Select Page
Intellfence Job placement and mentoring program

Intellfence Job placement and mentoring program

Job placement And mentoring program

We train and bring security professionals together with a potential employer.

Why A CyberSecurity Job Placement & Mentoring Program?

The Cybersecurity Industry is constantly evolving hence the need for more cybersecurity professionals. Due to this increased demand individuals and organizations are facing competencies problems. How do interested candidates acquire and prove their competencies? How do organizations recruit and train people with the right competencies?  This is made more complex due to the vast cybersecurity work domains.  It can be challenging for many to find their niche in this industry.

Our Job placement & mentoring program brings  potential employers and cybersecurity professionals together.

For the Employees

We help individuals to build a career in cybersecurity by providing experienced-based training and mentoring. In many ways, cybersecurity is like any other industry such as engineering or healthcare. There are many directions to choose from and many paths to specialization. To get a job and grow a career in Cybersecurity you will need to choose which of the different path you find interesting

For the Employers

We help organizations to find out the type and level of cybersecurity professionals they need and help them train candidates to fill these positions. Through our continue professional education we continue to provide these professionals the skills needed to turn their knowledge into abilities.

Who Is This Program For?

Young School Graduates

Young people just leaving school may find themselves not qualified enough to get a job with the cybersecurity industry because of lack of experience and not earning the right qualifications in school. The job placement and mentoring program help these people to increase their competencies

People Looking To Switch Career

The future is Cybersecurity, Cloud and Artificial Intelligence and Big Data. Many people in Information Technology today doing jobs as System Administrator, help desk or Database administrators might be out of job due to sophistication of AI systems in the future which could take over these types. Therefore, there a need for people to make a Switch to Cybersecurity which spans multiple sectors.

Experienced IT Specialist

If you have been in the Information Technology industry for years, and now feel you need to move higher into Information Security Management for job functions as CISO or CSO but having difficulties financing the one then this is the program for you.

Software & Database Developers

The field of cybersecurity is very wide. This is ongoing to increase in the next few years. Software are actually the best people to build security into software. However, many software developers lack security skills. This program is for you if you are such a software or database developer who would like to add security skills to software development.

How Does The Program Works?

We engage interested professionals in a one-to-one consultation, so we can create a recommendation for them based on their work experience and their choice of career they would like to pursue. During this consultation we make use of The National Initiative for Cybersecurity Education Cybersecurity Workforce Framework (NICE Framework) to help them map out their career path. Based on this a training program is created which will take the person from zero to a security professional within 6 months. 

The US national Institute of Standard and Technology (NIST) published a framework called the NICE Framework which is designed to help both employers and potential employees to zoom in on the knowledge and skills that is needed in the Cybersecurity industry. Using the NICE framework, we can help train and mentor people into cybersecurity professional within their chosen path. The NICE framework divides the Cybersecurity workforce into the following speciality areas:

For Employee

The NICE framework enables an organization to successful recruit and train security professionals for multiple roles in the organization. Provides  information about workforce needs for a giving function.

For Students

The NICE Framework presents clear information about cybersecurity work to help people looking for a new job or to change job roles, and workers looking to demonstrate or increase their competencies.

For Educators

The NICE framework provides information about what a candidate needs to know to be efficient in the Cybersecurity industry. Educators can develop better educational programs. Certificates.

Components of the NICE Framework

Securely Provision

Concerned with conceptualizing, designing, and building secure IT systems, with responsibility for some aspect of the systems’ development.

  • Risk Management
  • Software Development
  • System Architecture
  • System Development
  • Systems Requirements Planning
  • Technology R&D
  • Test and Evaluation
Oversee and Govern

Provides leadership, management, direction, or development and advocacy so the organization may effectively conduct cybersecurity work.

  • Cybersecurity Management
  • Executive Cyber Leadership
  • Legal Advice and Advocacy
  • Program /Project Management and Acquisition
  • Strategic Planning and Policy
  • Training, Education and Awareness
Operate and Maintain

Responsible for providing the support, administration, and maintenance necessary to ensure effective and efficient IT system performance and security.

  • Customer Service and Technical Support
  • Data Administration
  • Knowledge Management
  • Network Service
  • Systems Administration
  • System Analysis
Analyze

Specialty areas responsible for highly specialized review and evaluation of incoming cybersecurity information to determine its usefulness for intelligence.

  • All Source Analysis
  • Exploitation Analysis
  • Language Analysis
  • Targets
  • Threat Analysis
Protect And Defend

Identification, analysis, and mitigation of threats to internal IT systems or networks. Uses defensive measures and information collected from a variety of sources to identify, analyse, and report events that occur or might occur within the network to protect information, information systems, and networks from threats.

