SENIOR CYBER ARCHITECT SECURITY SUBJECT MATTER EXPERT

Professional Profile

Versatile and highly accomplished architect, engineer, analyst and security professional with 15 years of comprehensive technical and cyber security experience covering all aspects of IT infrastructure, enterprise architecture, software development, solution design, emerging technologies, risk management, web applications, database technologies and more. Intuitive problem solver and diagnostician self-motivated and innovative solutions developer with an insatiable appetite for learning new technologies. A master collaborator and gifted communicator with a proven ability to successfully build and lead cross-functional teams, motivate and inspire teammates through training and mentoring while maintaining unwavering customer intimacy.

Core Professional Competencies

• NIST Cyber Security Framework
• Critical Security Controls formerly SANS Top 20
• Enterprise Architecture
• Security Architecture
• Network Architecture
• Application Architecture
• Solutions Development
• Active Directory Group Policy
• Directory Services
• Business-to-Business Integration
• Vulnerability Management
• OWASP Top 10
• Root Cause Analysis
• Software as a Service Model
• Service Oriented Architecture
• Virtualization Technologies
• Requirements Analysis
• System Design Documentation
• IT Contingency Planning
• Disaster Recovery
• Vendor Management
• Critical Incident Management
• COBITv5 IT Governance
• CWE Top 25
• Team Building Leadership
• Mentoring Training
• IT Project Management
• SDLC
• Systems Engineering
• PCI-DSSv2 v3
• CIS Benchmarks
• Contract Negotiation
• SSAE SAS70 Auditing
• Access Control
• Authentication Authorization
• Data Center Management
• Financial Analysis
• Capital Budgeting
• Financial Forecasting
• High Availability Scalability
• Remote Access Solutions
• Public Key Infrastructure
• Security Consulting
• SLA Management

PROFESSIONAL EXPERIENCE KEY ACCOMPLISHMENTS

Confidential

Lumber Liquidator is the largest hardwood retailer in Northern America with stores and offices in the United States, Canada Shanghai, China. The retailer offers liquidator prices on hardwood flooring through purchasing of raw materials directly from lumber mills across the globe including Brazil China among others.

CSIRT Lead Incident Handler

Information Security Team Lead

Responsible for establishing, implementing executing the company's cyber security program from the ground up. Providing subject matter expertise to the cyber security steering committee. of the company's cyber security steering committee, security architectural review and re-design. Establishing corporate IT Governance, Risk Management Compliance GRC program and corresponding policies, standards guidance. Developing ensuring operational readiness of incident data breach response capabilities. Establishing company-wide security awareness program cross-training IT staff on the technical components necessary to resolve skills gaps.

Key Accomplishments:

• Served on the Cyber Security Steering Committee as advisor and subject matter expert to define support strategic initiatives.
• Conducted research and analysis of retail industry-specific threats to augment existing knowledge of the current overall threat landscape emerging threats wrote corresponding position papers to arm the executive team with insight to provide prerequisite knowledge for informed decision making.
• Developed and successfully implemented the company's first formal CSIRT along with supporting infrastructure ,incident response plan and standard operating procedures.
• Leveraged extensive knowledge and professional experience with industry best practices authoritative guidance including numerous NIST Special Publications COBIT, Center for Internet Security, US-CERT the Critical Security Controls for Effective Cyber Defense formerly the SANS Top 20 Critical Controls.
• Supported cyber security initiatives for the company's geographically dispersed offices stores spanning the United States, Canada Shanghai, China.

Cyber Incident Analyst

Confidential

Served as one of six senior incident analysts managing incident investigations, performing cyber forensics and supporting security operations for the Commonwealth of Virginia. Performed product vendor selection and infrastructure deployment of supporting infrastructure oversaw management of 1.2 million security events per month and corresponding incident declaration process. Investigated attacks involving advanced persistent threats APTs , unauthorized access attempts, phishing attempts, SQL injection SQL-I and cross-site scripting request forgery XSS XSRF among others.

