JOSEPH S R DE SARAM
JOSEPH S R DE SARAM
Computer Scientist / Human Rights Activist
Архитектор информационной безопасности
مهندس أمن المعلومات
Click the logo or scroll to get started
with Expertise in the Field of
Information Security Architecture.
the Conceptualisation and Design of
Wide Area Distributed Systems
Advanced Neural Networks
and Strong Cryptographics.
Clients comprise those from
Aerospace & Defence
and Banking & Securities.
Click the logo or scroll to get started

ABOUT JOE

A Human Rights Activist with expansive conceptual abilities in Information Security.

Joseph S R de Saram has significant expertise in the fields of Information Security Architecture, Intelligence Analysis and Digital Forensics. Areas of specialisation include the conceptualisation and design of wide area distributed systems, advanced neural networks, and strong cryptographics. Proven thought leadership, business development and technical mindset have evolved over thirty years.

Competent hard-working and focussed, Joseph is able to optimise and greatly enhance existing methodologies by extremely rapid assimilation of new material and modification of structured procedures. He achieves organisational competency through enforcing tough deadlines and rationalisation, and motivating co-workers to optimum efficiency.

Furthermore Joseph’s successful implementation of complex projects from concept to delivery in terms of confidentiality, integrity and availability lead to significant improvement in the quality and performance of complex software algorithms.

JOSEPH S R DE SARAM   CISSP FBCS MIEEE MIScT MINCOSE MACS Snr CP

Information Security Architect ● אדריכל אבטחת מידע ● 信息安全建築師 ● Архитектор информационной безопасности ● مهندس أمن المعلومات

Generic address JSRDS@JSRDS.COM • CP500i +807 1742 5273

[Transient routing problems may be experienced for the next two weeks or so as configurations are finalised]

Information Security Certifications

I presently hold the following certifications:-
Certified Information Systems Security Professional
The CISSP is ideal for information security professionals seeking to prove their understanding of cybersecurity strategy and hands-on implementation. It shows you have the advanced knowledge and technical skills to design, develop and manage an organization’s overall security posture. .

.
text

Information Security Training

I am presently undergoing training for the following certifications:-
Information Systems Security Architecture Professional
The CISSP-ISSAP is an appropriate credential for a chief security architect or analyst. An architect plays a key role in the information security department.

Responsibilities fall between the C-suite and upper managerial level and the implementation of the security program. Although the role is tied closely to technology, it may be closer to the consultative and analytical process of information security.

This security architect certification proves expertise developing, designing and analyzing security solutions. It also shows an ability to excel at giving risk-based guidance to senior management in order to meet organizational goals.
Information Systems Security Engineering Professional
The CISSP-ISSEP is the ideal credential for proving a consultant can incorporate security into all facets of business operations.

This security engineering certification recognises the solid ability to practically apply systems engineering principles and processes to develop secure systems.

The knowledge and skills to incorporate security into projects, applications, business processes and all information systems is confirmed. The CISSP-ISSEP was developed in conjunction with the United States National Security Agency (NSA).

It offers an invaluable tool for any systems security engineering professional.
Information Systems Security Management Professional
The CISSP-ISSMP cybersecurity management certification confirms excellence at establishing, presenting and governing information security programs.

Deep management and leadership skills are also demonstrated whether leading incident handling and/or a breach mitigation team.
text

DoD Approved 8570 Baseline Certifications

As an extension of Appendix 3 to the DoD 8570.01-Manual, the following certifications have been approved as IA baseline certifications for the IA Workforce. Personnel performing IA functions must obtain one of the certifications required for their position category or specialty and level. Refer to Appendix 3 of 8570.01-M for further implementation guidance. I already have/am in the process of achieving the highlighted certifications.

https://public.cyber.mil/cwmp/dod-approved-8570-baseline-certifications/

https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodm/857001m.pdf

https://www.esd.whs.mil/portals/54/Documents/DD/issuances/dodd/814001_2015_dodd.pdf

Information Systems Security Architecture Professional
The CISSP-ISSAP is an appropriate credential for a chief security architect or analyst. An architect plays a key role in the information security department.

Responsibilities fall between the C-suite and upper managerial level and the implementation of the security program. Although the role is tied closely to technology, it may be closer to the consultative and analytical process of information security.