  • Cyber Defence Analysis
  • Cyber Defence Infrastructure Support
  • Incident Response
  • Vulnerability Assessment and Management
Collect And Operate

Responsible for specialized denial and deception operations and collection of cybersecurity information that may be used to develop intelligence.

  • Collection Operation
  • Cyber Operational Planning
  • Cyber Operations
Investigate

Responsible for detecting and analyzing cyber events and/or crimes of IT systems, networks, and digital evidence.

  • Cyber Investigation
  • Digital Forensics

Security Management Professional Example

Using the NICE Framework we are able to map out the career path and train people with the right competencies as to effectively manage information security programs in an organization. This program provide Job competencies such for Chief Information Security Officer (CISO), Chief Security Officer (CSO), Security or Compliance Manager.

Specialty Area
Oversee & Govern
Description
Oversees the cybersecurity program of an information system or network, including managing information security implications within the organization, specific program, or other area of responsibility, to include strategic, personnel, infrastructure, requirements, policy enforcement, emergency planning, security awareness, and other resources.
Related Jobs
Information Systems Security Manager
Chief Information Security Officer (CISO)
Security Security Officer (CSO)
IT Program Manager
Product Support Manager
IT Investment/Portfolio Manager
IT Program Auditor
Certification Training
CompTIA Security +
ISC2 Certified Information Systems Security Professional (CISSP)
ISC2 Certified Cloud Security Professional (CCSP)
ISACA Certified Information Security Management (CISM)
EC Council Certified Chief Information Security Officer (CCISO)
ISACA Certified in Risk and Information Security Control (CRISC)
CompTIA Advanced Security Practitioner (CASP+)
CompTIA Cloud+

To Protect & Defend Function

Specialty Area
Protect & Defend
Description
Tests, implements, deploys, maintains, reviews and administers the infrastructure hardware and software that are required to effectively manage the computer network defense service provider network and resources. Monitors network to actively remediate unauthorized activities.
Related Jobs
IDS Administrator
IDS Engineer
IDS Technician
Information Systems Security Engineer
Network Administrator
Network Analyst
Network Security Engineer
Network Security Specialist
Security Analyst
Security Engineer
Security Specialist
Systems Security Engineer
Certification Training
Comptia A+
Netowrk +
Security +
Cloud +
CySA+
CASP+
PenTest+
CEH

GET IN TOUCH

Specialist Security training

Specialist Security training

Intellfence Security Training

List of our available Intellfence Specialist security training programs.

Sorry, no events were found.

Information Security Mastering Program

Certification subjects covered

  • ISC2 Certified Information Systems Security Professional (CISSP)
  • ISACA Certified Information Security Management (CISM)
  • EC Council Certified Chief Information Security Officer (CCISO)
  • ISACA Certified in Risk and Information Security Control (CRISC)

SEC106 Certified Information Security Management CISM Exam Training Course

Certified Information Security Management (CISM) Exam Prep

All training runs from 9:00 to 16:30 every day and conducted in English language unless explicitly stated.

About the Certified Information Security Management CISM Exam Training Course

The Certified Information Security Management (CISM) Exam preparation training is a refresher course designed for you to help you pass the CISM exam if you are having some difficulties with it. You will need this course if:

1. You have undergone the CISM training a while back and feel you need some refresher course to pass the exam?

2. You went through a Self study program and would like an instructor to help with the finishing touches to prepare for the exam.

3. Furthermore, you have taken the exam before and have not  been unsuccessful, and you are  having challenges in understanding the English language questions.

If any of the above applies to you this two-day program will  help you to prepare for the exam with the support from an experience instructor.

Key Features of this CISM Exam Training:

  • Earn CISM certification.
  • Review over 170 questions with the instructor with explanation and examples.
  • Access to hundreds of additional exam prep questions
  • After training communicating with the instructor via our social learning portal.

You Will Learn How To:

  • Strategically focus your preparation for CISM Certification.
  • Understand your area of weakness and how to zoom in those areas and optimized your result.
  • Properly review the questions and eliminate bogus options to get the correct answer.

The Online Classroom includes:

  • Access to recordings and course content for 360 days.
  • Interactive flash cards to reinforce learning.
  • Independent reading and learning activities.

