of computer security good practices: NIST, CIS, etc. Experience with security risk assessment, e.g., ISO27005 methodology Technical...