Charles Richard Jackson
Contact : - 07768113497 / 01473 558640
http://www.cloudsecurityuk.com/
Key Skills
Cloud Security
Agile Development Sprint Security
Penetration Testing
Security Monitoring
Risk Assessment
HMG Accreditor (2006/7)
IT Security Technical Design Authority (2006/15)
Consultancy Service/Category Penetration Testing
Cyber Security, SIEM 2.0 , GPG13 compliance delivered, Hands on design and Implementation
Security Architecture
CLAS Consultant ( 2004-2015 )
Infosec Assurance & Support
Security Auditing & Reviews
Security Policy & Documentation
Risk Management Accreditation (RMADS)
Infrastructure Security Design
Technical Design Assurance
Security Gateway Design and Security Assurance (MOD)
ISO27001 Compliance
Education BA Economics
Technical Qualifications Experience and Training Summary
Competencies / Experience / Training /2017 CCSP ISC2 Qualified / Cloud Security Business Domains :-
Cloud Security Optimisation
Cloud Security Risk Mitigation
Cloud Security Operations
Cloud Security Compliance
CCSP Technical Domains :-
1. Cloud Security Architectural & Design Requirements
2. Cloud Data Security
3. Cloud Platform & Infrastructure Security
4. Cloud Application Security
5. Cloud Security Operations
6. Cloud Security Legal & Compliance
Qualifications / Activities / Roles
2004-2015 CLAS
2016 IISP Associate and CESG CCP Information Risk Practitioner
2008 ITPC Accreditor, by Waiver / CLAS
2006 ISO27001 Lead Auditor Cert, British Standards Institute
2005 CEH Certified Ethical Hacker, EC Council
2002-2016 - CISSP, (ISC)2
2002 CCSA (NG), Checkpoint
2000 CCSE 4.1, Checkpoint
2000 MCSE, Microsoft
1999 CCNA, Cisco
1998 MCP, Microsoft
1994 C.N.A, Novell / Penetration Testing
Cyber Security, SIEM 2.0 , GPG13 compliance delivered, Hands on design and Implementation
Security Architecture
CLAS Consultant ( 2004-2015 )
Infosec Assurance & Support
Security Auditing & Reviews
Security Policy & Documentation
Risk Management Accreditation (RMADS)
Accreditor ( 2006-2010)
Infrastructure Security Design
Technical Design Assurance
Security Gateway Design and Security Assurance (MOD)
ISO27001 Compliance
CISSP / CISSP Training :-
Access Control
Communications Security
Risk Management and Business Continuity Planning
Policy, Standards, and Organization
Computer Architecture and System Security
Law, Investigation, and Ethics
Application Program Security
Cryptography, including design to Manual V IPSEC / PKI standard.
Computer Operations Security
Physical Security
Pen Testing Skills
Soft SkillsEngagement Lifecycle
Law & Compliance
Understanding Explaining and Managing Risk
Record Keeping, Interim Reporting & Final Results
Core Technical Skills
IP Protocols
Network Architecture
Network Mapping & Target Identification
Interpreting Tool Output
Filtering Avoidance Techniques
OS Fingerprinting
Application Fingerprinting and Evaluating Unknown Services
Cryptography
Applications of Cryptography
File System Permissions
Audit Techniques
Background Information Gathering & Open Source Analysis
Registration Records
Domain Name Server (DNS)
Customer Web Site Analysis
NNTP Newsgroups and Mailing Lists
Networking Equipment Testing
Management Protocols
Network Traffic Analysis
Networking Protocols
IPSec
VoIP
Wireless
Configuration Analysis
Microsoft Windows Security Assessment
Domain Reconnaissance
User Enumeration
Active Directory
Windows Passwords
Windows Vulnerabilities
Windows Patch Management Strategies
Desktop Lockdown
Exchange
Common Windows Applications / Unix Security Assessment
User enumeration
Unix vulnerabilities
FTP Exploitation
Sendmail / SMTP Exploitation
Network File System (NFS)
"R* services Exploitation
X11 Exploitation
RPC services Exploitation
SSH Exploitation
Web Technologies
Web Server Operation
Web Servers & their Flaws
Web Enterprise Architectures
Web Protocols
Web Mark-up Languages
Web Testing Methodologies
Information Gathering from Web Mark-up
Authentication Mechanisms Exploitation
Authorisation Mechanisms
Input Validation Exploitation
Information Disclosure in Error Messages
Use of Cross Site Scripting Attacks
Use of Injection Attacks
Session Handling
Encryption
Source Code Review
Web Testing Techniques
Web Site Structure Discovery
Cross Site Scripting Attacks
SQL Injection
Parameter Manipulation
Directory Traversal
File Uploads
Code Injection
Databases
Microsoft SQL Server
Oracle RDBMS
Web / App / Database Connectivity
Cyber Security ( Information Assurance and Technical Security ) Skills
Past experience of implementation of GPG13 compliance through Microsoft SCOM (System Center Operations Manager) ( 2012/2013 Hands on design and Implementation.