Course Description

Domain 1 - Information Security Governance

  • Effective Information Security Governance
  • Key Information Security Concepts and Issues
  • The IS Manager
  • Scope and Charter of Information Security Governance
  • IS Governance Metrics
  • Developing an IS Strategy – Common Pitfalls
  • IS Strategy Objectives
  • Determining Current State of Security
  • Strategy Resources
  • Strategy Constraints
  • Action Plan Immediate Goals
  • Action Plan Intermediate Goals

Domain 2 - Information Risk Management

  • Effective Information Security Risk Management
  • Integration into Life Cycle Processes
  • Implementing Risk Management
  • Risk Identification and Analysis Methods
  • Mitigation Strategies and Prioritisation
  • Reporting Changes to Management

Domain 3 - Information Security Program Development and Management

  • Planning
  • Security Baselines
  • Business Processes
  • Infrastructure
  • Malicious Code (Malware)
  • Life Cycles
  • Impact on End Users
  • Accountability
  • Security Metrics
  • Managing Internal and External Resources

Domain 4 - Information Security Incident Management

  • Implementing Effective Information Security Management
  • Security Controls and Policies
  • Standards and Procedures
  • Trading Partners and Service Providers
  • Security Metrics and Monitoring
  • The Change Management Process
  • Vulnerability Assessments
  • Due Diligence
  • Resolution of Non-Compliance Issues
  • Culture, Behavior and Security Awareness

Our Guarantee:

If you didn’t pass this exam at your first try after the refresher course then you will be free to participate free of charge in our next refresher program.

What is Supply Chain Attack?

A supply chain attack is a cyber-attack that seeks to damage an organization by targeting less-secure elements in the supply chain. A supply chain attack can occur in any industry, from the financial sector, oil industry or government sector. Cybercriminals typically tamper with the manufacturing process of a product by installing a rootkit or hardware based spying components. In an Internet Security Threat Report, powered by Symantec, it is stated that supply chain attacks still continue to be a feature of the threat landscape, with an increase by 78 percent in 2018.

In a more general sense a supply chain attack may not necessarily involve electronics. In 2010 when burglars gained access to the pharmaceutical giant Eli Lilly’s supply warehouse. By drilling a hole in the roof and loading $80 million worth of prescription drugs into a truck. They could also have been said to carry out a supply chain attack.

In cybersecurity terms, the Target security breach, Eastern European ATM malware, as well as the Stuxnet computer worm are examples of supply chain attacks. A supply chain attack involves tampering with electronics or software in order to install undetectable malware for the purpose of bringing harm to a player further down the supply chain network.

Generally, supply chain attacks on information systems begin with an advanced persistent threat that determines a member of the supply network with the weakest cybersecurity to affect the target organization. According to an investigation produced by Verizon Enterprise, 92% of the cybersecurity incidents analyzed in their survey occurred among small firms.

APT’s can often gain access to sensitive information by physically tampering with the production of the product. In October 2008, European law-enforcement officials uncovered a highly sophisticated credit-card fraud ring that stole a customer’s account details by using untraceable devices inserted into credit-card readers made in China. This help criminals to gain access to account information and make repeated bank withdrawals and Internet purchases, amounting to an estimated $100 million in losses.

The threat of a supply chain attack poses a significant risk to modern day organizations. The attacks are not solely limited to the information technology sector but also supply chain attacks affect the oil industry, large retailers, the pharmaceutical sector and virtually any industry with a complex supply network.

The Information Security Forum explains that the risk derived from supply chain attacks is due to information sharing with suppliers. It states that “sharing information with suppliers is essential for the supply chain to function, yet it can also lead to Information compromised in the supply chain and can be just as damaging as compromised from within the organization”.

Poorly managed supply chain management systems can become significant hazards for cyberattacks, which can lead to a loss of sensitive customer information, disruption of the manufacturing process, and could damage a company’s reputation.

Wikipedia

SEC104 Developing Software For GDPR Compliance

Developing Software
For GDPR Compliance

TRAINING SCHEDULE

Developing Software For GDPR Compliance

DATE

TBD

Training Type

Virtual

ENROLL BELOW

All training runs from 9:00 to 16:30 every day.

About The Developing Software For GDPR Compliance Course

GDPR for developers is a training program that will helps software developers and system engineers to implement GDPR compliance into their software development Lifecyle. When creating software, data protection and privacy by default should be part of the software development Lifecyle. This training is intended to provide software developers an overview of GDPR from the software and database development perspective.

Key Features of the Training:

Every developer is also expected to understand and implement the following GDPR concepts:

  • Conduct a Data Flow Mapping.
  • Data classification.
  • How to apply the 7 Principles of Privacy by Design.
  • Managing code repo and deployment practices.
  • Secure your data at rest and in transit.
  • Ensure that you have appropriate access controls for Personal Information.
  • Enforcement of the organization Data Retention Policy.
  • Anonymize and Pseudonymise data.
  • Review third third-party processors.
  • Review how employees access and process personal information using BYOD.
  • Ensure your data hosting arrangements meets to GDPR compliance level.
  • Understand automated decision-making and profiling.
  • Understand and assess the basis of processing personal information.