Key Accomplishments:

• Bolstered End User Computing and Build Team capabilities by through utilization of malware reverse engineering cyber forensics expertise to establish baseline security analysis methodology for application inspection, hardening guidance and validation of newly added or modified Windows XP and Windows 7 workstation core builds.
• Utilized server infrastructure and log analysis expertise to build log aggregation routine an regular expression analysis of SQL, Active Directory, Windows Server, IIS, Apache and related logs in support of root cause analysis for infrastructure performance diagnostics and incident investigations.
• Automated the ticket creation and submission components of the team's vulnerability remediation process utilizing VBScript, PowerShell, ADSI, WMI, XML, SQL and Python eliminated 95 of manual labor hours and resulting in near 100 accuracy of in good order remediation tickets.
• Improved efficiency and quality of Security Operations SOC operational activities through standardization of existing operating procedures SOPs greatly enhanced the SOC staff's compliance with these procedures through creation of a corresponding work instruction library, cross-training, team mentoring and operational metrics.
• Served as the automation and tools development point of contact for CSIRC aggregated set of automated processes and ad-hoc scripts tools developed increased sustainable CSIRC workload by 125 and eliminated numerous inconsistencies, errors and omissions in security operations workflow.

Accolades:

I've worked with Craig supporting multiple state agencies within the Commonwealth of Virginia and Craig is one of the most detail-oriented and security knowledgeable engineers I have come across in my 20 years. He managed, with very little oversight or direction needed, one of the most complex and secure VPN transitions within a high profile state agency I have ever seen Northrop Grumman be involved with. I would recommend Craig to anyone seeking a highly talented and senior security engineer.

Sr. Consultant

Sr. Network Security Infrastructure Cyber Architect Engineer Confidential

Served as customer technical and security point of contact for over thirty Virginia agencies, including five of the top ten largest agencies as part of the VITA Program's infrastructure consolidation and transformation initiative. Owned collection of business requirements, developed functional requirements and designed technical specifications. Performed architecture and infrastructure design reviews of legacy, agency-maintained environments and applications, executed transformation strategies to migrate all agency-maintained infrastructure to a central data center utilizing virtualization and private cloud technologies for server consolidation and service transformation.

Key Accomplishments:

• Selected by CSIRC, Infrastructure Architecture and Senior Management to lead detailed infrastructure design review, network, security, Active Directory, application and network storage re-architecture for the Department of Health Professions as part of the incident response recovery and risk remediation phases.
• Provided engineering, infrastructure and architectural leadership and subject matter expertise for core Infrastructure and Architecture team charged with consolidation, virtualization, migration, network and service transformation for over 15,000 servers , 85,000 workstations, 135,000 users, all directory services LDAP, Novell, Active Directory consolidation federated forest , remote access infrastructure Active Directory integrated and Cisco ACS, security infrastructure and messaging infrastructure to conversion to enterprise Microsoft Exchange server with DFS and later SAN connectivity and Microsoft Forefront servers.
• Selected by Infrastructure Architecture Senior Management to led a team of 8-10 senior-level security engineers and architects performing infrastructure and architecture design review, network, Active Directory, application and network storage re-architecture enterprise application, firewall rule sets, VPN solutions and enterprise network services for 5 of the top 10 largest agencies in the Commonwealth of Virginia.
• Developed and executed risk remediation project plans and mentored software engineering staff on secure coding practices.

Accolades:

Craig is one of the finest engineers I have ever had the privilege of serving with. Craig's attention to detail, operational focus and long-term follow through make him a superstar even when in the company of superstar's. Craig has no limits. His mastery across the entire spectrum of IT skills and his ability to view the big picture makes him the go-to guy when the wolves are at the door . Any lead / manager would be lucky to have Craig on their team.

Chuck Hare, CISM, CISSP, CCSP, NSA ISAM, CIPT - Global Cyber Security Architect/Booz Allen Hamilton

IT Infrastructure Network Security Engineering Team Lead Confidential

Responsible for all network, Linux, Windows, Directory Services, Messaging, Enterprise Application and Security infrastructure. Technical advisor to the agency Information Security Officer and IT Audit Team Manager. Managed six enterprise firewalls across four different vendor platforms, NIDS NIPS implementation, twelve site-to-site IPSec VPN solutions, remote access VPN connectivity, local and wide area networks connecting over 15,000 servers, 85,000 workstations and 135,000 users across the Commonwealth. Also responsible for a 45 Solaris and Red Hat Linux server farm and all enterprise services including Public Key Infrastructure, SSL, DNS, LDAP LDAPS, Active Directory, SendMail including S MIME, ClamAV, MIMEFang and Spam Assassin and all anti-virus anti-malware end point end user solutions.

