locsec/cybersec
1
Форкнуть 0
зеркало из https://github.com/SJKaczmarek/cybersec.git synced 2025-10-29 13:06:10 +02:00
Код Задачи Пакеты Проекты Релизы Вики Активность
cybersec/resources/skills.md
Sylvester Kaczmarek 7984ed44b3
Update skills.md
2025-03-25 23:13:55 +00:00

62 строки
6.9 KiB
Markdown
Исходник Ответственный История

# Cybersecurity Tools & Skills
This section outlines my technical skills and expertise across various cybersecurity domains, tools, and technologies.
## Core Cybersecurity Domains
* **Network Security:** Design, implementation, and management of secure network architectures; Firewall configuration and rule optimization (Cisco, Juniper, Palo Alto, pfSense); IDS/IPS deployment and tuning (Snort, Suricata); Network segmentation and micro-segmentation; VPN and secure remote access solutions (IPSec, OpenVPN, WireGuard), including considerations for high-latency environments.
* **System Security:** Operating system hardening (Linux, Windows, RTOS); Secure configuration management; Vulnerability management; Endpoint security (EDR/XDR implementation); Identity and Access Management (IAM) principles.
* **Cloud Security:** Cloud security principles (AWS, Azure, GCP) for ground segment infrastructure and data processing; Configuration of security groups and network ACLs; Identity management in the cloud; Understanding of container security (Docker, Kubernetes).
* **Application Security:** Secure software development lifecycle (SSDLC) principles, including secure coding practices for resource-constrained systems; Understanding of common web vulnerabilities (OWASP Top 10); Static and Dynamic Application Security Testing (SAST/DAST) concepts.
## Security Operations & Assessment
* **Vulnerability Assessment & Penetration Testing:** Utilizing tools like Nessus, OpenVAS, Metasploit, Burp Suite for comprehensive security testing; Manual penetration testing techniques; Reporting and remediation guidance, including RF-specific testing for communication links.
* **Security Auditing & Monitoring:** Log analysis and correlation; SIEM configuration and usage (ELK Stack, Splunk); Network traffic analysis (Wireshark, tcpdump, Zeek); Security audits based on frameworks like NIST and ISO 27001.
* **Incident Response:** Incident handling lifecycle (preparation, detection, analysis, containment, eradication, recovery, post-incident); Coordination of response efforts, including scenarios specific to space asset compromise or interference; Digital forensics fundamentals.
## Cryptography & Secure Communications
* **Encryption Technologies:** Implementation and management of symmetric/asymmetric encryption (AES, RSA), hashing algorithms (SHA-2/3), digital signatures, and PKI, including lightweight cryptography suitable for space systems.
* **Secure Protocols:** Deep understanding and implementation of secure communication protocols (TLS 1.3, DTLS, SSH, IPSec, QUIC); Protocol analysis and design for specialized environments (e.g., CCSDS Space Data Link Security (SDLS) protocols, delay-tolerant networking (DTN) security).
* **Data Integrity:** Ensuring data integrity through techniques like HMACs, authenticated encryption (AES-GCM), and error correction/detection codes relevant to noisy space channels.
* **Key Management:** Best practices for cryptographic key generation, distribution, storage, and lifecycle management, adapted for distributed and remote space assets.
## Specialized Security Expertise
* **Space & Satellite Systems Security:**
* **Satellite Bus & Payload Security:** Securing onboard computers, operating systems (RTOS, embedded Linux), and payload instruments.
* **TT&C Security:** Protecting Telemetry, Tracking, and Command links against unauthorized access, spoofing, and jamming (including RF layer security analysis).
* **Ground Segment Security:** Securing mission operations centers (MOCs), ground stations, communication networks, data processing pipelines, and cloud infrastructure supporting space missions.
* **Launch Segment Security:** Awareness of security considerations during integration, testing, and launch phases.
* **Space Data System Standards:** Deep familiarity with CCSDS standards (e.g., TC/TM, AOS, SDLS) and their security implications and extensions.
* **Space Supply Chain Security:** Understanding risks and mitigation strategies for hardware and software components used in space systems.
* **Resilience & Fault Tolerance:** Designing security architectures that accommodate the harsh space environment (radiation effects) and operational needs for resilience.
* **Regulatory Awareness:** Familiarity with space cybersecurity guidelines and directives (e.g., NIST SP 800-235, Space Policy Directives).
* **AI/ML Security:**
* Threat Modeling for AI Systems: Identifying unique vulnerabilities and attack vectors in AI/ML pipelines.
* Adversarial Machine Learning: Understanding and defending against evasion, poisoning, and inference attacks.
* Secure AI Development & Operations (MLSecOps): Securing ML pipelines, training data, model storage, and deployment environments.
* AI Governance & Responsible AI: Implementing security controls aligned with ethical AI principles, fairness, transparency, and accountability.
* Privacy-Preserving ML: Familiarity with techniques like federated learning, differential privacy, and homomorphic encryption in ML contexts.
* AI Red Teaming: Assessing the security posture of AI systems through simulated attacks.
* **Robotics & UAV Security:** Securing control systems and communication links for robotic and unmanned systems; Protection against hijacking and sensor spoofing; Embedded system security for robotic platforms.
* **Embedded & Control Systems Security:** Real-Time Operating System (RTOS) security considerations; Securing embedded Linux; Hardware security module (HSM) concepts; OT/ICS security fundamentals.
* **Geospatial Intelligence Security:** Applying security principles to GIS data handling and analysis workflows (ArcGIS); Secure transmission and storage of geospatial data.
## Programming & Automation
* **Python:** Security scripting for automation, analysis, tool development, AI/ML security tasks, and interacting with APIs (including space systems APIs where applicable).
* **Bash:** Linux/Unix shell scripting for system administration, automation, and security tasks.
* **Rust:** Developing performance-critical and memory-safe security tools and applications, suitable for embedded and space system components.
## Governance, Risk & Compliance (GRC)
* **Security Frameworks:** Implementation, assessment, and alignment with ISO 27001 and the NIST Cybersecurity Framework (CSF), including AI-specific risk considerations (e.g., NIST AI RMF) and space-specific adaptations.
* **Regulations:** Familiarity with key data protection and compliance requirements (GDPR, HIPAA, SOC 2 principles), emerging AI regulations, and relevant space directives/guidelines.
* **Risk Management:** Risk assessment methodologies; Threat modeling (including specific AI threat models like MITRE ATLAS and space-specific threat vectors).
---
Feel free to reach out via [LinkedIn](https://www.linkedin.com/in/sylvesterkaczmarek/) to discuss collaborations or professional inquiries.
Ссылка в новой задаче Показать git blame Копировать постоянную ссылку