Course Description

GDPR Data protection Principles

Data protection by design

  • The use of pseudonymisation (replacing personally identifiable material with artificial identifiers).
  • Encryption (encoding messages so only those authorised can read them).

Data protection by default

  • Ensure user profile settings is in the most privacy-friendly setting.
  • How to assure the users’ profile isn’t accessible by default to an indefinite number of persons.

Data loss Protection

Detects potential data breaches/data loss and prevents them by monitoring, detecting and blocking sensitive data while in-use, in-motion, and at-rest.

Choosing the right authentication scheme.

  • What should I consider when implementing a password system?
  • How should we store passwords?
  • How should our users enter their passwords?
  • What requirements should be set for user passwords?
  • What should we do about password expirations and resets?
  • What defenses can be put in place against attacks?

Building encryption into your application

  • Encryption and data storage
  • Encryption and data transfer
  • What types of encryption are there?
  • How should we implement encryption?

Ensure data integrity and confidentiality

Authentication scheme for GDPR compliance

To comply with GDPR the organization must comply with the security principles of ‘integrity and confidentiality’ The security principle requires you to take appropriate technical and organizational measures to prevent unauthorized processing of personal data you hold. To uphold these tenants’ security have to be build into your technological design.

 

Building the GDPR User Rights into systems

  • Consent – A clear and affirmative action from users is required to possess and process their personal data.
  • Right to Access – An individual has the right to know what personal data you have and what you are doing with it.
  • Right to Erasure – An individual has the right to require the deletion of their personal data if the continued processing is not justified.
  • Data Portability – Individuals have the right to require companies transmit their personal data to another company.
  • Breach Notification – Individuals must be notified with 72 hours of a data breach involving their personal data.
  • Privacy by Design – Data protection must be incorporated into the design of systems from the beginning, not just added later. And companies can only hold and process the data absolutely necessary to complete its duties (data minimalization) and limit the access to that data.

Implementing Right to Limited Processing

  • Restriction of Processing:Users have the right to “restrict” processing, which means their data cannot be used or leveraged further without the user’s explicit consent.
  • Erasure:All users must have the option to be forgotten or deleted from the system.
    Data Portability: All collected data and information must be portable so users can export contents and view or read it in a proper format.
  • Rectification:The option or ability to fix personal data that is inaccurate or incomplete.
  • View Data:Every user has the right to be informed about data collection and use, including information outside of standard terms and conditions.
  • Access:Any data collected, processed, or stored should be visible to the relevant user at all times.

The Online Classroom includes:

  • Access to recordings and course content for 360 days.
  • Interactive flash cards to reinforce learning
  • Independent reading and learning activities
  • Case studies and real-world scenarios
  • Knowledge checks after each domain
  • Post-course assessment questions to gauge exam readiness

Target Audience

This training course is intended for professionals who are involved in any form with software development and needs to design software to meet the GDPR requirements. The training is ideal for those working in positions such as, but not limited to:

  • System Developers
  • Software developers
  • Database developers
  • Web Developers
  • Data Engineers

Certified Cloud Security Professional (CCSP)

TRAINING SCHEDULE

CCSP 4 Days Online Class

DATE

TBD

Training Type

Virtual

ENROLL BELOW

All training runs from 9:00 to 16:30 every day.

About the CCSP Course

Certified Cloud Security Professional (CCSP) is one of the industry’s premier cloud security certifications offered for individuals and enterprise teams to manage cloud assets securely. This 4-day Certified Cloud Security Professional (CCSP) certification is governed by the not-for-profit International Information Systems Security Certification Consortium (ISC)2. Check out the dates below and enroll today for the CCSP certification course.

Key Features of this CISSP Training:

  • Instructor-led Certified Cloud Security Professional (CCSP) Certification Training
  • Get access to a free course preview to begin your preparation
  • Expert CCSP instructors across the globe
  • Accredited CCSP course material prepared by SMEs
  • Get key resources from ISC2
  • CCSP Sample papers provided
  • Industry-recognized Course Completion certificate provided
  • Take advantage of 1-to-1 Training and Fly me a Trainer option
  • Training provided across 100+ locations globally

You Will Learn How To:

  • Strategically focus your preparation for CCSP Certification
  • Plan a secure environment aligned with organizational objectives, compliance requirements, and industry-standard architectures
  • Develop operational security and continuity through preventive and recovery mechanisms

Course Description

Domain 1: Architectural Concepts & Design Requirements

Cloud computing concepts & definitions based on the ISO/IEC 17788 standard; security concepts and principles relevant to secure cloud computing.

