Cyber.
Security.
Consulting.
Regulations.
IT Audit.
Governance.
Architecture.
Compliance.
Advisory.
Contracting.
• The average cost of a data breach was $4.45 million in 2023, the highest average on record. - IBM
• • The cyber security market is projected to grow by 10% to $10.5 trillion annually by 2025. - McKinsey
About Me
Know Me More
Hi, I'm Jake Eliasz
I'm a Cyber Security Professional dedicated to enhancing global safety by safeguarding businesses against ever-evolving cyber threats. Since 2005, I’ve assisted organizations worldwide in managing compliance and securing their critical assets. With two decades of experience spanning diverse industries, I’ve developed extensive expertise across various cyber security domains.
Years of Experience
Consulted in over:
50+ Countries
Delivered:
350+ Security Projects
Dual Citizenship:
EU | UK Passport Holder
Certified Professional:
10+ Security Certifications
What do I do?
How I can help your next project
Governance
Assisting organisations to establish effective governance structures and processes, including policies, procedures and controls to ensure accountability, transparency and ethical behavior.
Risk Management
Helping organisations to identify, assess, and prioritize risks to their business operations, develop strategies and plans to mitigate these risks.
Security Architecture
Assisting organisations to design and implement a security architecture that aligns with an organisation's business objectives, IT infrastructure and compliance frameworks.
Audits
Providing internal and external audit services to help organisations evaluate their internal controls and processes, identify areas for improvement and mitigate risks.
Third-Party Assurance
Helping organisations manage the risks associated with third-party relationships, including vendors, cloud providers, suppliers and business partners.
Resume
A summary of My Resume
My Education
Master of Science (MSc) in Information Security
University of Plymouth, UK / 2005 - 2007
Final Thesis: ‘The pattern analysis of the IPS sensors across the campus network.’
Bachelor of Engineering (BEng) in Computer Science
University of KW, Poland / 2000 - 2005
Final Thesis: ‘Simple picture recognition using Artificial Intelligence (AI).’
Cyber Security Certifications*:
CISSP - Certified Information Systems Security Professional (ISC2)
ISSAP - Information Systems Security Architecture Professional (ISC2)
CCSP - Certified Cloud Security Professional (ISC2)
CISA - Certified Information Systems Auditor (ISACA)
C|CISO - Certified Chief Information Security Officer (EC-Council)
CEH - Certified Ethical Hacker (EC-Council)
PCI QSA - Qualified Security Assessor (PCI DSS, SSF, P2PE, 3DS, TSP)
*Credly hosts the largest and most-connected digital credential network. Please click the icon below to verify my cyber security certifications.
My Previous Experience
Head of Compliance Services (Europe)
NCC Group / 2015 - 2023
Reporting to the Global Head of Compliance – point of contact (SME) for the compliance service line development and management in Europe, including strategy, growth and the service line’s team members development.
Principal Security Consultant
Ambersail Audit Experts / 2010 - 2015
Reporting to MD – security team lead, conducting a full range of security assessments and consultancy services globally in over 50+ countries. This includes but not limited to security audits, risk assessments, security architecture (including cloud), incident response planning, acting Virtual CISO and many others.
Information Security Specialist
NMI Group / 2008 - 2010
Reporting to CISO – designing, deploying and maintaining an enterprise class network across multiple physical sites (USA/UK) with 200+ nodes, including hardening OS, IAM systems, DLP systems, backup solutions, anti-malware solutions and many others.
Cyber Security Skills
Frameworks & Standards 95%
Application Security (SDLC) 85%
Risk Assessment 88%
End-user Awareness Training 90%
Compliance and Audit 100%
Governance 95%
Security Architecture 82%
Physical Security Controls85%
FAQ
Have any questions?
Protecting your business, one regulation at a time - Cipherlex specialises in cyber security compliance services to keep your business secure and compliant. Cipherlex offers a range of cyber security services globally via cost-effective B2B contracts either directly or by a network of partners.
Majority of Cipherlex customers are located in the EMEA region, in the EU and UK. A PDF brochure highlighting core services offered by Cipherlex can be downloaded from here.
GRC consulting firms help organisations protect their information assets from cyber threats by assessing their cybersecurity posture, developing security strategies and policies and implementing security controls and technologies.
I offer cost effective services at the highest quality. My global experience, gathered over the last 20 years across many sectors, maniftests itself in high level of knowledge in most of the cyber security domains. I value detailed and professional deliverables. A PDF brochure highlighting core services offered by Cipherlex can be downloaded from here.
Cipherlex is all about consultancy, without any added complexities. A simple project flow is used for small projects that have relatively straightforward requirements and minimal complexity.
