$ abov2u@r.postjobfree.com

~/CV $

Skip to content

Computers

Code

CV

Cycling

Gaming

Pool and Billiards

Equal Offense Scores

Pool Table Pre-Possession

Score Sheets

SUMMARY OF QUALIFICATIONS

I have 14 years in Information Technology, ranging from front end web development, to

middleware web application development, to service and server administration, and

information security. I have been involved in restructuring, from the ground up,

enterprise security infrastructure using best industry practices, both as a technical lead

and as support for business units and other areas of IT. My technical knowledge includes

logical and physical network and security infrastructure, firewalls, intrusion detection

and prevention, network traffic mapping and monitoring, vulnerability and network state

scanning, encryption, policy and procedure creation and enforcement, and product

evaluation and implementation. My experience includes the support of information

technology teams, troubleshooting network, server and software issues, extensive work with

auditors, and external regulations (GLBA, Sarbanes-Oxley, HIPPA). I am familiar with and

comfortable in both Windows and unix/linux environments.

TECHNICAL SKILLS

Operating Systems: Microsoft Windows XP, 7; Microsoft Server 2000, 2003; unix (FreeBSD,

OpenBSD, Linux, Solaris, HP/UX, AIX).

Firewalls: Checkpoint/Nokia DL350, Netscreen 5GT; 208, SonicWALL Pro 300; Pro 1260; Pro

2040; Pro 3060

Security Software: McAfee Entercept and ePO, ISS RealSecure, ISS Guard, Surf Control

E mail Filter, Blue Coat ProxySG, Juniper NeoTeris SSL VPN, Checkpoint

SecureClient/SecureRemote VPN, TrendMicro IMSS, Securify Enterprise Monitor, nCircle,

ArcSight, NFR, Snort, ACID, Open SSH, TripWire, NMap, Nessus.

Other Software: Apache 1.3.x 2.2.x, Active Directory, Hyena 7, CVS, MySQL, Oracle,

PostFix, Sendmail, Samba, PostgreSQL, Microsoft Office (2000, XP, 2007).

Languages: Perl (& mod_perl), Powershell, HTML, CSS, Shell Scripting (DOS, Bourne, KSH,

SH, CSH, TCSH).PROFESSIONAL EXPERIENCE

2007PresentFirst National Bank Overland Park, KS

Information Security Analyst

Oversight of and responsible for awareness campaigns, auditing, policy compliance, and

training for Kansas, Texas and some Iowa affiliate locations.

Performed business hours and evening walk throughs of locations under area of

responsibility on a regular basis to gauge Information Security Policy compliance.

Primarily responsible for monthly enterprise wide newsletters on information security

topics, including the following: Social Networking Security, Social Security Number fraud,

Risks of Removable Media, Password Security, and Protecting Personal Information at Home.

Participated in evaluation of technology to allow secure use of personal devices for

enterprise messaging and calendar.

Participated in evaluating vendors for PCI and HIPAA compliance.

Perform regular audits of Active Directory account activity, network share security,

installed applications against approved applications lists, patch level compliance and

file level auditing using Nessus, Hyena, nCircle, MBSA, and a variety of custom built

tools written in Perl and Powershell.

Presentations at all employee, management and officer meetings on general information

security topics and specific Information Security Policy points.

Provide new hire orientation.

2003-2007Gold Bank / Marshall & Ilsley Corporation Overland Park, KS Senior Information Security

AnalystMarshall & Ilsley Corporation

Monitored, customized, and supported the IDS monitoring system, NFR, the distributed

network scanning system nCircle, and the enterprise log aggregation tool, Arcsight. Built

and deployed custom ArcSight agents for log collection for log exports in text format from

external applications.

Created monthly executive reports using Excel from several variant data sources,

including Surf Control, nCircle, McAfee Enterprise Policy Orchestrator, Crystal Reports,

and Lotus mail files parsed with custom perl scripts.

Responsible for researching and coordinating the eventual enterprise installation of a

centrally managed password and document storage system as well as an enterprise encryption

solution for protecting data both in transit and at rest.

Gold Bank

Responsible for monitoring, configuring and maintaining enterprise network security,

including perimeter and internal firewalls (Checkpoint NG and Juniper Netscreen 208s), IDS

and HIDS installations, client-based and clientless VPN, regular and ad hoc scanning of

the network.

Installed and maintained three FreeBSD based snort sensors that report to a central

database store. Used ACID to monitor and maintain event database and reports.

Wrote corporate security policies, and accompanying technical policies for IIS Site

Protector, McAfee Entercept and Microsoft Active Directory.

Worked with federal examiners and audit firms to ensure all GLBA and SOX requirements

were met. Worked with external penetration testing firms to expose vulnerabilities and

validate fixes.

Built custom vulnerability scanning tools in perl for regular Windows account auditing.

Built custom Checkpoint log reporting tools in perl.

Additional duties included assisting the IT Help Desk in troubleshooting network, server

and application issues as related to both security and general productivity. This included

availability and configuration issues with Windows 2000 and 2003 IIS, SQL Server 2000, and

a wide variety of operating systems issues.

01/2001-11/2001eScout LLC Lees Summit, MO

CVS/Apache Administrator

In charge of implementing and maintaining CVS and Apache across 5+ Sun Solaris 5.6/8 and

VA Linux servers.

Responsible for all Apache configuration and performance issues.

Involved in the design and implementation of a code migration schedule and structure that

involved three tiers (development, QA/QC, and production).

Developed a collection of perl and shell scripts to partially automate code migration

through this schedule. Began work to consolidate the various and separate scripts into one

cohesive application, and to convert the three tiered migration structure to a four tier

(development, QA/QC, staging, production) structure to better handle emergency releases

and bug-fixes.

1997-2000UMB Bank Kansas City, MO

Internet Services Programmer/Analyst

HTML/graphic design with emphasis on usability design.

Applications programming using perl.

Systems administration with a focus on the Apache web server.

5/19964/1997University of Kansas Lawrence, KS

Web Assistant

HTML coding of University Relations web site, including undergraduate catalog, and news

releases. Began implementing web site/database integration utilizing Lasso and Filemaker

Pro 4.

1/19964/1997University of Kansas Lawrence, KS

Consultant/Help Desk

Extensive customer interaction, Macintosh and Windows troubleshooting, helping with

Windows95 Slip and PPP connectivity, and general software and hardware troubleshooting.

1/19975/1997University of Kansas Lawrence, KS

KUfacts Interim Web Administrator

Answering any and all e mail to the KUfacts administrative accounts, handling issues such

as inappropriate use of server resources, server upkeep, site maintenance and upkeep, and

working with various individuals, departments and organizations in keeping the site up to

date.

PROFESSIONAL TRAINING

December 2003 SANS Conference Washington, DC

SANS Track 5: Securing Windows using Active Directory

April 2005 FishNet Security Kansas City, KS

AccessData Ultimate Toolkit Bootcamp

August 2005 FishNet Security Kansas City, KS

Netscreen Firewalls

August 2006 ArcSight San Francisco, CA

ArcSight Log Aggregation Tool

April 2012 CISSP Kansas City, KS

EDUCATION

1990-1997 University of Kansas Lawrence, KS

- 3 Years Illustration and Graphic Design

- 1 Year Computer Engineering

- BSW from the School of Social Welfare

Proudly powered by WordPress Theme: Toolbox by Automattic.

Contact this candidate