  • Understand Cloud Computing Concepts
  • Describe Cloud Reference Architecture
  • Understand Security Concepts Relevant to Cloud Computing
  • Understand Design Principles of Secure Cloud Computing
  • Identify Trusted Cloud Service

Domain 2: Cloud Data Security

  • Concepts, principles, structures, and standards used to design, implement,monitor, and secure, operating systems, equipment, networks, applications, and those controls used to enforce various levels of confidentiality, integrity, and availability in cloud environments.
  • Understand Cloud Data Lifecycle
  • Design and Implement Cloud Data Storage Architectures
  • Design and Apply Data Security Strategies
  • Understand and Implement Data Discovery and Classification Technologies
  • Design and Implement Relevant Jurisdictional Data Protections for Personally Identifiable Information (PII)
  • Design and Implement Data Rights Management
  • Plan and Implement Data Retention, Deletion, and Archiving Policies
  • Design and Implement Auditability, Traceability and Accountability of Data Eve

Domain 3: Cloud Platform & Infrastructure Security

Knowledge of the cloud infrastructure components,both the physical and virtual, existing threats, and mitigating and developing plans to deal with those threats.

  • Comprehend Cloud Infrastructure Components
  • Analyze Risks Associated to Cloud Infrastructure
  • Design and Plan Security Controls
  • Plan Disaster Recovery and Business Continuity Managemen

Domain 4: Cloud Application Security

Processes involved with cloud software assurance and validation; and these of verified secure software.

  • Recognize the need for Training and Awareness in Application Security
  • Understand Cloud Software Assurance and Validation
  • Use Verified Secure Software
  • Comprehend the Software Development LifeCycle (SDLC) Process
  • Apply the Secure Software Development LifeCycle
  • Comprehend the Specifics of Cloud Application Architecture
  • Design Appropriate Identity and Access Management (IAM) Solutio

Domain 5: Operations

Identifying critical information and the execution of selected measures that eliminate or reduce adversary exploitation of it; requirements of cloud architecture to running and managing that infrastructure; definition of controls over hardware, media, and the operators with access privileges as well as the auditing and monitoring are the mechanisms, tools and facilities.

  • Support the Planning Process for the Data Center Design
  • Implement and Build Physical Infrastructure for Cloud Environment
  • Run Physical Infrastructure for Cloud Environment
  • Manage Physical Infrastructure for Cloud Environment
  • Build Logical Infrastructure for Cloud Environment
  • Run Logical Infrastructure for Cloud Environment
  • Manage Logical Infrastructure for Cloud Environment
  • Ensure Compliance with Regulations and Controls (e.g., ITIL, ISO/IEC 200001)
  • Conduct Risk Assessment to Logical and Physical Infrastructure
  • Understand the Collection, Acquisition and Preservation of Digital Evidence
  • Manage Communication with Relevant Parties

Domain 6: Legal & Compliance

Addresses ethical behavior and compliance with regulatory frameworks. Includes investigative measures and techniques, gathering evidence (e.g., Legal Controls, eDiscovery, and Forensics); privacy issues and audit process and methodologies; implications of cloud environments in relation to enterprise risk management.

  • Understand Legal Requirements and Unique Risks within the Cloud Environment
  • Understand Privacy Issues, Including Jurisdictional Variation
  • Understand Audit Process, Methodologies, and Required Adaption’s for a Cloud Environment
  • Understand Implications of Cloud to Enterprise Risk Management
  • Understand Outsourcing and Cloud Contract Design
  • Execute Vendor Management

The Online Classroom includes:

  • Access to recordings and course content for 360 days.
  • Interactive flash cards to reinforce learning
  • Independent reading and learning activities
  • Case studies and real-world scenarios
  • Knowledge checks after each domain
  • Post-course assessment questions to gauge exam readiness

Target Audience

This training course is intended for professionals who have at least 2 years of recent full-time professional work experience in 2 or more of the 8 domains of the CISSP CBK and are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current information security careers. The training is ideal for those working in positions such as, but not limited to:

  • Security Consultant
  • Security Manager
  • IT Director/Manager
  • Security Auditor
  • Security Architect
  • Security Analyst
  • Security Systems Engineer
  • Chief Information Security Officer
  • Director of Security
  • Network Architect