$ abov2u@r.postjobfree.com
~/CV $
Skip to content
Computers
Code
CV
Cycling
Gaming
Pool and Billiards
Equal Offense Scores
Pool Table Pre-Possession
Score Sheets
SUMMARY OF QUALIFICATIONS
I have 14 years in Information Technology, ranging from front end web development, to
middleware web application development, to service and server administration, and
information security. I have been involved in restructuring, from the ground up,
enterprise security infrastructure using best industry practices, both as a technical lead
and as support for business units and other areas of IT. My technical knowledge includes
logical and physical network and security infrastructure, firewalls, intrusion detection
and prevention, network traffic mapping and monitoring, vulnerability and network state
scanning, encryption, policy and procedure creation and enforcement, and product
evaluation and implementation. My experience includes the support of information
technology teams, troubleshooting network, server and software issues, extensive work with
auditors, and external regulations (GLBA, Sarbanes-Oxley, HIPPA). I am familiar with and
comfortable in both Windows and unix/linux environments.
TECHNICAL SKILLS
Operating Systems: Microsoft Windows XP, 7; Microsoft Server 2000, 2003; unix (FreeBSD,
OpenBSD, Linux, Solaris, HP/UX, AIX).
Firewalls: Checkpoint/Nokia DL350, Netscreen 5GT; 208, SonicWALL Pro 300; Pro 1260; Pro
2040; Pro 3060
Security Software: McAfee Entercept and ePO, ISS RealSecure, ISS Guard, Surf Control
E mail Filter, Blue Coat ProxySG, Juniper NeoTeris SSL VPN, Checkpoint
SecureClient/SecureRemote VPN, TrendMicro IMSS, Securify Enterprise Monitor, nCircle,
ArcSight, NFR, Snort, ACID, Open SSH, TripWire, NMap, Nessus.
Other Software: Apache 1.3.x 2.2.x, Active Directory, Hyena 7, CVS, MySQL, Oracle,
PostFix, Sendmail, Samba, PostgreSQL, Microsoft Office (2000, XP, 2007).
Languages: Perl (& mod_perl), Powershell, HTML, CSS, Shell Scripting (DOS, Bourne, KSH,
SH, CSH, TCSH).PROFESSIONAL EXPERIENCE
2007PresentFirst National Bank Overland Park, KS
Information Security Analyst
Oversight of and responsible for awareness campaigns, auditing, policy compliance, and
training for Kansas, Texas and some Iowa affiliate locations.
Performed business hours and evening walk throughs of locations under area of
responsibility on a regular basis to gauge Information Security Policy compliance.
Primarily responsible for monthly enterprise wide newsletters on information security
topics, including the following: Social Networking Security, Social Security Number fraud,
Risks of Removable Media, Password Security, and Protecting Personal Information at Home.
Participated in evaluation of technology to allow secure use of personal devices for
enterprise messaging and calendar.
Participated in evaluating vendors for PCI and HIPAA compliance.
Perform regular audits of Active Directory account activity, network share security,
installed applications against approved applications lists, patch level compliance and
file level auditing using Nessus, Hyena, nCircle, MBSA, and a variety of custom built
tools written in Perl and Powershell.
Presentations at all employee, management and officer meetings on general information
security topics and specific Information Security Policy points.
Provide new hire orientation.
2003-2007Gold Bank / Marshall & Ilsley Corporation Overland Park, KS Senior Information Security
AnalystMarshall & Ilsley Corporation
Monitored, customized, and supported the IDS monitoring system, NFR, the distributed
network scanning system nCircle, and the enterprise log aggregation tool, Arcsight. Built
and deployed custom ArcSight agents for log collection for log exports in text format from
external applications.
Created monthly executive reports using Excel from several variant data sources,
including Surf Control, nCircle, McAfee Enterprise Policy Orchestrator, Crystal Reports,
and Lotus mail files parsed with custom perl scripts.
Responsible for researching and coordinating the eventual enterprise installation of a
centrally managed password and document storage system as well as an enterprise encryption
solution for protecting data both in transit and at rest.
Gold Bank
Responsible for monitoring, configuring and maintaining enterprise network security,
including perimeter and internal firewalls (Checkpoint NG and Juniper Netscreen 208s), IDS
and HIDS installations, client-based and clientless VPN, regular and ad hoc scanning of
the network.
Installed and maintained three FreeBSD based snort sensors that report to a central
database store. Used ACID to monitor and maintain event database and reports.
Wrote corporate security policies, and accompanying technical policies for IIS Site
Protector, McAfee Entercept and Microsoft Active Directory.
Worked with federal examiners and audit firms to ensure all GLBA and SOX requirements
were met. Worked with external penetration testing firms to expose vulnerabilities and
validate fixes.
Built custom vulnerability scanning tools in perl for regular Windows account auditing.
Built custom Checkpoint log reporting tools in perl.
Additional duties included assisting the IT Help Desk in troubleshooting network, server
and application issues as related to both security and general productivity. This included
availability and configuration issues with Windows 2000 and 2003 IIS, SQL Server 2000, and
a wide variety of operating systems issues.
01/2001-11/2001eScout LLC Lees Summit, MO
CVS/Apache Administrator
In charge of implementing and maintaining CVS and Apache across 5+ Sun Solaris 5.6/8 and
VA Linux servers.
Responsible for all Apache configuration and performance issues.
Involved in the design and implementation of a code migration schedule and structure that
involved three tiers (development, QA/QC, and production).
Developed a collection of perl and shell scripts to partially automate code migration
through this schedule. Began work to consolidate the various and separate scripts into one
cohesive application, and to convert the three tiered migration structure to a four tier
(development, QA/QC, staging, production) structure to better handle emergency releases
and bug-fixes.
1997-2000UMB Bank Kansas City, MO
Internet Services Programmer/Analyst
HTML/graphic design with emphasis on usability design.
Applications programming using perl.
Systems administration with a focus on the Apache web server.
5/19964/1997University of Kansas Lawrence, KS
Web Assistant
HTML coding of University Relations web site, including undergraduate catalog, and news
releases. Began implementing web site/database integration utilizing Lasso and Filemaker
Pro 4.
1/19964/1997University of Kansas Lawrence, KS
Consultant/Help Desk
Extensive customer interaction, Macintosh and Windows troubleshooting, helping with
Windows95 Slip and PPP connectivity, and general software and hardware troubleshooting.
1/19975/1997University of Kansas Lawrence, KS
KUfacts Interim Web Administrator
Answering any and all e mail to the KUfacts administrative accounts, handling issues such
as inappropriate use of server resources, server upkeep, site maintenance and upkeep, and
working with various individuals, departments and organizations in keeping the site up to
date.
PROFESSIONAL TRAINING
December 2003 SANS Conference Washington, DC
SANS Track 5: Securing Windows using Active Directory
April 2005 FishNet Security Kansas City, KS
AccessData Ultimate Toolkit Bootcamp
August 2005 FishNet Security Kansas City, KS
Netscreen Firewalls
August 2006 ArcSight San Francisco, CA
ArcSight Log Aggregation Tool
April 2012 CISSP Kansas City, KS
EDUCATION
1990-1997 University of Kansas Lawrence, KS
- 3 Years Illustration and Graphic Design
- 1 Year Computer Engineering
- BSW from the School of Social Welfare
Proudly powered by WordPress Theme: Toolbox by Automattic.