Carrido Reyes, or fondly known as Master ACR, is a recognized seasoned information security consultant and NetSec/DataSec/CloudSec/AppSec architect -- mastered in years of industry experience. ACR leads an army of Ethical Hackers & IT Security Consultants.
ACR does Offensive Security, Data Protect & Privacy, Cloud & Network Security, Secure SDLC, Application Security, DevSecOps, Threat Modeling, Vulnerability Assessment, Penetration Testing and freelance/independent security consultant for multi-national (Fortune 500) corporations worldwide including government organizations and military agencies in the Middle East, Asia Pacific and North America.
ACR has held various management positions. To date, he has served as Sr. Manager (Penetration Testing & Security Architect), CTO, IT Security Director, IT Security Consultant and Security Solutions Architect specializing in applications, network and systems security. ACR is a leading systems and security consultant for many international companies and government organizations. ACR spearheaded various security assessment, security control testing, vulnerability assessment and penetration testing, security compliance & audit engagements worldwide for banks, high end hospitals, multinational corporations, government organizations including military agencies and departments.
ACR holds multiple international certifications: Certified Information Systems Security Professional (CISSP), Licensed Penetratio Tester Master (LPT MASTER), Certified Ethical Hacker (CEH), Computer Hacking Forensic Investigator (CHFI), EC-Council Certified Security Analyst (ECSA), Information Technology Infrastructure Library (ITIL), QualysGuard Certified Specialist (QGCS), FireEye Certified Systems Engineer (FCSE), Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), Cisco Certified Network Associate Security (CCNA Security), Cisco Certified Network Professional Security (CCNP Security), Microsoft Certified Technology Specialist (MCTS), Microsoft Certified Information Technology Professional (MCITP) for Server Administrator (MCITP∫SA) & Enterprise Administrator (MCITP∫EA) & Database Administrator (MCITP∫DBA), Cisco Intrusion Prevention System Specialist (CIPSS), Cisco Internetwork Operating System Security Specialist (CIOSSS), Cisco Firewall Security Specialist (CFWSS), Cisco Adaptive Security Appliances Specialist (CASAS), Cisco Virtual Private Network Security Specialist (CVPNSS), Tripwire Certified Partner Sales Professional (TWCPSP), Master in Security Analytics etc.
The National Security Agency (NSA) and the Committee on National Security Systems (CNSS) recognized that ACR satisfied the Cisco security requirements for the CNSS 4011 and CNSS 4013 advanced training standard. ACR's IT professional security certifications provide him with the required training for network security professional to assist federal agencies and private sector entities to protect their information and aid in the defense of the nation's vital information resources.
ACR has also developed various security systems, computer compliance auditor/surveillance system, web-based applications, and accounting software.
ACR is a prolific writer, having authored policies and procedures for the companies that he has worked with which continue to be implemented until now. He continues to create policies and procedures that help efficient management and operations in the company he is presently with.
ACR's consulting and training undertakings cover specializing in Cyber Crime Investigations & Forensics, ISO 27001 & 27002, BS 25999 (BCP), PCI Compliance, Information Security (ISMS), Data Protection & Loss Prevention, Vulnerability Assessment, Systems/Network Penetration Testing, Risk/Threat Analysis (BIA), Compliance Testing, Security Information Event Management (SIEM), Security Expert Advisor and secure infrastructure design. His expertise include FIM, GRC, DMZ firewalls, Secure VPNs, EAP/TLS, PEAP, SSL, PKI, Smart Cards, Biometrics, IPSEC, IDS & IPS, Vulnerability Scanners, AV, Honeypots, Audits, filtering policies, multi-layer encrypted file systems, patch management and deployments. Moreover, ACR develops customized and blended security strategies.
ACR’s wide range of all product experience has helped develop his overall systems security knowledge. ACR has a passion for tracing malicious hackers in pursuit of which he has had to grapple with issues, which are inextricably entwined in meeting the everyday challenges of information systems security.
ACR is a BS Computer Science degree holder. His diploma was not enough to quench his thirst for knowledge, particularly on various technologies, so he took trainings, seminars and workshops on Unix/Linux, Microsoft, Cisco and Information Security.
ACR is a firm believer of, “Human knowledge belongs to the world.” He is determined to give all he can to help people get protected in the cyber world.
He developed a security website that provides extensive information for the public on all defense-in-depth aspects, including countermeasures for cybercrime and cyberterrorism, among others.
The web site “Security-Science -- www.security-science.com” offers global security education and awareness for online safety.
May 2015 Information Security Bootcamp
Topic: Security Architecture Assessment
March 2015 National Cyber Security Forum
Topic: Offensive Security Targeting the Military and Government
November 2012 Enterprise IT Risk Management & Mitigation
Topic: Cyber Crime & Investigation
Kuwait City, Kuwait
August 2008 Information Security Awareness
Topic: Hacking Defense & Countermeasure