This security architect certification proves expertise developing, designing and analyzing security solutions. It also shows an ability to excel at giving risk-based guidance to senior management in order to meet organizational goals.
Information Systems Security Engineering Professional
The CISSP-ISSEP is the ideal credential for proving a consultant can incorporate security into all facets of business operations.

This security engineering certification recognises the solid ability to practically apply systems engineering principles and processes to develop secure systems.

The knowledge and skills to incorporate security into projects, applications, business processes and all information systems is confirmed. The CISSP-ISSEP was developed in conjunction with the United States National Security Agency (NSA).

It offers an invaluable tool for any systems security engineering professional.
IAT Level I
A+ CE
CCNA-Security
Network+ CE
SSCP
IAT Level II
CCNA Security
CySA+ **
GICSP
GSEC
Security+ CE
SSCP
IAT Level III
CASP+ CE
CCNP Security
CISA
CISSP (or Associate)
GCED
GCIH
Introduction
The directive is specific to those individuals or agencies who have privileged access to DoD systems.

Persons who come under the directive include contractors and consultants as well as part-time or full-time military personnel who perform Information Assurance roles and functions. Personnel affected by DoD 8570 have to be trained according to the directive and also certified against specific skills sets and roles. The types of roles that DoD 8570 describes are those responsible for the protection of vital information that is in the nation’s interests.

NOTE: DoD 8570 will eventually be replaced by DoD 8140. However, at the time of writing the manual for DoD 8140 is yet to be published. Creation of manuals for DoD directives often take several years, and until such a time as the directive is documented, DoD 8570 will remain the key directive for the Information Assurance workforce at the DoD.

What is the DoD IAT?

The DoD is a highly structured organization with a distinct hierarchy. The overarching structure for IA at the DoD is called the “Information Assurance Workforce, Workforce Improvement Program” (IA WIP). Within this workforce umbrella are two separate categories called Information Assurance Technical (IAT) and Information Assurance Management (IAM).

What is the DoD IAT Levels?

Within the IAT category are three category levels:

Level 1: Computing environment information assurance
Level 2: Network environment information assurance
Level 3: Enclave, advanced network and computer information assurance

The category levels reflect the system architecture and not the grade of the individual working in that area. Within each level are sublevels that represent the attainment grade of the individual. These attainment levels are:

Entry level
Intermediate
Advanced

Each level has a set of functions within it. For example:

Level 1 has functions such as install and operate IT systems, apply security procedures, and enter assets into a vulnerability management system
Level 2 has functions such as provide end user support, manage user accounts and analyze system performance
Level 3 has functions such as lead teams and support actions to mitigate problems and direct operational structures and processes

Any persons wishing to work within these IAT levels must be certified to the correct level for the function they perform within a category. The IAT categories are cumulative, if you want to work at a Level 2 you need to have mastered Level 1.

How Can I Identify Who’s in the IAT Workforce?

Workers in an IAT role have privileged access to one or more category levels in a DoD environment. They also possess the right level of certification and functional requirements of the position. To identify a member of the IAT workforce, the individual needs to have: Privileged access to a Level 1-3 system – this is achieved by meeting certain requirements, including having the proper certification for that level A position that practices some of the functions required for the level Typical entities covered by the IA WIP include: Military Civilians Local nationals Non-appropriated fund (NAF) personnel Contractors
The United States Department of Defense (DoD) hosts a number of directives that set out the requirements of their workforce. DoD 8570, which is titled “Information Assurance Workforce Improvement Program,” describes the expectations of the DoD in terms of required training, certification and management of DoD workforce members carrying out Information Assurance (IA) duties.
Higher level CSSP and IASAE certifications do not satisfy lower level requirements
  •  The A+ or Network+ certification qualify only for Technical Level I and cannot be used for Technical Level II positions.

  • The System Security Certified Practitioner (SSCP) certification qualifies for both Technical Level I and Technical Level II. If the individual holding this certification moved from an IAT Level I to an IAT Level II position, he or she would not have to take a new certification.
Higher level CSSP and IASAE certifications do not satisfy lower level requirements
  •  The A+ or Network+ certification qualify only for Technical Level I and cannot be used for Technical Level II positions.

