Cyber Operations Center

Zay Yar Aung

Bridging infrastructure, cybersecurity, and executive strategy with a powerful hacker-inspired visual identity.

Security Operations

ISMS strategy, risk analysis, and secure incident playbooks.

Cloud Identity

Microsoft Entra ID, MFA, and conditional access for mission-critical systems.

Network Defense

MikroTik hardening, VPN tunnels, and enterprise Wi-Fi security.

Project Complete

Security Awareness Training Program

Led a full security awareness program with phishing simulations, employee risk scoring, and executive reporting that improved security posture across the organization.

Phishing Simulations Risk Scoring MD Reporting

Operations Snapshot

  • • Phishing defense and employee training
  • • Incident readiness and response playbooks
  • • Governance, compliance and executive visibility
  • • Continuous improvement through security metrics

Core Expertise

ISMS Strategy

Translate audit data into executive-level security planning and compliance documentation.

Cloud Identity

Secure Microsoft Entra ID, MFA authentication, and access policies to protect cloud resources.

Network Defense

Harden MikroTik, VPN and Wi-Fi systems with enterprise-grade security controls.

Phase 1: Planning and Initiation

Scope Definition

Map ISMS boundaries, identify stakeholders, and define context for secure operations.

  • • ISMS Scope Documentation
  • • Stakeholder Analysis
  • • Leadership Commitment
  • • Resource Planning

Phase 2: Risk Assessment

Risk Identification

Identify threats, vulnerabilities and potential impacts across critical systems.

  • • Asset Inventory & Classification
  • • Threat & Vulnerability Analysis
  • • Impact Assessment
  • • Risk Register Development

Phase 3: Risk Treatment

Control Selection

Apply the right security controls and define residual risk tolerance.

  • • Control Objective Setting
  • • Risk Treatment Plans
  • • Residual Risk Evaluation
  • • Statement of Applicability

Phase 4: Implementation

Control Deployment

Implement policies, technical controls and training to strengthen defenses.

  • • Policy & Procedure Development
  • • Security Awareness Training
  • • Technical Control Implementation
  • • Change Management

Phase 5: Strategic Operations

Governance & Reporting

Track system health, communicate with executives, and prepare for incidents.

  • • Continuous System Health Monitoring
  • • Executive Stakeholder Communication
  • • Incident Response Playbook Planning
  • • RTO & Business Continuity Strategy

Technical Stack

MikroTik RouterOS Microsoft Infra Linux Cisco Networking Wi-Fi Technology ISO 27001 (2022)

Let's Work Together

For infrastructure projects, security training, or strategic IT consulting with a hacker-inspired edge.

Email Me LinkedIn Profile