and managed their security operations from Firewall configurations, Intrusion Detection Systems and Log Monitoring. Vulnerability Assessment and design Security Architectures for clients. Manage and build client Intrusion Detection Systems and Internal Vulnerability Scanners. CLARK CONSULTING IT Infrastructure & Security Engineer July 2004 February 2006 Performed audit on the infrastructure of the data centers and offices to make them SEC compliant. Configured daily backups and drafter disaster recovery plan & technology policy to ensure confidentiality, integrity and availability of the network. Configured Nagios on Linus to monitor the hosts; configured Snort as a network IDS; installed a Syslog server to centralize logging. Management of Exchange 2003 servers with Anti Virus/Anti Spam Filters. Network Security Management / Infrastructure Support / Disaster Recovery Planning Cisco PIX and IDS Management along with security auditing of systems. Cisco VOIP Management (Call Manager and Unity Servers). MORGAN STANLEY DEAN WITTER IT Intern Coordinator December 2002 July 2004 Provided technology support for Morgan Stanley s two Loop offices. Designed and maintained Chicago Complex website which integrated the data from two Loop offices and Oakbrook Branch. Also interviewed and hired interns for two quarters for Loop offices. Provided software and technical support to the senior financial advisors and other managers. Write technical manuals for new technologies and software. 150 North Wacker Drive, 60606

HOMETECH COMPUTER SOLUTIONS Network Engineer Part Time Consulting July 2003 February 2005 Created a guide to combat the spyware problem which included custom registry scripts and a custom toolkit. Plan growth of business by introducing cutting edge services and keeping positive relationships with clients and prospects. EDUCATION NORTHWESTERN UNIVERSITY Masters in Information Technology (Class of 2009) Focus on Infotech Management Courses taught by McCormick and Kellogg Schools Faculty DEPAUL UNIVERSTIY Bachelors of Science in Networks Technology (Class of 2005) Focus on Network Security TRAINING CERTIFICATIONS Qualified Security Assessor, (QSA) Cisco Certified Network Associate, (CCNA) Security + (CompTIA) Network Security (IPD) PUBLICATIONS Co-Author of Trustwave s Global Security Reports from 2011 to 2013 Co-Author of Malware Freakshow (BlackHat Whitepaper) Lead Researcher on Visa Data Security Alert on Memory Dumper Malware 150 North Wacker Drive, 60606

Researcher on Evolution of POS Malware LECTURES AND PRESENTATIONS Speaker at Department of Homeland Security Technical Threat Intelligence Exchange 2015 Speaker at University of Chicago, Tech Talk Anatomy of a Data Breach, a view from the Trenches 2014 Speaker at CAMPIT Enterprise Risk / Security Management 2013 (Malware Risk Assessment) Speaker at HITEC Hospitality Technology Show 2013 (Security Hospitality PII) Speaker at Cyber Secure Pakistan 2013 (Forensics Case File) Presenter at Chase/MasterCard Merchant Seminar (Trustwave Global Security Report) Co-presented at Microsoft s Digital Crimes Consortium 2011 (POS Forensic Investigations) Trainer at United States Secret Service (Incident Response and Digital Forensics) Presented at HITEC World Largest Hospitality Technology Show (Hospitality Attacks and Malware) Speaker at SecTor and DEF CON 2011 (Malware Freakshow 3) Speaker at SOURCE Barcelona (BlackHats don t always win) Speaker at BlackHat, SecTor and DEF CON 2010 (Malware Freakshow 2) Speaker at DEF CON 2009 (Malware Freakshow) AWARDS Recipient of a four-year, full tuition scholarship to DePaul University. Winner of a TV show Who wants to win a Scholarship 150 North Wacker Drive, 60606

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information