freddy@kasprzykowski.me

"About" = {

"NAME": "Freddy",

"ALIASES: [ "Liquid Death", "Carlos", "Chacal" ],

"OCCUPATION": "Cloud Security Engineering and Architecture",

"LIKES": [ "Python", "Automation", "Linux", "Video Games", "Watches"],

"TRAITS": ["Bias for Action", "Strategically Annoying", "Good Hearted"]

}

My Portfolio

Cyber Security Consulting

Lead architect for Sheltered Harbor AWS validated architecture.
Advised, architected, and engineered solutions for global retain bank supporting the development of Threat Detection and Incident Response capabilities based on NIST 800-61r2, and MITRE ATT&CK to satisfy industry regulator requirements. This experience was perpetuated in AWS Incident Response Guide (official external guidance).
Advised, architected, and engineered solutions for affiliate of credit card issuer supporting assessment of maturity of their Identity and Access Management (AWS IAM) capabilities aligned with AWS best practices, providing findings, and remediation recommendations.
Advised, architected, and engineered solutions for credit card issuer supporting the development of Security Governance, and Security Assurance capabilities based on CIS standards, NIST CSF, and regulatory compliance requirements.
Advised, architected, and engineered solutions for regional bank supporting the development of Infrastructure Protection capabilities for network security such as packet inspection, and DNS filtering.
Advised, architected, and engineered solutions for global insurer supporting the development of solution to centralize on-premises security logs in AWS for cost effective life-cycle management, analytics, and alerting using multiple SIEMs.
Advised, architected, and engineered solutions for global asset management firm supporting their Cloud Center of Excellent accelerate AWS services adoption. As part of this engagement, developed “service accelerators”, which as short documents describing the security features of AWS services such as controls available, and regulatory compliance attestations.
Led several AWS Security Assessments providing ratings, findings, and recommendations to further develop security capabilities in the AWS cloud.
Led several AWS Security Incident Response Simulations, a tabletop exercise to measure Incident Response capabilities, providing ratings, findings, and remediations.

Presenting in AWS conferences

Re:Inforce 2024: SEC373 Unleash the power of IAM Access Analyzer unused access [WORKSHOP]
re:Invent 2023: SEC203 Refining IAM Permissions Like A Pro [WORKSHOP]
re:Inforce 2023: IAM354 Refining IAM Permissions Like A Pro [BUILDER SESSION]
re:Invent 2021: SEC232 Citi: Scaling security guardrail development via AWS CDK [BREAKOUT]
re:Invent 2021: SEC401 AWS Incident Response Playbooks Workshop [WORKSHOP]
re:Invent 2020: SEC323 Building you cloud incident response program [BREAKOUT]
re:Invent 2019: Getting Started with Machine Learning and Data Science for Security [CHALK TALK]

Open Source Contributions

Refining IAM permissions: https://github.com/aws-samples/aws-iam-refining-policy-permissions
Incident Response playbook development: https://github.com/aws-samples/aws-incident-response-playbooks-workshop
Unused permissions: https://github.com/aws-samples/aws-iam-unused-access-workshop
Customer playbook framework: https://github.com/aws-samples/aws-customer-playbook-framework
Prowler: https://github.com/prowler-cloud/prowler

If you have been in an AWS conference you might have played one of my Jam Challenges

AWS Jam challenges individuals and teams to apply their AWS Cloud skills to solve real-world, open-ended problems using AWS services. Engage in a gamified learning environment that helps you develop your AWS Cloud skills through simulated use cases in an AWS Management Console sandbox. Select challenges by technical domain or role and by difficulty level. Clues are available to help navigate the challenges if needed. https://aws.amazon.com/training/digital/aws-jam/

King of the Hill: Fundamentals of AWS IAM
Who am I: Fundamentals of AWS CLI use
Galactic Ricklege Escalation: Advanced pen testing on AWS
Follow the Breadcrumbs: Advanced security log analytics in AWS

If you are an AWS customer, you might have read one of my publications

AWS Incident Response Guide https://docs.aws.amazon.com/whitepapers/latest/aws-security-incident-response-guide/aws-security-incident-response-guide.html
SEC04-BP01 Configure service and application logging https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/sec_detect_investigate_events_app_service_logging.html
SEC04-BP02 Analyze logs, findings, and metrics centrallyhttps://docs.aws.amazon.com/wellarchitected/latest/security-pillar/sec_detect_investigate_events_analyze_all.html
AWS service accelerators:
- Amazon RDS Performance Insights
- Amazon FSx for Lustre
- Amazon DocumentDB

Proud contributor to these iconic global events

Rio 2016 Summer Olympic Games - Security Architect (Atos SE) - https://olympics.com/en/olympic-games/rio-2016
FIFA 2014 Football Worldcup - Security Advisor (Modulo Security Solutions) - https://www.fifa.com/tournaments/mens/worldcup/2014brazil/teams
United Nations ECO'92 - GIS system to track deforestation of the Amazon forest in Brazil - IBM Research intern (Rio de Janeiro/Brazil) - https://www.un.org/en/conferences/environment/rio1992