  • The System Security Certified Practitioner (SSCP) certification qualifies for both Technical Level I and Technical Level II. If the individual holding this certification moved from an IAT Level I to an IAT Level II position, he or she would not have to take a new certification.
Higher level CSSP and IASAE certifications do not satisfy lower level requirements
The DoD Cyber Security Service Provider (CSSP) is a certification issued by the DoD that indicates a candidate’s fitness for the DoD Information Assurance (IA) workforce. CSSP certifications are dependent on job role and require completing a third-party certification and DoD specific training and requirements. This guide will describe the various job-specific CSSP certifications, the requirements for achieving each version, and the third-party certifications that are accepted for each job role.

The DoD Cyber Security Service Professional levels are broken out by job role. The five possible roles for a holder of a DoD CSSP certification include: Analyst Infrastructure support Incident responder Auditor Service provider manager.
IAM Level I
CAP
GSLC
Security+ CE
IAM Level II
CAP
CASP+ CE
CISM
CISSP (or Associate)
GSLC
CCISO
IAM Level III
CISM
CISSP (or Associate)
GSLC
CCISO
The DoD IASAE covers the requirements for the Information Assurance architecture and engineering areas (IA System Architects and Engineers) as stated by DoD 8570.01-M (manual), which defines the certification paths for Information Assurance (IA) professionals. Due to these requirements, personnel must acquire and maintain certifications within their professional track in order to sustain their positions.

IA architects and engineers are responsible for designing and securing information systems architectures. These individuals are expected to know the best way to protect networks through the implementation of firewalls, virtual private networks (VPNs), antivirus software, intrusion detection/prevention systems (IDS/IPS), border gateways, switches, routers and more. They are also expected to understand the best way to secure interfaces, applications, servers, databases and other system components.

Some job titles for IASAE professionals include: IT systems engineer Network engineer Systems engineer Data architect Cybersecurity engineer Cybersecurity architect Information system security engineer (ISSE) Information assurance analyst Technology-specific engineer or architect (e.g. Active Directory, Cisco, firewall, etc.) The DoD Cyber Security Service Professional levels are broken out by job role. The five possible roles for a holder of a DoD CSSP certification include: Analyst Infrastructure support Incident responder Auditor Service provider manager.
IASAE I
CASP+ CE
CISSP (or Associate)
CSSLP
IASAE II
CASP+ CE
CISSP (or Associate)
CSSLP
The DoD Cyber Security Service Provider (CSSP) is a certification issued by the DoD that indicates a candidate’s fitness for the DoD Information Assurance (IA) workforce. CSSP certifications are dependent on job role and require completing a third-party certification and DoD specific training and requirements. This guide will describe the various job-specific CSSP certifications, the requirements for achieving each version, and the third-party certifications that are accepted for each job role.

The DoD Cyber Security Service Professional levels are broken out by job role. The five possible roles for a holder of a DoD CSSP certification include: Analyst Infrastructure support Incident responder Auditor Service provider manager
CSSP Analyst
CEH
CFR
CCNA Cyber Ops
CCNA-Security
CySA+ **
GCIA
GCIH
GICSP
SCYBER
CSSP Infrastructure Support
CEH
CySA+ **
GICSP
SSCP
CHFI
CFR
CSSP Incident Responder
CEH
CFR
CCNA Cyber Ops
CCNA-Security
CHFI
CySA+ **
GCFA
GCIH
SCYBER
CSSP Auditor
CEH
CySA+ **
CISA
GSNA
CFR
CSSP Manager
CISM
CISSP-ISSMP
CCISO
 
 
The above table provides a list of DoD approved IA baseline certifications aligned to each category and level of the IA Workforce. Personnel performing IA functions must obtain one of the certifications required for their position, category/specialty and level to fulfill the IA baseline certification requirement. Most IA levels within a category or specialty have more than one approved certification and a certification may apply to more than one level.
An individual needs to obtain only one of the “approved certifications”; for his or her IA category or specialty and level to meet the minimum requirement. For example, an individual in an IAT Level II position could obtain any one of the four certifications listed in the IAT Level II cell.
Higher level IAT and IAM certifications satisfy lower level requirements. Certifications listed in Level II or III cells can be used to qualify for Level I. However, Level I certifications cannot be used for Level II or III unless the certification is also listed in the Level II or III cell. For example:
  •  The A+ or Network+ certification qualify only for Technical Level I and cannot be used for Technical Level II positions.

