SUMMARY:

• Over 35 years progressively responsible positions in Information Technology.
• CISSP Certification
• ITIL Foundation Certification
• GREM Certification
• Security Manager with proven track record in maintaining secure architecture
• Responsible for the safety and security of 2,500 Financial institutions and over 9 - million end-users
• Maintained fraud rates of less than 0.1% overall
• Created and maintained Security Analytics Engine to expose unseen risk.
• Experienced in resolving FFIEC, SOX and SAS-70 Audits
• Security Analyst experience with all phases of computer security: computer viruses, Hacking / Phreaking techniques and tools
• Software Engineer and Architect with experience developing applications with OOD techniques.
• Technical Manager with the ability to lead multiple teams to achieve on-time project closure.
• Able to perform forensic analysis and data recovery from Virus or otherwise damaged hard disks.
• Experienced in the art of reverse-engineering and disassembling of malware.
• Intimate knowledge and experience with INTEL assembly language.
• Able to write device drivers and other low-level system-type code.
• In-depth knowledge of, and experience with, the internals of personal computers, UNIX workstations, mainframe computers, networks and diverse operating systems
• Positive, Problem-Solving Attitude with the Hands-on Knowledge to get the job done right.
• Management of teams of up to 25 staff..
• Bit-level knowledge of the operating systems
• Experienced in Threat Intelligence

TECHNICAL SKILLS:

• Windows (All Versions) Red Hat Enterprise Linux
• Cent/OS Ubuntu Linux
• IBM Mainframes CICS
• C/C++/C# JAVA
• HTML Windows Active Directory/LDAP
• Visual Basic / VBA / VBScript JavaScript
• PERL PHP
• Python COBOL
• Intel Assembler SIFT
• Juniper IDP/NSM Splunk
• SQL Confidential ArcSight, Connectors, Loggers and SIEM
• .NET Forensic Tool Kit
• FireEye WebSense
• JDBC RackSpace IDS
• Trend Micro OfficeScan AV McAfee AV
• Confidential AV RSA DLP
• ProofPoint F-Response
• SANS REM Malware Lab EnCase

PROFESSIONAL EXPERIENCE:

Cyber Investigator

Confidential

Responsibilities:

• Member of Confidential and Cyber-Investigations Team
• Use Splunk, FireEye, ProofPoint and Arcsight to investigate security-related issues
• Use EnCase for forensic analysis of machines and hard disks.
• Performed investigations of employees suspected of improper activities
• Performed ‘Dark Web’ searches for threats against CVS
• Performed Threat Intelligence and proactive Threat Hunting
• Disassembly and analysis of malware and investigation of infected machines.
• Investigated hacking, intrusion attempts, collected evidence
• Worked with Law Enforcement and Confidential Legal Staff as required
• Assisted the SOC as ‘Level-4’ analysts and investigators
• Investigated all threats to Executive Management
• Passed SANS REM course FOR610
• Passed SANS Windows Forensic Analysis course FOR408
• Created SANS-compliant Malware Analysis Lab for Confidential
• Installation of IDA Pro as a malware analysis tool

Confidential

Technical Security Specialist

Responsibilities:

• Monitoring customer security in a multi-tenant MSP.
• Overseeing a staff of 5 Security Engineers.
• Forensic analysis of machines and hard disks.
• Disassembly and analysis of malware and investigation of infected machines.
• Performed Security Vulnerability Assessments regularly.
• Security Patching of Confidential internal and customer servers
• Investigated hacking, intrusion attempts, collected evidence
• Responsible for Anti-Virus, Vulnerability Assessments and Security Patching for all Contracted Tenants
• Responsible for granting access and identity management internally and for contracted tenants
• Responsible for on-boarding and building of contracted tenant security infrastructure
• Upgraded Confidential Altiris product from v6.2 to v7.5
• Installation Of Confidential ArcSight for log storage

Confidential

Responsibilities:

• Monitoring customer security in a multi-tenant MSP.
• Overseeing a staff of 5 Security Engineers.
• Forensic analysis of machines and hard disks.
• Disassembly and analysis of malware and investigation of infected machines.
• Performed Security Vulnerability Assessments regularly.
• Security Patching of Confidential internal and customer servers
• Investigated hacking, intrusion attempts, collected evidence
• Responsible for Anti-Virus, Vulnerability Assessments and Security Patching for all Contracted Tenants
• Responsible for granting access and identity management internally and for contracted tenants
• Responsible for on-boarding and building of contracted tenant security infrastructure
• Upgraded Confidential Altiris product from v6.2 to v7.5
• Began Installation Of Confidential ArcSight for log storage
• Began Installation Of CA GovernanceMinder

Confidential

SENIOR STAFF SECURITY ANALYST

Responsibilities:

