Integrate AFL++ coverage-guided fuzz testing into CI/CD pipelines to discover memory corruption, input handling,

Implement GCP Binary Authorization to enforce deploy-time security controls that ensure only trusted, attested

'Automates GDPR Data Subject Access Request (DSAR) workflows including identity verification, PII discovery across

Configure GitHub Advanced Security with CodeQL to perform automated static analysis and vulnerability detection

'Implements comprehensive Google Workspace security hardening including admin console configuration, phishing-resistant

'Deploy and configure Tofino industrial firewalls from Belden/Hirschmann to protect SCADA systems and PLCs using

Sign and verify container image provenance using Sigstore Cosign with keyless OIDC-based signing, attestations,

'Implements immutable backup strategy using restic with S3-compatible storage and object lock for ransomware-resistant

'This skill covers implementing automated security scanning for Infrastructure as Code (IaC) templates using

ISO/IEC 27001:2022 is the international standard for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). This skill covers the complete

Implement Kubernetes network segmentation using Calico NetworkPolicy and GlobalNetworkPolicy for zero-trust pod-to-pod

'Implements memory protection mechanisms including DEP (Data Execution Prevention), ASLR (Address Space Layout

Implement MITRE ATT&CK coverage mapping to identify detection gaps, prioritize rule development, and measure

'Implements Mobile Application Management (MAM) policies to protect enterprise data on managed and unmanaged

Deploy and configure Suricata as a network intrusion prevention system with custom rules, Emerging Threats rulesets,

Build network traffic baselines from NetFlow/IPFIX data using Python pandas for statistical analysis, z-score

Enforce Kubernetes admission policies using OPA Gatekeeper with ConstraintTemplates, Rego rules, and the Gatekeeper

'Develop and implement OT-specific incident response playbooks aligned with SANS PICERL framework, IEC 62443,

Deploy FIDO2/WebAuthn passwordless authentication using security keys and platform authenticators. Covers WebAuthn

Patch management is the systematic process of identifying, testing, deploying, and verifying software updates

Implement Kubernetes Pod Security Admission to enforce baseline and restricted security profiles at namespace

Deploy Runtime Application Self-Protection (RASP) agents to detect and block attacks from within application

Implement automated user provisioning and deprovisioning using SCIM 2.0 protocol with Okta as the identity provider.

'Create, validate, and share STIX 2.1 threat intelligence objects using the stix2 Python library. Covers indicators,

Write custom Semgrep SAST rules in YAML to detect application-specific vulnerabilities, enforce coding standards,

Automate phishing incident response using Splunk SOAR REST API to create containers, add artifacts, and trigger

STIX (Structured Threat Information eXpression) and TAXII (Trusted Automated eXchange of Intelligence Information)

Configure rsyslog for centralized log collection with TLS encryption, custom templates, and log rotation. Generates

Deploy and configure an OpenTAXII server to share and consume STIX-formatted cyber threat intelligence using

'Implements threat modeling using the MITRE ATT&CK framework to map adversary TTPs against organizational assets,

Deploy and operate Greenbone/OpenVAS vulnerability management using the python-gvm library to create scan targets,

'This skill covers integrating OWASP ZAP (Zed Attack Proxy) for Dynamic Application Security Testing in CI/CD

'This skill covers integrating Static Application Security Testing (SAST) tools—CodeQL and Semgrep—into GitHub

'Intercepts and analyzes HTTP/HTTPS traffic from mobile applications using Burp Suite proxy to identify insecure

'Manages the end-to-end cyber threat intelligence lifecycle from planning and direction through collection, processing,

'Maps observed adversary behaviors, security alerts, and detection rules to MITRE ATT&CK techniques and sub-techniques

Configure and execute access recertification campaigns in Saviynt Enterprise Identity Cloud to validate user

Conduct systematic access reviews and certifications to ensure users have appropriate access rights aligned with

Conduct a focused Active Directory penetration test to enumerate domain objects, discover attack paths with BloodHound,

Use AI and LLM-based reasoning to correlate findings across multiple OSINT sources—username enumeration, email

Perform systematic alert triage in Elastic Security SIEM to rapidly classify, prioritize, and investigate security

'Uses Microsoft RESTler to perform stateful REST API fuzzing by automatically generating and executing test sequences

'Performs API inventory and discovery to identify all API endpoints in an organization''s environment including

'Tests API rate limiting implementations for bypass vulnerabilities by manipulating request headers, IP addresses,

'Uses Postman to perform structured API security testing by building collections that test for OWASP API Security

'Simulates ARP spoofing attacks in authorized lab or pentest environments using arpspoof, Ettercap, and Scapy

Develop and apply a multi-factor asset criticality scoring model to weight vulnerability prioritization based

Authenticated (credentialed) vulnerability scanning uses valid system credentials to log into target hosts and

'Performing authorized privilege escalation assessments in AWS environments to identify IAM misconfigurations

'Simulates bandwidth throttling and network degradation attacks using tc, iperf3, and Scapy in authorized environments