I can set up , operate and act as 1st responder in the following areas.
Monitoring and Attack response systems installation and responder services
1. Behavioural Monitoring
1. Log Collection
2. Net flow Analysis
3. Service Availability Monitoring
2. Threat Detection
1. Network IDS
2. Host IDS
3. Wireless IDS
4. File integrity Monitoring to detect malware
5. Threat Intelligence
3. Asset Discovery
1. Active Network Scanning
2. Passive Network Scanning
3. Asset Inventory
4. Vulnerability Assessment
2. Authenticated/Unauthenticated Active Scanning
1. Breakdown of Scans
1. by Seriousness
2. Context
3. Impact
4. Fixes All Explained
5. Workarounds
5. Threat Intelligence
1. Co-ordinated Analysis, actionable Guidance
6. Detect covert connections
7. Attack Intelligence
1. Intelligent Attack Analysis
2. Correlation Rules Prebuilt
3. Cross Correlation Rules Prebuilt
4. Crowd Source threat intelligence dashboard and database currency
5. Activity with a Malicious Host Highlighted by country and source IP
6. Analysis of Trojan Infections by Client
1. Then Drill down into the Alarms
7. Knowledgebase on Every Incident for Rectification ..and Context
8. Crowd Sourced Threat Information
1. Populating Internal Databases
2. Activity with a Malicious Host Highlighted
9. Alarms Analysis
1. Alarms Analysis
1. Alarms Categorisation
2. Prioritisation of Command and Control Connections
2. Shows Cross Correlations of Events when an Alarm Happens
3. Normalisation Event Data for Examination ...simplification of Raw Log Data
1. Port Addresses and Mac Addresses All Broken Down...and Payload Snapshotted
4. Gives the Overall Context of All the Associated Alarms :- the Sequence of Events Leading to the Trojan Attack
5. Straight Correlation of Attacks to an Individual Device
6. All Related Actions Analysis from One Single Alarm
7. Db Shows the Hosts when Malicious connections made
8. Vulnerabilities of This Attacked Server Shown
9. Software Inventory of Attacked Server
10. SIEM component of system
1. Logs Compressed
2.digitally signs the logs for evidential strength
11. Scalability functional roles division
1. Sensor by Location
2. Server Management Centralised
3. Logger Raw Log Data
12. Compliance provision
1. PCI DSS mapping of alarms and reporting
2. GPG13 mapping of alarms and reporting
Security Testing ( Penetration Testing of Infrastructure and Web Applications )
http://www.moneyadviceservice.org.uk Web Application Security tested (2012). Use of Burp suite and vulnerability exploitation testing techniques open source tools and manual methods.
CONTRACTS : Work Undertaken
Micro Services Architecture project July 2015 to April 2016 Home Office
I have been working on the security architecture and security assurance of a Java microservices project. The Micro Services approach is following Government Digital Services guidelines and is being used to replace some major HMG systems. In this role I have arranged code dependency checking using Blackduck, arranged for code inspection using VCG, managed accreditation and dev security awareness training, acted as security officer, undertaken risk assessments, scoped pen tests under CHECK rules and consulted on security architecture for new additions and connections for the project. Procedures documented in Atlassian Confluence and projects initiated and monitored in Atlassian Jira.
In summary I
Lead the Accreditation process for internally managed systems, providing the programme with a conduit to Accreditors
Chaired Security Working Groups for Systems Programmes
Liaised with the Technical Design Authorities across Programmes, and CESG to ensure compliance with (or support exemptions from) departmental Security Architecture Principles
Contributed to the development of Non Functional security requirements to Programme Teams
Managed Programme level Security Testing strategy including external CHECK ITHCs, automated tools and internal penetration testing teams.
Provided security briefings for new Programmes
Reviewed Technical Proposals from suppliers to ensure adherence to HMG security requirements and risk management within programme risk parameters
Provided advice and guidance on security architecture principles and standards to Programme Colleagues, Suppliers and Managers (i.e. Technical Design Authority)
Analysed security technology industry and market trends, and determine their potential impact on the enterprise (and opportunities)
20th March 2015 Update http://www.empowering-communities.org/ www.ecins.org
Update : 20th March 2015 I had designed a new infrastructure for this social enterprise to allow their application to run in an infrastructure equivalent to the Gcloud infrastructure with IL0-2 to IL3 application bridge infrastructure. This is being tested at time of writing prior to acceptance by Police accreditor as 'fit for purpose' to share certain police information and to connect to the PSN including working on latest secure versions of SSL / TLS.
January to March 2015 World Tour
Visited Singapore Malaysia Australia New Zealand Hawaii and California
August 2014 to December 2014 Hewlett Packard (HP) Policy writing Team
I was awarded a contract to join the HP security policy writing team for Maersk Oil. Policies were written based on ISO27002 and using Information Security Forum materials and NIST standards as well as existing company standards..