Key Accomplishments:

• Re-designed and maintained the BIND DNS and Active Directory-integrated infrastructure including support for eight legacy domain including dss.state.va.us and dss.virginia.gov. Project encompassed public and private DNS re-zoning, service re-design, load balancing, configuration hardening and integration with agency's internal Active Directory-integrated DNS infrastructure.
• Managed 100,000 entity LDAP directory services, authentication and authorization infrastructure and 10,000 user Sendmail, ClamAV, MIMEFang and SpamAssassin infrastructure consolidated, performance-optimized and single-handed managed network and service transformation from legacy, agency-maintained infrastructure to virtualized cloud-based solution authentication and authorization services for all internally-maintained applications.
• Acted as the technical subject matter expert providing technical security advisory support to the DSS Information Security Officer, Enterprise Application Directory and IT Audit Director provided architecture, infrastructure and application design guidance as part of change management to ensure alignment with business requirements, functional requirements architected associated infrastructure and application technical specifications.
• Acted as sole technical authority managing all legacy Cisco network, security and Windows Red Hat Linux and Solaris infrastructure including six enterprise firewalls Symantec Enterprise firewall, Cisco ASA, Linux IPTables, Juniper , remote connectivity and VPN solutions Cisco VPN Concentrator, Nortel Contivity, Cisco ACS, TACACS and 45 Red Hat and Solaris servers.
• Craig is one of the finest engineers that I have had the pleasure of working with. We work together in one of the largest Cisco and Juniper deployments in the world, with hundreds of firewalls in series and parallel. When the team was expanded by several members, Craig took on the task of bringing them up to speed on our complex environment. His top-notch skills and unparalleled work ethic have made him the go to guy for the most delicate and time-sensitive projects.

-Ken McCrohan, CISSP Senior Cyber Security Architect Engineer/Northrop Grumman

Senior Security Analyst Confidential

Supported the Virginia Information Technology Agency's risk management program through the development of enterprise security standards compliant with VITA's security policy and existing standards. Coordinated with agency security personnel across the Commonwealth to implement security standards and regularly attended Information Security Officer Advisory Group ISOAG meetings.

Key Accomplishments:

• Developed security self-assessment program corresponding procedures for all 70 Virginia agencies as an internal audit tool to ensure compliance with the Commonwealth's IT security standard, SEC-501.
• Developed delivered executive-level presentations to the Information Security Officer Advisory Group
• Developed training materials and provided one-on-one mentoring to CISOs technical staff on self-assessment procedures.

Confidential

A global Application Service Provider ASP providing real-time transaction processing and product data exchanges for insurance industry constituents in over 30 countries representing over 100 billion in insurance premiums. Acquired by Ebix, AnnuityNet's pioneering efforts to re-engineer the annuity supply chain have resulted in platform adoption by virtually all annuity product carriers and distributors. Using real-time financial transaction processing and industry-wide adoption of AnnuityNet's XML-driven Product Profile for Annuities PPFA data exchange format, the company has produced a seamless, distributed, secure platform handling over 2 billion in annuity transactions per month and an average of more than 90 in good order zero error application submissions.

Network Operations Manager Confidential

Managed a high-scalability, high-availability financial transaction processing platform capable of 24X7, 99.98 availability utilizing Microsoft IIS web server farms, active-active SQL Server clusters, NetApp Storage Area Networks and three geographically dispersed data centers. Supported the Vice President of Information Technology in defining strategic initiatives, tactical planning and routine contributions during weekly IT leadership meetings. Analyzed business requirements, functional specifications and security due diligence compliance as part of the on-boarding process for new customers through coordination with a team of 20-25 business analysts, project managers, and executive managers. Managed all network and security infrastructure architecture for over 150 servers and all security infrastructure providing mission critical annuity supply chain automation software services to Fortune 500 financial services companies

Key Accomplishments:

• When AnnuityNet was Confidential. the development team was expanded to include an India-based development team. Lead the implementation of this expansion through virtualization of the company's n-tier application development testing environment and collaborated with the international team to bring the development environment online synchronization the existing domestic team's test environment software development lifecycle.
• Improved efficiency and better enforcement of the company's IT Security Policy by fully automating all administrative tasks surrounding service account password updates. This script included automated password refreshes for: COM applications, Windows Services, Scheduled Tasks, .NET Framework components, and other third-party applications.
• Maintained and executed risk management project plan for the company. Duties included maintenance of project milestones, engineering solutions to respond to identified risks and confirming effectiveness of countermeasures through collaboration with the software development team.
• Authored server auditing process for new server builds including the development of automated scripts to verify compliance with CIS baseline and to reduce manual oversights.
• Analyzed business requirements, functional specifications and security due diligence compliance as part of the on-boarding process for new customers through coordination with a team of 20-25 business analysts, project managers, executive-management, vendors and customers.