However, it can be adapted and scaled up for larger and more complex projects by adding additional stages or breaking down each stage into more detailed sub-stages.
How to become a Qualified Security Assessor (QSA)?
PCI DSS v4.0 Tech-Talk Corner Series
Two Different Tools to Protect Your Assets: NIST CSF vs PCI DSS
Challenges of Continuous PCI DSS Compliance
The Impact of PCI DSS Non-compliance: Understanding The Consequences
PCI Data Security Standard (PCI DSS)
Secure Software Standard (SSF)
Point-to-Point Encryption (P2PE)
The NIS 2 Directive (EU 2022/2555)
Recommendations
Clients & Colleagues Speak
“I collaborated with Jake for many P2PE assessment on Ingenico solutions. Jake is an excellent QSA consultant with huge and extensive know-how in the PCI domain. On top of an outstanding ability to organize audits both on processes and on technical parts, he is also providing strong and effective recommendation/consultancies to adapt the process to the right level of PCI compliance.”
Gaetano Renda CTO Core Western Europe at Ingenico, Italy“At NearPay we had a requirement to get our PCI DSS done to meet regulatory approvals. We previously had done the PCI DSS however were not pleased with the process. When Jake came onboard as our QSA, we knew we had the right person. His expertise, knowledge and experience in the payments industry and more specifically the PCI standards clearly showed. He was able to help us understand and navigate through complex flows and situations. Not only was his knowledge and expertise wonderful but he was also very professional and was happy to jump on a call at any time.”
Adil Riaz Head of Product at NearPay, Saudi Arabia“We hired Jake's services to help us acheive PCI Compliance. His expertise on the subject was bang on and very reliable right from the initiation of the project until the final delivery of the ROC. I would certainly consider utilizing his services again in future because of his capabilities which are a rare mix of high technical knowledge and Compliance/Regulatory knowledge.”
Dinesh Ranade Senior IT Security Consultant at Direct Line Group, UK“I know Jake from my former role as the Head of IT Security at a major credit card processor in Switzerland. He was our PCI DSS Auditor (QSA) for several years. Apart from his deep technical expertise he understands to communicate well on all levels. Jake was always open to share his knowledge with the team and helped to improve the security posture sustainably. I would work with Jake anytime.”
Christian Grob Head of Security Services, AVANTEC AG, Switzerland“I've been working with Jake for over a decade now covering PCI related security and i can honestly say I've been in very good hands. Jake is a pleasure to work with and has a collaborative approach which leads to smooth and successful projects.”
Colin Parr Senior Project Manager, KAL, UK"I first met Jake when he interviewed for a role at NCC Group. I was immediately impressed by his knowledge, professionalism and commitment to his clients. Over the years at NCC Group Jake gained even more insight and expertise and was a highly valuable member of the senior consultant community.
Should any organisation be looking for a cyber security consultant to help them build and improve cyber resilience I would wholeheartedly recommend Jake.”
“I've had the pleasure to work with Jake for nearly 8 years, within the consultancy team at NCC Group. His Cybersecurity knowledge and experience, client-centric attitude, collaborative approach and general excellence all around (as a consultant and as a human being !!) have always resulted in very satisfied clients and with him being a huge asset to our team during his time here.”
Keith Jelliman Executive Principal Consultant, NCC Group, UK“We had the chance to work together with Jake for many years (> 5 years) in the field of payment security, be it for QSA (PCI Audit) and consultancy assignments during his time at NCC Group. Jake is a pro-active person who always strives for the best possible service towards his clients. He helped us in many challenges regarding implementing PCI-DSS controls and assessing solutions against current PCI Security Standards.”
Lorenzo Tomasina IT Security & Risk Manager, UBS CC, SwitzerlandNote. All testomonials included above have been published on the LinkedIn platform.
Let's get in touch
I enjoy discussing new projects and design challenges. Please share as much info, as possible so I can get the most out of our first catch-up.
Offices:
Email:
Chat:
Legal Note:
Cipherlex is a registered legal entity under the EU Company Law (CRN 5542412753)
Full Terms and Conditions can be downloaded from here.
Estimate your Project
To estimate a project accurately, I need the following information:
1. Project Scope: Detailed description of what you want to achieve.
2. Project Timeline: Desired deadline or timeline for project completion.
3. Technical Specifications: Any specific technical requirements or platforms involved.
4. Communication and Collaboration: Preferred communication channels and availability for meetings.
5. Budget: Understand your budget or range of financial expectations.
6. Project Constraints: Identify any limitations or factors that may impact the project.
Download Section:
Cipherlex | Core Services Brochure