November 2013 to August 2014 http://www.empowering-communities.org/ www.ecins.org
www.ecins.org / http://www.empowering-communities.org/
Working part-time for this organisation. They operate a state-of-the-art social casework Web application.
I have completed a GPG13 compliant Cyber monitoring design and a zoned architecture design incorporating IL2 to IL3 CESG design /IAP compliant citizen access gateway and IL3 backend enclave for PSN connection to central government partners.
I have also prepared full policy set including security policies Accreditation Maintenance Plan (AMP) Risk Management Document Set including Risk Assessment CHECK testing scope and Remediation Plan.
July 2013 to October 2013
Government Agency ( NCA / SOCA )
Policy and GSC Implementation advice to NCA. Working with GSC project manager to ensure efficient cut-over to new GSC . Working on the Architecture requirements for moving from PMS Confidential to GSC Secret. Working with partner organisations ACPO , police forces , Cabinet Office, stakeholders and CESG to produce Gap Analysis of requirements from CESG Information Assurance Portfolio ( IAP ) for operation of GSC from April 2014.
March 2013 to June 2013
www.ecins.org / http://www.empowering-communities.org/
Cyber Security Compliance
GPG13 protective monitoring compliance using SolarWinds LEM with additional controls.
CLAS Consultant
As CLAS consultant I have produced a detailed RMADs under GPG47 for shared services.
I have acted as conduit between Empowering Communities the parent organisation and the Pan Government Accreditor to establish the accreditation governance for them as a private sector organisation.
Acccreditor
As accreditor I have managed a remediation program to ensure that their policies and procedures are in line with IS1 and 2. The remediation program is also delivering GPG13 protective monitoring compliance.
1st October 2012 to 26th February 2013 IT Security Officer OFT and Security Consultant
SIEM ( Security Information and Event Management ) implementation for the department.
Represented IT security on internal and interdepartmental security committees.
Provided advice and information on IT security matters to the DSO, SIRO. IT Managed service Providers, users and others as required.
Supported and advised on the accreditation process ensuring correct codes of connection, particularly for those systems carrying protectively marked data or connected to the internet.
Ensured that suitable IT security obligations and onward management is reflected in IT service contracts.
Provided central point of contact on all IT security related issues, both internally and intra-departmentally.
Management of IT security investigations and reporting of IT security incidents/breaches in conjunction with DSO.
Advised the accreditor, DSO and where appropriate other business related areas, on any perceived changes in threat, security loopholes, infringements and vulnerabilities that may come to light.
Prepared security reports and conducted security surveys required by the Accreditor, DSO or SIRO.
Approved third party connections.
Ensured custody of HMG cryptographic materials.
Undertook PSN Code of Connection Application for OFT.
June 2012 to October 2012 http://www.empowering-communities.org/
Assisting with the accreditation of their key web application www.ecins.org
April 2012 to June 30th 2012 : Security Consultant and Agile Development Penetration Testing
www.moneyadviceservice.org.uk
Clas Consultancy
Reviewed & updated current risk assessment
Instigated and delivered full risk treatment plan.
Created and defined full detailed Syops document set
Co-ordinated and help run Security Working Group weekly forum.
Worked and aligned overall Security governance & process with SIRO
Acted as conduit for project & MAS BAU operations.
Provided validation and input into the system, deployment and data technical architecture.
Worked with agile development team to ensure they build to meet security requirements
Helped to define, build & execute robust security communications plan and strategy.
Help assure and review from a security perspective new pieces of work & technologies.
Review, define and assure project business continuity processes.
Defined and delivered Robust Compliance & Assurance model for security
Defined & delivered transition framework for projects transitioning into BAU from a security perspective.
Work with appointed full time Data Manager to hand over into BAU
Help define and delivery user security awareness and training techniques.
Delivered full ongoing/agile and pre-go live Application Security test of www.moneyadviceservice.org.uk
March 2012 – to April 2012 Not-for-Profit Social Enterprise CLAS Consultancy
I have been advising a ‘not for profit business’ on strategies and a plan for achieving HMG accreditation for their Web based social enterprise cross-department casework management system. This to be achieved through IAS1, IAS2 other HMG Infosec Standards and best practice guides including GPG47 for Shared Service and GPG13 for Protective Monitoring.
2011 October to 2012 March DVLA CLAS Consultancy
I have worked on Security governance projects for DVLA to improve mainframe utilisation and application migration to new platforms. This has included advising senior management on best practice security structures for achieving business improvements in their use of private sector partner services. I have also written an ISO27001 ISMS for the DVLA Tachograph management process. I have been involved in numerous security reviews for the agency.
2011 August - September CTAS ( CESG Tailored Assurance Service ) : Contributed to the design and functionality review of a Service Oriented Application Platform ( SOAP ) involving bespoke configuration of Websphere and Tivoli products for the MOD and the National Technical Authority.