my work at ilion Security S.A.

My work at ilion is divided in three categories: network audit, r&d and managing the IT infrastructure.

network audit

As an auditor, I have mostly audited DMZs (web, mail, dns, vpn, etc. servers), internal networks (Exchange, Oracle DB and other sensitive systems), and performed social engineering audits. I have worked on several security consulting projects. The clients I work for are mostly Geneva's private banks, governments, other banks and companies in the financial sector.

r&d

My research and development tasks include developing audit tools and scripts, writing exploits. I co-authored a research paper (Covert communications: subverting Windows applications) which can be downloaded from the sans.org reading room (and also from here)

We also do development work with Russia. This has provided me with very valuable outsourcing experiences.

I don't value most certification programs, but some people say it can marginally help when applying for jobs. I have passed the CEH (certified ethical hacker), and the first part of CCNA. I am planning to take CISSP and CISA exams after I am done with the second part of the CCNA exam.

managing the IT

As the IT infrastructure manager, my tasks are to setup servers and make sure they are always up-to-date (security watch). The various servers I have setup incude mail, web, vpn, dns, exchange, crm, firewalls, etc.

I have been in charge of training an intern, who is now hired full time.