Accolades:

I worked with Craig in a variety of projects large and small . He has strong knowledge, great people skills and the rare ability to lead complex projects on time and under budget Craig has been the cornerstone for establishing solid security practice for each engagement. These projects were a success mainly because of his dedication and persistent effort . Craig is a Team Member I want on my team every time

Executive Vice President

Craig successfully shepherded several projects over the past year that required him to initiate and manage tasks both personally and across small teams of users He has demonstrated the ability to manage discorporate groups comprised of resources he has no direct control over, and can be counted on to do so without excessive supervision. Craig's ability to not only plan and execute projects, but to maintain the appropriate level of documentation and reporting across these projects makes him a powerful asset to the Technology Services staff.

Executive Vice President, Broadridge Financial Services

Craig can be counted on to do everything he possibly can to excel at everything he does. He is a model employee who consistently impresses his co-workers with his work ethic, his attitude, and his willingness to assist in every situation He does a good job managing deadlines but often doesn't have to be given any to ensure projects are done on time His involvement in any project virtually ensures it's completion, even when it involves obtaining resources well outside the scope of control. His communications are professional, and he can be counted on to manage even the most belligerent clients with confidence and grace.

Executive Vice President, Broadridge Financial Services

SAIC-ISEM Program

A ten year contract to develop and mature all facets of IT security engineering and operations and in addition, ensure early adoption of security controls and achieve full FISMA compliance for all existing and newly developed NASA Headquarters systems.

Principal Information Assurance Engineer Confidential

Served in a Position of National Trust on a hand-picked team of senior security professionals responsible for achieving FISMA compliance for all NASA Headquarters systems and maturing all aspects of the existing NASA HQ IT Security Program including security operations, incident management, vulnerability management, IT contingency planning disaster recovery, end-point security, detection operations, server hardening, SDLC security and penetration testing. Developed numerous NIST 800-18 FIPS-199 system security plans SSPs including required NIST 800-53 A risk analyses. Developed corresponding plans of actions and milestones POA Ms to address gaps in security coverage and FISMA compliance deficiencies ensured residual risk after remediation efforts were completed where within acceptable and mandated levels. Performed all IT security operational duties including vulnerability scanning, incident handling, war walking nibbling, security baseline compliance testing, war dialing, etc. Identified cost-effective security countermeasures in accordance with data classification, business impact analyses and additional quantitative and qualitative analyses.

Key Accomplishments:

• Hand-picked to own all application, network and security architectural oversight for construction of the NASA Headquarters Space Operations Center project was completed on schedule, fulfilling a critical perquisite allowing for the launch of NASA's STS-100 Return to Flight mission the first flight following the Columbia Shuttle accident.
• Selected to manage the program's most high-visibility and or time-sensitive projects after being personally requested for assignment by our NASA customer. Special projects managed included NASA TV nation-wide analog-to-digital infrastructure upgrade and the establishment of an air-gapped facility for Lunar and Mars rover engineers requests for proposal RFP generation.
• Developed NIST SP 800-34 IT Contingency Plan and operational program including scenario-based training, Continuity of Operations COOP integration, National Incident Management Systems NIMS based war room for contingency operational oversight additionally spearheaded Headquarters-wide Business Impact Analysis BIA and established quantitative model to ensure all downtime tolerance levels were captured and sustainable.

Confidential

A global Application Service Provider ASP providing real-time transaction processing and product data exchanges for insurance industry constituents in over 30 countries representing over 100 billion in insurance premiums. Acquired by Ebix, AnnuityNet's pioneering efforts to re-engineer the annuity supply chain have resulted in platform adoption by virtually all annuity product carriers and distributors. Using real-time financial transaction processing and industry-wide adoption of AnnuityNet's XML-driven Product Profile for Annuities PPFA data exchange format, the company has produced a seamless, distributed, secure platform handling over 2 billion in annuity transactions per month and an average of more than 90 in good order zero error application submissions.

Senior Systems Engineer Confidential

Provided technical engineering, support and guidance for an application service provider providing technology services to multiple Fortune 500 financial companies. Services included implementation and support of an n-tier application based on Windows DNA, Java and ASP.NET frameworks which provided financial online transaction processes. Duties included risk management, engineering, administration and managed enterprise security services for all Finetre systems including a 100 node Corporate LAN, five test environments encompassing 50 nodes, and a 20 node production environment.