  • The System Security Certified Practitioner (SSCP) certification qualifies for both Technical Level I and Technical Level II. If the individual holding this certification moved from an IAT Level I to an IAT Level II position, he or she would not have to take a new certification.
Higher level CSSP and IASAE certifications do not satisfy lower level requirements

2005-2019

2002

2005

2008

2010

2011

QUOTES

  • He who sacrifices information security for freedom deserves neither.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • I like to be ahead of the curve, especially if it is Hyperelliptic.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • When I am doing well, my friends know who I am. When things are bad I know who my friends are.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • Most people wait for it to happen – I prefer to Make I. T. Happen.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • Sure there is no ‘I’ in ‘TEAMWORK’ but there is one in ‘GENIUS’, and also one in ‘RICH’.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • ‘State of the Art’ depends greatly on the ability of the artist.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • Everybody is so talented nowadays that the only people I care to honour as deserving real distinction are those who harness encryption.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • Many people dream small and then get surprised when big things don’t happen to them.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • Regardless of what I am playing, my music will never be appreciated when the audience is deaf.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • Trying hard to win is not the same thing as avoiding defeat.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • I am not interested in just answers, I want the right answers.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • Most people associate red for hot and blue for cold – when a flame is blue, it is actually hotter than a red flame, so what do they say then?

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • Most battles are won logically in the mind, before the physical battle even starts on the field.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • I have always encouraged my peers to ‘push the envelope’ but when ‘licking the envelope’ is too challenging then you know you will have admin problems.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • ‘Finishing in 2nd position’ is just a fancy phrase for ‘being thrashed’.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • Two heads ARE better than one, particularly if one of them is mine.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • I always aspire to perfection as there is no limit as to what perfection could be.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • I do not suffer fools gladly – I get pissed off like everyone else.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • I do not waste time drowning in other people’s stupidity, when there are so many things that can be achieved with a brilliant mind.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • Many people say ‘the glass is half full’; many say ‘the glass is half empty’. Only a few of us ask ‘What’s actually in the glass?’

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • When it comes to financial matters, I prefer to follow the best strategy and lose money than listen to mediocre advice and get mediocre results.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • First the people refused martial law, then the people requested martial law, now the people plead for martial law.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • The worst thing about being a genius is that most people are not smart enough to appreciate it.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • When making a critical decision, I would always be prepared to seek forgiveness afterwards, than obtain permission before.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • If I wanted to work with vegetables then I would get a job in a market.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • Nothing beats the assurance of a relationship with a major International Investment Bank, especially when you see their staff wearing Rolex watches.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • If you’re smarter than the people giving you advice then you’re an idiot if you listen to them.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • When I lost my mind for 5 years, I realised what it was like to be ‘Just an Average Joe’.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • I always like to thank those that believed in me, and remember those that didn’t – because without them I would have probably taken an easier path.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • I have found it necessary to define my own paradigms because there is no-one around me whom I can look up to.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • It does not take big balls to stand up for what you believe in – it just takes two.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • They tried to milk me like a cow, but I’m a bull and hate being milked.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • It take ‘Brains, Balls and Financial Muscle’ to help ordinary people solve the extraordinary problems of Fighting Injustice.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • I’m not afraid of Unjust Laws or Corrupt Cops – I have a brilliant legal mind and my favourite colour is blue.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • I prefer to struggle every week to reach for the stars and the high standards I set for myself, than set low standards and achieve them daily.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
  • Whilst the person who lies will eventually change his story once the pressure becomes too great, the man who speaks the truth cannot change the facts to anything else, even if he faces disbelief and ridicule.

    Joseph S R de Saram

    Information Security Architect / Human Rights Activist
joseph-de-saram-circular-300x300

Joseph S R de Saram (JSRDS)

Information Security Architect / Intelligence Analyst / Computer Scientist / Human Rights Activist / COMSEC / SIGINT / TSCM
RHODIUM GROUP