PROJECTS - Jedson.Jerume

Luigi’s Case Study – Small Business IT & Security Assessment

I assessed a small business's IT and security posture for Luigi's case study and proposed practical solutions to assist daily operations while lowering risk. Identifying business-critical systems, data flows, and operational relationships was key. I assessed vulnerabilities such poor access restrictions, network segmentation, and monitoring and offered cost-effective technological and administrative solutions based on industry best practices. Availability, basic data protection, and scalability for a growing organization were prioritized. Risk overviews, security recommendations, and comprehensive documentation on how the proposed solutions enhance business continuity and operational efficiency were delivered. Skills demonstrated: Small business IT assessment Risk identification and mitigation Security control selection Operational resilience planning Technical documentation

Marconi Law Firm – Network System Implementation Project

Designed and implemented a complete small-business network for a law firm, including IP addressing, Windows Server configuration, user access controls, VoIP integration, and cost-conscious infrastructure planning Key Tools & Technologies Used Operating Systems: Windows Server 2019, Windows 10 Pro Server & Directory Services: Local user and group management, file sharing, permission management Networking: Static IP addressing, subnetting (255.255.255.0), LAN design Hardware: HPE ProLiant server, TP-Link enterprise router, SonicWall managed switch Wireless: TP-Link Omada Wi-Fi 6 access points VoIP: Grandstream VoIP phones, Yealink conference phone Peripherals: Network printer, smart conference display Documentation & Planning: Network topology diagrams, IP tables, hardware/software specification tables, CapEx and OpEx cost analysis

SnowBe Online – Cybersecurity Maturity Policy Development

Authored a cybersecurity maturity policy for an e-commerce organization, defining maturity levels, assessment processes, roles, and enforcement aligned with CIS Controls to guide continuous security improvement across cloud and on-prem environments. Skills Demonstrated Cybersecurity governance, risk, and compliance (GRC) Security policy writing and documentation Cybersecurity maturity modeling and gap analysis Risk assessment and prioritization Role and responsibility definition for security programs Exception handling and compensating control design Compliance alignment and audit readiness Technical and executive-level security communication Tools & Frameworks Used CIS Critical Security Controls (v8 reference) Cybersecurity Capability Maturity Model (C2M2) Internal maturity scoring and assessment framework Cloud security considerations (AWS environments) Policy lifecycle management (drafting, versioning, enforcement)

SnowBe Online Security Plan

Developed a comprehensive IT Security Plan for a growing e-commerce organization, defining security policies, standards, roles, and procedures to protect confidentiality, integrity, and availability across cloud and on-prem systems. Skills Demonstrated IT security planning and program design Governance, Risk, and Compliance (GRC) documentation Security policy and standards development Role and responsibility definition for security operations Risk management and control alignment Exception and exemption handling Security awareness and audit readiness planning Technical writing for executive and operational audiences Tools & Frameworks Used CIS Critical Security Controls Cybersecurity Capability Maturity Model (C2M2) Patch Management Policy frameworks Secure Software Development Life Cycle (SDLC) principles Cloud security considerations (AWS environments) Industry policy references (higher-education and government security plans)

SnowBe Online Software Patch Management Policy

Authored and structured a formal Software Patch Management Policy defining asset scope, patch prioritization, testing, scheduling, exception handling, and enforcement to reduce vulnerability risk across cloud, endpoint, and POS systems. Skills Demonstrated Patch management program design and governance Vulnerability prioritization using CVSS scoring Asset inventory and lifecycle management Change and configuration management Risk mitigation and exception handling Security policy writing and technical documentation Compliance monitoring and enforcement planning Coordination between IT, security, and business operations Tools & Frameworks Used CVSS v3 severity scoring CIS Critical Security Controls (Patch Management alignment) Cybersecurity Capability Maturity Model (C2M2) Remote Monitoring and Management (RMM) concepts Cloud security considerations (AWS environments) Industry-standard patch management frameworks

SnowBe Online Change Control Management Policy

Developed and documented a formal Change Control Management Policy to ensure all system and application changes are reviewed, approved, tested, and implemented in a controlled manner to protect system integrity and availability. Skills Demonstrated Change and configuration management (ITIL-aligned concepts) Governance, Risk, and Compliance (GRC) documentation Risk-based change classification and impact analysis Change approval workflows and Change Advisory Board (CAB) processes Exception handling and compensating control design Compliance monitoring and enforcement design Policy lifecycle management and version control Technical and executive-level policy communication Tools & Frameworks Used Change Control and Change Management frameworks ITIL change management principles Governance, Risk, and Compliance (GRC) practices Internal approval workflows and documentation standards Industry policy templates and enforcement models Source: SnowBe Online Change Control Management Policy

SnowBe Online Security Control Ratings & Maturity AssessmenT

Performed a cybersecurity maturity and priority assessment by rating SnowBe’s security domains against CIS-style control categories to identify gaps, establish priorities, and guide risk-based security improvements. Skills Demonstrated Cybersecurity maturity assessment and scoring Risk-based prioritization of security controls Security gap analysis and benchmarking Governance, Risk, and Compliance (GRC) evaluation Control categorization and domain mapping Quantitative security assessment and ranking Translating assessment results into remediation priorities Security documentation and reporting Tools & Frameworks Used CIS Critical Security Controls domain structure Cybersecurity maturity rating models Risk scoring and prioritization methodologies Microsoft Excel for security metrics and analysis Internal control evaluation and benchmarking framework