View Jake Eliasz's profile on LinkedIn

Jake is a Chartered Principal Consultant with over 15 years’ experience in Information Technology. Jake has performed many consultative engagements for retail, banking and government sectors in the EMEA region. Jake is currently focused on designing security controls, PCI DSS, PA DSS, ethical hacking and security risk/compliance. Prior to working for NCC Group, Jake worked as a Lead Security Consultant – QSA (Ambersail), Security Specialist (CreditCall) and Security Analyst (Symantec), where he was designing, implementing and managing various security controls for large, distributed networks. Jake has graduated from the University of Plymouth with the MSc degree in Information Security.

Jake holds a number of vendor-specific and vendor-neutral accreditations such as:

PCI TSP – Token Service Providers Assessor (since 2016)
PA-QSA (P2PE) – Point-to-Point Encryption Assessor (since 2016)
PA-QSA – Payment Application Qualified Security Assessor (since 2011)
PCI-QSA – Payment Card Industry Qualified Security Assessor (since 2010)
PCIP – Payment Card Industry Professional
CITP – Chartered IT Professional
CISSP-ISSAP – Information Systems Security Architecture Professional
BRRP-QSA – Barclaycard Risk Reduction Programme Qualified Security Assessor
C|EH – Certified Ethical Hacker
CISA – Certified Information Systems Auditor
CISSP – Certified Information Systems Security Professional
CPTS – Certified Penetration Testing Specialist
CCNA – Cisco Certified Network Associate
LPIC – Linux Professional Institute Certification
MCSE – Microsoft Certified Systems Engineer

Jake is an active member and contributor in the following organisations:
BCS – British Computer Society
ISC2 – Information Systems Security Certification Consortium
ISACA – Information Systems Audit and Control Association
EC Council – The International Council of E-Commerce Consultants
PCI SSC – Payment Card Industry Security Standards Council


  1. Jake,

    I read your posting about the ISSAP. On other blogs, some people say that the crypto portion of the exam involves a lot of mental math. I just read the crypto section of the second edition Official ISSAP guide and did the end-of-chapter questions. Am I missing something? Didn’t encounter any real math.



    • The only math I recall is memorizing the symmetric and asymmetric algorithms along with key lengths / blocks, etc. This takes a little bit of effort. 🙂

  2. I’m guessing that the job market for CISSP-ISSAP professionals is similar in America and the UK. Was getting the ISSAP worth it? Did you get any job promotion, surge of job offers, etc based solely on this cert?

  3. Hi Jake,
    Do you have any idea how can I get a recent ISSAP statistics worldone? I mean just like the one you posted last august in your blog?

    Could you please send me your reply to my email address?


  4. Jake, I’d like to attempt the CISSP, as an entry point to Security Certifications. Is this a good idea? What would you recommend as a path to certifying oneself in the security domain? I work with a Payment Gateway organisation and have several years of experience in the area of Oracle’s IDAM suite. Many thanks for your input.

    • Hi – thanks for looking. If you are interested in the IT Security field, I suggest studying topics you find interesting (compliance, ethical hacking, SDLC, etc.) and then worry about certifications. If you are looking for a new job, then CISSP and others may be necessary as it gives you a better chance of being noticed in a pile of CVs.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.