'Implementing microsegmentation using Akamai Guardicore Segmentation to map application dependencies, create

Deploy Mimecast Targeted Threat Protection including URL Protect, Attachment Protect, Impersonation Protect,

Implement MITRE ATT&CK coverage mapping to identify detection gaps, prioritize rule development, and measure

'Implements Mobile Application Management (MAM) policies to protect enterprise data on managed and unmanaged

'Configures mutual TLS (mTLS) authentication between microservices using Python cryptography library for certificate

'This skill covers implementing North American Electric Reliability Corporation Critical Infrastructure Protection

Deploy Cisco Identity Services Engine for 802.1X wired and wireless authentication, MAC Authentication Bypass,

'Implements 802.1X port-based network access control using RADIUS authentication, PacketFence NAC, and switch

Deploy and manage network honeypots using OpenCanary, T-Pot, or Cowrie to detect unauthorized access, lateral

Deploy and configure Suricata as a network intrusion prevention system with custom rules, Emerging Threats rulesets,

Kubernetes NetworkPolicies provide pod-level network segmentation by defining ingress and egress rules that control

'This skill covers implementing network segmentation in Operational Technology environments using VLANs, industrial

Design and implement network segmentation using firewall security zones, VLANs, ACLs, and microsegmentation policies

Deploy and query Arkime (formerly Moloch) for full packet capture network traffic analysis. Uses the Arkime API

Build network traffic baselines from NetFlow/IPFIX data using Python pandas for statistical analysis, z-score

Configure and deploy Palo Alto Networks next-generation firewalls with App-ID, User-ID, zone-based policies,

Enforce Kubernetes admission policies using OPA Gatekeeper with ConstraintTemplates, Rego rules, and the Gatekeeper

'Develop and implement OT-specific incident response playbooks aligned with SANS PICERL framework, IEC 62443,

'Deploy Nozomi Networks Guardian sensors for passive OT network traffic analysis to achieve comprehensive asset

Deploy privileged access management for database systems including Oracle, SQL Server, PostgreSQL, and MySQL.

'Implements passwordless authentication using Microsoft Entra ID with FIDO2 security keys, Windows Hello for

Deploy FIDO2/WebAuthn passwordless authentication using security keys and platform authenticators. Covers WebAuthn

'This skill covers implementing a structured patch management program for OT/ICS environments where traditional

Patch management is the systematic process of identifying, testing, deploying, and verifying software updates

PCI DSS 4.0.1 establishes 12 requirements across 6 control objectives for organizations that store, process, or transmit cardholder data. With PCI DSS 3.2.1 retiring April 2024 and 51 new requirements

Implement Kubernetes Pod Security Admission to enforce baseline and restricted security profiles at namespace

'This skill covers implementing Open Policy Agent (OPA) and Gatekeeper for policy-as-code enforcement in Kubernetes

Deploy CyberArk Privileged Access Management to discover, vault, rotate, and monitor privileged credentials across

Design and implement Privileged Access Workstations (PAWs) with device hardening, just-in-time access, and integration

'Implements privileged session monitoring and recording using Privileged Access Management (PAM) solutions, focusing

Deploy and configure Proofpoint Email Protection as a secure email gateway to detect and block phishing, malware,

'Implement network segmentation based on the Purdue Enterprise Reference Architecture (PERA) model to separate

'Designs and implements a ransomware-resilient backup strategy following the 3-2-1-1-0 methodology (3 copies,

'Detects and exploits ransomware kill switch mechanisms including mutex-based execution guards, domain-based

Deploy and configure Rapid7 InsightVM Security Console and Scan Engines for authenticated and unauthenticated

Harden Kubernetes Role-Based Access Control by implementing least-privilege policies, auditing role bindings,

RSA (Rivest-Shamir-Adleman) is the most widely deployed asymmetric cryptographic algorithm, used for digital

Deploy Runtime Application Self-Protection (RASP) agents to detect and block attacks from within application

Implement eBPF-based runtime security observability and enforcement in Kubernetes clusters using Cilium Tetragon

Implement SAML 2.0 Single Sign-On (SSO) using Okta as the Identity Provider (IdP). This skill covers end-to-end

Implement automated user provisioning and deprovisioning using SCIM 2.0 protocol with Okta as the identity provider.

'This skill covers implementing Gitleaks for detecting and preventing hardcoded secrets in git repositories.

'This skill covers deploying HashiCorp Vault for centralized secrets management across cloud environments, including

Integrate gitleaks and trufflehog into CI/CD pipelines to detect leaked secrets before deployment

'Implements security chaos engineering experiments that deliberately disable or degrade security controls to

'Create, validate, and share STIX 2.1 threat intelligence objects using the stix2 Python library. Covers indicators,

'Implements security monitoring using Datadog Cloud SIEM, Cloud Security Management (CSM), and Workload Protection

Write custom Semgrep SAST rules in YAML to detect application-specific vulnerabilities, enforce coding standards,

Write multi-event correlation rules that detect APT lateral movement by chaining Windows authentication events,

Tune SIEM detection rules to reduce false positives by analyzing alert volumes, creating whitelists, adjusting