Key Accomplishments:

• Assessed and improved enterprise-wide security measures including research and enforcement of server and workstation security settings with Active Directory Group Policy, researching and deploying security patches, and locking down permissions NTFS, SQL Server, IIS, etc.
• Developed and coded compliance scanning toolset using VBScript, WMI, ADSI, and SQL Server to ensure all servers were in compliance with Center for Internet Security CIS baselines. Tools were integrated into Group Policy to provide incremental compliance scans dependent upon the server platform Windows, Linux, SQL Server, IIS, ASP.NET, etc. . Compliance scanner provided automated reports for management and engineers.
• Developed log aggregation and analysis tool to normalize and analyze logs from multiple sources used for troubleshooting and security investigation automation. Tool utilized VBScript and SQL Server code to retrieve and analyze Windows IIS, HFNetchk, McAfee and Symantec logs among others and generated text based and HTML formatted reports.
• Managed public key infrastructure including maintenance of a Windows 2000 certificate authority, securing and debugging issues involving custom PGP decryption/encryption routines, implementing SSL and implementing digitally signed scripts and email.

CONSULTING EXPERIENCE

President Founder Confidential

Private security consultancy providing security consultative services to small- and mid-sized companies. Core service offerings include: enterprise and security architectural analysis, risk assessment report RAR development, risk remediation planning and oversight, cyber threat analysis, penetration testing, cyber forensics, incident response and vendor product testing evaluation ST E . Achieved profitability in the second year with over 200 growth in revenue from the prior year due to repeat customers.

In-Progress Initiatives

Security Testing Evaluation ST E of Bangladesh-based company SECPOD in support of product testing for NIST SCAP validation.

Article publication for Hacking Magazine for Poland-based Hacking Insight Press.

Confidential

• Reviewed, analyzed design of enterprise Citirx remote access platform and provided ongoing operational support, team coaching and service hardening recommendations.
• Evaluated and provided performance optimization and best practices recommendations for Windows 2003 Active Directory and Group Policy deployment, FSMO Role assignments, Global Catalog placements and overall site topology across four geographically dispersed data center locations interconnected via site-to-site IPSec VPNs, fibre and Metro Ethernet.
• Designed and conducted hybrid threat analysis, security assessment and architectural design analysis customized to customer business requirements applied multi-disciplinary methodology to assessment including elements from including penetration testing, vulnerability assessment, security auditing, and related disciplines.
• Supported early adoption of next-generation firewall technology through detailed design, functionality validation and product recommendation for enterprise firewall replacements across four co-located data center locations. Product testing and evaluation included Cisco ASA, ForiNet and Palo Alto solutions.
• Developed risk remediation plans based on security assessment final reports and provided customer implementation support during execution.

Confidential

Performed critical incident management, diagnostic support and stabilization of operations for failed upgrade to Exchange 2010 due to installation corruption and supported integration into existing enterprise Citrix platform.

Owned the design and authorship of standard operating procedures for routine maintenance of both Exchange and Citrix platforms.

PROFESSIONAL ASSOCIATIONS VOLUNTEERISM

ISC 2

Founder President, ISC 2 Member Chapter, Richmond Metro Area

Center for Internet Security

Benchmark Maintainers Community Member

MITRE Corporation

OVAL Developers Community Member

MITRE Corporation

Emerging Specifications Community Member

Cloud Security Alliance

NGC Mentor1NG

NGC Mentoring Matters

Associate Member

Official Mentor Automation Technologies, Security Tools Concepts

Official Mentor MS SQL Development, Business Intelligence, XML XSD

SECURITY TRAINING COURSES

ISC 2

CISSP-ISSAP Architecture Concentration - ongoing

SANS Institute

Network Penetration Testing Ethical Hacking 2011

SANS Institute

Hacker Techniques, Exploits Incident Handling 2010

SANS Institute

Securing UNIX Linux 2010

SANS Institute

Implementing Cisco Intrusion Prevention Systems 2009

SANS Institute

Auditing Networks, Perimeters Systems 2009

SANS Institute

Intrusion Detection In-Depth 2009

Global Knowledge

Securing Cisco Network Devices

Global Knowledge

Securing Networks with Cisco Routers and Switches 2008

Global Knowledge

Securing Networks with PIX and ASA 2008

Dynamic Worldwide

Configuring Juniper Networks Firewall IPSec VPN Products 2008

Fishnet Security

Security Manager Fundamentals 2008

SANS Institute

Perimeter Protection In-Depth 2008

SANS Institute

Up and Running with the MetaSploit Framework 2008

SANS Institute

Identifying and Removing Malware 2008

SANS Institute

Power Search with Google 2008

SANS Institute

Comprehensive Packet Analysis 2008

SANS Institute

.NET Security Defensible ASP.NET Applications 2006

SANS Institute

Securing Windows 2002