SafeBits by Luci

About Me

Hi, my name is Luci Stanescu and I am a professional with over 15 years of experience in several, interrelated IT fields.

My main expertise areas are information security and systems architectures, with a focus on high-availability networking services.

Phone: +44 330 043 4262
Contact
About Me

Bio

I graduated with a first-class honours degree in Computer Science and Artificial Intelligence from the University of Sheffield, United Kingdom.

I started my career developing networking applications under GNU/Linux environments using C and Python and as an instructor teaching CCNA and Java courses (back before Sun Microsystems was acquired by Oracle).

I mainly worked in the telecommunications industry, with roles ranging from designing and developing server software, coordinating DevOps teams, and as a systems architect. I have often trained and mentored colleagues.

My involvement in cybersecurity started in the early days, with responsibilities expanding as my career progressed, including holding the most senior role with security duties in a telecommunications provider, a sector that is heavily regulated.

More recently, I have been providing consultancy services since January 2022. You can view my full CV to find out more about my professional experience.

Certification

I hold the CASP+ certification, which you can also verify here using the code YHR3FQQQEEBEQ3GX. This certification is accredited in conformance with ISO 17024 and approved by the US DoD to meet the 8570 directive requirements for Information Assurance System Architects and Engineers (IASAE) level II and Information Assurance Managers (IAM) level II.

Expertise

The following is meant as a non-exhaustive list of technologies, practices and regulations that I have worked with. If there’s something that you don’t find here, but think I might be able to help with, please don’t hesitate to get in touch.

Information Security

  • NIST Cybersecurity Framework
  • Threat and Vulnerability Management
  • Incident Response Management
  • Business Continuity / Disaster Recovery
  • IDS, NGFW, WAF, SIEM, FIM
  • Network Access Control
  • Privileged Access Management
  • IAM, OpenID, OAuth, SAML, Kerberos
  • 802.1X, MACsec, IPsec
  • PKI, ACME, OCSP
  • HSMs, security keys, U2F, FIDO2 (WebAuthn, CTAP2)
  • Cryptography and security protocols
  • Familiar with best practices and benchmarks

Compliance

  • PCI DSS
  • EU and UK data protection regulations (including GDPR)
  • UK telecommunications regulations

Architectures

  • On-premises, highly-resilient, multi-datacentre
  • Public cloud (including cloud-native applications and serverless), GCP and AWS
  • Hybrid cloud

Networking

  • IPv4, IPv6
  • L2TP, PPP, VXLAN
  • BFD
  • MPLS (LDP and RSVP)
  • VRRP
  • OSPF, BGP
  • SDN and OpenFlow
  • Cisco and Juniper

Network Protocols

These are protocols for which I’ve read the specifications and/or worked on implementations:

  • DHCPv4 and DHCPv6
  • DNS, DNSSEC, DoH, DoT
  • EAP
  • HTTP
  • IKE and ISAKMP
  • LDAP
  • RADIUS and DIAMETER
  • SCTP
  • SIP, SIMPLE
  • SNMP, AgentX
  • SMTP
  • SOAP
  • TLS

Virtualisation / Containerisation

  • KVM
  • Xen
  • Docker
  • Kubernetes
  • LXC and LXD

Databases

  • Relational (PostgreSQL, MySQL, SQLite)
  • Directories (OpenLDAP)
  • Document-oriented (MongoDB)
  • Key-value stores (DBM, BDB, CDB, memcached, Redis)
  • Distributed object storage (Ceph)

GNU/Linux

  • eBPF
  • Namespaces, cgroups
  • seccomp
  • SELinux