Profile of ACR
Arnel
Carrido Reyes, or fondly known as Master ACR, is a recognized seasoned information security consultant and NetSec/DataSec/CloudSec/AppSec architect -- mastered in years of industry experience. ACR leads an army of Ethical Hackers & IT Security Consultants.
ACR does Offensive Security, Data Protect & Privacy, Cloud & Network Security, Secure SDLC, Application Security, DevSecOps, Threat Modeling, Vulnerability Assessment, Penetration Testing and freelance/independent security consultant for multi-national (Fortune 500) corporations worldwide including government organizations and military agencies in the Middle East, Asia Pacific and North America.
ACR has held various management positions. To date, he has served as Sr. Manager (Penetration Testing & Security Architect), CTO, IT Security Director, IT Security Consultant and Security Solutions Architect specializing in applications, network and systems security. ACR is a leading systems and security consultant for many international companies and government organizations. ACR spearheaded various security assessment, security control testing, vulnerability assessment and
penetration testing, security compliance & audit engagements worldwide for banks, high end hospitals, multinational corporations, government organizations including military agencies
and departments.
ACR holds multiple international certifications: Certified Information Systems Security Professional (CISSP), Licensed Penetratio Tester Master (LPT MASTER), Certified Ethical Hacker (CEH), Computer Hacking Forensic Investigator (CHFI), EC-Council Certified Security Analyst (ECSA), Information Technology Infrastructure Library (ITIL), QualysGuard Certified Specialist (QGCS), FireEye Certified Systems Engineer (FCSE), Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP), Cisco Certified Network Associate Security (CCNA Security), Cisco Certified Network Professional Security (CCNP Security), Microsoft Certified Technology Specialist (MCTS), Microsoft Certified Information Technology Professional (MCITP) for Server Administrator (MCITP∫SA) & Enterprise Administrator (MCITP∫EA) & Database Administrator (MCITP∫DBA), Cisco Intrusion Prevention System Specialist (CIPSS), Cisco Internetwork Operating System Security Specialist (CIOSSS), Cisco Firewall Security Specialist (CFWSS), Cisco Adaptive Security Appliances Specialist (CASAS), Cisco Virtual Private Network Security Specialist (CVPNSS), Tripwire Certified Partner Sales Professional (TWCPSP), Master in Security Analytics etc.
The National Security Agency (NSA) and the Committee on National Security
Systems (CNSS) recognized that ACR satisfied the Cisco security requirements for
the CNSS 4011 and CNSS 4013 advanced training standard. ACR's IT professional
security certifications provide him with the required training for network
security professional to assist federal agencies and private sector entities to
protect their information and aid in the defense of the nation's vital
information resources.
ACR has also developed various security systems, computer compliance
auditor/surveillance system, web-based applications, and accounting software.
ACR is a prolific writer, having authored policies and procedures for the
companies that he has worked with which continue to be implemented until now. He
continues to create policies and procedures that help efficient management and
operations in the company he is presently with.
ACR's consulting and training undertakings cover specializing in Cyber Crime
Investigations & Forensics, ISO 27001 & 27002, BS 25999 (BCP), PCI Compliance,
Information Security (ISMS), Data Protection & Loss Prevention, Vulnerability
Assessment, Systems/Network Penetration Testing, Risk/Threat Analysis (BIA),
Compliance Testing, Security Information Event Management (SIEM), Security
Expert Advisor and secure infrastructure design. His expertise include FIM, GRC,
DMZ firewalls, Secure VPNs, EAP/TLS, PEAP, SSL, PKI, Smart Cards, Biometrics,
IPSEC, IDS & IPS, Vulnerability Scanners, AV, Honeypots, Audits, filtering
policies, multi-layer encrypted file systems, patch management and deployments.
Moreover, ACR develops customized and blended security strategies.
ACR’s wide range of all product experience has helped develop his overall
systems security knowledge. ACR has a passion for tracing malicious hackers in
pursuit of which he has had to grapple with issues, which are inextricably
entwined in meeting the everyday challenges of information systems security.
ACR is a BS Computer Science degree holder. His diploma was not enough to quench
his thirst for knowledge, particularly on various technologies, so he took
trainings, seminars and workshops on Unix/Linux, Microsoft, Cisco and
Information Security.
ACR is a firm believer of, “Human knowledge belongs to the world.” He is
determined to give all he can to help people get protected in the cyber world.
He developed a security website that provides extensive information for the
public on all defense-in-depth aspects, including countermeasures for cybercrime
and cyberterrorism, among others.
The web site “Security-Science
-- www.security-science.com”
offers global security education and awareness for online safety.
SPEAKING ENGAGEMENT
May 2015 Information Security Bootcamp
Topic: Security Architecture Assessment
Seoul, Korea
March 2015 National Cyber Security Forum
Topic: Offensive Security Targeting the Military and Government
Jakarta, Indonesia
November 2012 Enterprise IT Risk Management & Mitigation
Topic: Cyber Crime & Investigation
Kuwait City, Kuwait
August 2008 Information Security Awareness
Topic: Hacking Defense & Countermeasure
Bicol, Philippines