• Monitoring systems, using ArcSight for anomalies/intrusions/malware.
• Creation of many in-house tools for monitoring and analysis of security issues.
• Forensic analysis of machines and hard disks.
• Disassembly and analysis of malware and investigation of infected machines.
• Performed Security Assessments of all products before allowing them to be rolled into production.
• Member of Security Incident Response team
• Investigated all hacking, intrusion attempts, collected evidence
• Performed regular event monitoring to detect intrusion attempts and other fraud
• Responsible for both hardware and software solutions
• Architect for Security Reporter in-house product
• Experienced and successful in resolving external audits as well as Schwab internal audits
• Collected documentation and prepared management responses for all audits
• Maintained and enforced stringent best-practices policies to ensure the safety and integrity of our clients
• Performed quality, ongoing training for professional staff to ensure highest levels of technical competence

Confidential

MANAGER, SECURITY & FRAUD

Responsibilities:

• Responsible for all security issues: Intrusion Detection; Anti-Virus; Firewalls; etc.
• Responsible for all fraud investigations and resolution, worked with Federal and local authorities.
• Led a staff of 15 Security Professionals under Confidential ’s High Performance Organization
• Reported directly to the VP of Security, Scott Mackelprang
• Maintained network and application security for 2,500 Financial Institutions and over 9-million end-users
• Performed regular penetration testing and analysis on all servers
• Member of Security Incident Response team
• Investigated all reports of fraud
• Investigated all hacking, intrusion attempts, collected evidence and worked with law enforcement
• Performed regular event monitoring to detect intrusion attempts and other fraud
• Responsible for both hardware and software solutions
• Architects for Security Project Solutions
• Experienced and successful in resolving SAS-70, SOX and FFIEC audits as well as Confidential internal audits
• Collected documentation and prepared management responses for all audits
• Maintained and enforced stringent best-practices policies to ensure the safety and integrity of our clients
• Interfaced directly with financial institutions to resolve customer issues
• Performed quality, ongoing training for professional staff to ensure highest levels of technical competence

Confidential

SENIOR SECURITY ADMINISTRATOR

Responsibilities:

• Responsible for all security issues: Intrusion Detection; Anti-Virus; etc.
• Maintained network security for 50,000 merchants doing real-time credit card processing
• Member of the Security Incident Response team
• Investigate cyber-fraud and hacking attempts, prepare evidence
• Monitor security logs for hacking attempts
• Ensure compliance with PCI standards
• Participate in and resolve issues with PCI and SAS-70 audits
• Performed regular penetration testing and analysis on all internet exposed servers
• Responsible for both hardware and software solutions
• Architects for Programming/Project Solutions
• Gather Project Specifications, Resources and Time Estimates
• Insure Schedules are Met
• Responsible for creation of the ‘LEN’ network
• Interface Issues between Developers and Customers
• Technical Mentor to Junior Staff (Best Practices, Coding/Architectural Questions).
• Created /maintained separate security domain for developers / QA staff
• Promoted to Network Administrator of the ‘LEN’
• Promoted to Security Administrator of the Linkpoint Gateway

Confidential

PROJECT SECURITY/INTEGRATION MANAGER

Responsibilities:

• Insure All Software Meets Security Requirements
• Analyze and Maintain Server-Level Security
• Research Methods to Foil Hostile Penetration
• Architects for Programming/Project Solutions
• Work with Sales and Professional Services to produce ‘Statement of Work’
• Gather Project Specifications, Resources and Time Estimates
• Produce Project Plans, Timelines and Charts
• Interface Issues between Developers and Customers
• Technical Mentor to Junior Staff (Best Practices, Coding/Architectural Questions

Confidential

SENIOR ENGINEER

Responsibilities:

• Administration and Troubleshooting of 24 Websites
• Responsible for Security on all websites
• Installed / Maintained SiteMinder Security
• Aggressively and Proactively Foil all Hacking Attempts
• Perform Penetration Testing to Maintain Security
• Provide Demonstration code and Object/Business Models to lower-level software developers
• Create Low-Level Tools for Ease of WebSite Administration
• Installed / Maintained Netscape Directory Server
• Installed / Maintained NetDynamics Servers
• Involved with Both Hardware and Software Solutions

Confidential

SENIOR SOFTWARE ENGINEER

Responsibilities:

• Designing Security Methodology to foil data theft.
• Provide Proof of Concept demonstrations and scenarios of new technology.
• Analyze and provide feasibility studies of new and emerging technologies.
• Find technology solutions for existing and upcoming business needs.
• Mentor Confidential ’s New Technology Group.
• Provide Demonstration code and Object/Business Models to lower-level software developers.

Confidential

SENIOR SOFTWARE ENGINEER

Responsibilities:

• Architecture and development of new commercial software.
• Reverse Engineering (disassembly) of Windows.
• Designing Security Methodology to foil software piracy.
• Architecture and development of new In-House Technical Support/Customer Service Tools.
• Design and development of Internet-based Credit Card Billing System.
• Design and development of SQL Database solutions for customer tracking.
• PC/Workstation/LAN Security

Confidential

SENIOR SOFTWARE DEVELOPER

Responsibilities:

• Architecture and development of new commercial software.
• Reverse Engineering (disassembly) of OS/2and Windows.
• Teaching C/C++ and Intel Assembly Language.
• Teaching DOS, Windows and OS/2 internals and programming to professional staff.
• PC/Workstation/LAN Security