159 followers|3,878 views
Works at L&A INC (PH), L&A LLC (US), L&A LLP (SG)
Lives in Philippines
159 followers|3,878 views
IT Auditor, Penetration Tester, Forensic Analyst
- L&A INC (PH), L&A LLC (US), L&A LLP (SG)IT Auditor, Penetration Tester, Forensic Analyst, present
- TMP, CW, CC, SUNW, CHKP, L&A
With regards to my expertise, computer forensics (as per Rules of Court on Electronic Evidence) is but one of the specialized professional services my company  offers. The others are penetration testing (as per PH Central Bank's BSP Circulars 542, 511, and 510 ; and Payment Card Industry - Data Security Standard  compliance requirements), information security management system consulting (ISMS; as per the COBIT and ISO/IEC 27001 standards), IT service management consulting (ITSM, as per COBIT and ISO/IEC 20000 standards), evaluation and assurance consulting (i.e. source code audits, as per ISO/IEC 15408 and 18045 standards), and specialized training courses.
Penetration Testing is professional hacking, as the words "ethical hacking" is too glitzy, self-centered, and prone to misinterpretation. It's my company's bread-and-butter, and so far we've been extraordinarily successful in testing Internet banking systems, from hijacking routers, to compromising online remittance systems, gaining administrator access to databases, to doing CA/SA fund transfers, and others.
I am a Certified Information Systems Auditor (CISA), and a Certified Information Systems Security Professional (CISSP). Also, I'm one of the Board Of Directors of the Association of Certified Fraud Examiners , which is the Philippine chapter of http://www.ACFE.com. I have also been a member of the Board of Directors in ISACA Manila, the local chapter of ISACA (Information Systems Audit and Control Association) .
As an information systems auditor, I have been recently called as an expert witness in the Singapore Internation Arbitration Centre . I have also been a guest speaker in the US Embassy of the Philippine's Overseas Security Advisory Council (OSAC) , on the topic of Corporate Espionage. On the local front, I've also been a guest speaker of the American Chamber of Commerce of the Philippines , the Management Association of the Philippines , the Information Systems Security Society of the Philippines (ISSSP) , the Institute of Internal Auditors - Philippines , the De La Salle University, Graduate School of Business , and the Ateneo Information Technology Institute (now: Ateneo Graduate School of Business) . I have also been invited as a repeat speaker on topics relating to bank fraud and electronic warfare by the Bankers Institute of the Philippines , and the major ATM networks which are BancNet  and MegaLink . I have also toured the Asia-Pacific region with IBM as a speaker on information security management topics . All subject matters are focused on information security and information systems audit.
Recently, I have been a guest panelist to help inform the general public about the electoral risks surrounding the new COMELEC Automated Election System, on international ABS-CBN News Channel (ANC) TV's "e-LEKSYON Electoral Risks Forum" , as well as for NAMFREL (National Citizen's Movement for Free Elections)  in their February 2010 regional assembly.
Previously, I was a Product Management Engineer of Check Point Software Technologies (NASDAQ: CHKP) , an Israeli company that is the world-leader in network security firewalls. One of my assignments back then was to be one of the engineers that worked on getting our software audited and accredited by the US government, to pass evaluation and assurance tests  by their National Security Agency auditors , so that our products can be sold to North American government agencies, as well as to European Community, S. Korean, Australian, and Singapore ministries.
I was hired by Check Point Software because of my previous experiences in the network security field when I was a Senior Systems Engineer with the professional services group of Sun Microsystems Philippines .
My full professional profile is posted in the Internet, and can be found in http://www.Linkedin.com/in/Drexx . Included there is a list of people who belong to our network of professionals, as well as recommendations I have received from my international colleagues in the business.
 http://PH.Sun.com/aboutsun; formerly called PSPI
Nigeria, USA, Philippines, Singapore - Africa, N. America, Europe, Asia