Abraham M. Smith
**** ******** *****, **********, ** 40223
acd2lf@r.postjobfree.com
CERTIFICATIONS
Payment Card Industry (PCI) Qualified Security Assessor (QSA) 2009
Customer Service Manager Certificate (CSMC)
Certified Information Security Systems Professional (CISSP)
Microsoft Certified Systems Engineer (MCSE) MCP ID: 1315822
QualysGuard Certified Specialist
Watchfire - AppScan Certified Engineer (acquired by IBM)
SPI Dynamics Certified Associate (acquired by HP)
Palo Alto Accredited Configuration Engineer
RedSeal Certified Administrator
PROFESSIONAL EXPERIENCE
Lead Security Operations Engineer, Airlines Reporting Corporation,
Louisville, Kentucky,
May 2012 - Present
Responsibilities include procurement, implementation, administration,
monitoring and examination of security management tools needed to discover
vulnerabilities and correlate incidents. Also responsible for incident
detection, investigation, mitigation, documentation, logging, and
reporting.
IBM Qradar SIEM Application management, reporting and correlation of
events.
Vormetric Encryption program for server, file and database encryption
Enterprise Anti-virus Security using LANdesk systems and asset management
Information Security Vulnerability Monitoring (Nexpose Rapid7)
Perform scans on computer systems and then perform analysis of the results
to determine all information security vulnerabilities and then initiate
appropriate remediation steps
Coordinate third party penetration testing of external and internal
networks as well as all company public facing applications. Manage
remediation efforts with all responsible parties.
Monitoring and testing compliance of security controls (PCI-DSS and
ISO27001)
Monitor and respond to network threats and vulnerabilities across the
network
Respond to and lead investigations and document all suspected information
security events and provide recommendations for corrective actions
Report performance against established security metrics by monitoring,
measuring, testing, and reporting on the effectiveness and efficiency of
information security controls
Provide 24x7 support
Implement and manage intrusion detection\prevention systems for proactive
monitoring of security threats (Sourcefire and Palo Alto)
Implementation of endpoint and network data loss prevention
Implementation security tools for Windows AD, Microsoft Exchange, Sun
Solaris and Unix
Analyze and recommends resolution of security related issues based on
knowledge of major security products and best practices
Participate in incident response and CSIRT activities
Security architecture consultant for internal IT groups
Coordinate with IT and Business groups to assess, implement, and monitor IT
related security risk and hazards
Review the development, testing and implementation of security plans,
products and controls by providing state-of-the-art technical experience
and support to in-house developers to apply appropriate information
security procedures and products (SDLC)
Promoting a culture and consciousness of security awareness through
educating staff on security compliance issues and requirements
Work with all ARC Product Managers across the organization to ensure that
all projects incorporate security requirements
Implementation, administration and reporting using the following
technologies:
Web application firewall / application security (Imperva)
Enterprise Patch Management, Antivirus and Host Integrity Solutions
(LANdesk)
Database security gateways (Imperva)
Security for corporate messaging (IronPort Cisco)
Encrypted Mail delivery (Data Motion)
Intrusion Detection Systems and Intrusion Prevention Systems (Sourcefire
and Palo Alto)
Log retention (Log Vault)
Secure remote access and two-factor authentication (RSA SecureID)
VORMETRIC file, server and database encryption
SYMANTEC DLP for network and endpoints
X Bridge Data Sniff (mainframe DLP)
Palo Alto (next gen firewall, IPS and DLP)
IBM Qradar SEIM
Governance, risk management and compliance (Modulo}
Network infrastructure security management (RedSeal)
File Integrity Monitoring (nCircle/Tripwire)
Enterprise Antivirus (Landesk AV Kapersky)
Web application testing (IBM Appscan)
Internal and external vulnerability scanning (Nexpose Rapid 7)
Disaster Recovery (Sun Guard)
Security Awareness Training (conducted internally)
Physical access controls (Kastle Systems)
Video Monitoring (eEye - Cameras)
Trusted Advisor, Dell SecureWorks-MSSP (SecureWorks acquired by Dell in
February, 2010), Atlanta, Georgia, August 2007 - May 2012
Responsible for managing technical details and satisfaction levels in
regards to contracted managed security services such as intrusion
detection and prevention sensors, firewalls, host intrusion prevention
systems, server monitoring, SIEM, log retention and vulnerability
management.
Responsible for fifteen clients of the overall top thirty based on annual
contract revenue.
Communicate will all levels of client relationships from technical
resources to executives.
Partner with client groups from technical perspective and procedural aspect
in order to reflect client standards and compliance requirements in
delivered services.
Present quarterly reports to client company executives summarizing security
posture, security metrics, security event trends, event correlation,
incident volume and incident frequency.
Responsible for making recommendations to clients for improving security
posture in areas of controls, visibility, policy, asset risk assessment and
architecture.
Client advocate for product enhancement and bug fixes. Responsible for
reporting to product management and keeping client updated on delivery or
fix status.
Deliver security awareness presentations to client staff on current threat
landscape and emerging threats.
Weekly calls with select clients to discuss status of open action items.
Conduct training on use of services and client access portal for client
staff and executives.
Managed pilot program between select clients and third party peer to peer
intelligence service.
Responsible for resolving all client issues and documentation of after
action reports including all communication with clients.
Quality Assurance Engineer, SPI Dynamics (acquired by HP), Atlanta,
Georgia,
November 2006 - August 2007
Ensure that flagship product for industry leading web application security
company detects current web application vulnerabilities such as SQL
Injection, Cross Site Scripting, parameter tampering, authentication
mechanisms, input validation controls and information disclosure.
Worked on enterprise solution team to integrate all development lifecycle
products into centralized management solution.
Acted as subject matter expert for products compliance reporting features,
ensuring content reflected current compliance standards in a clear and
relevant format. Specifically Payment Card Industry standard.
Build web sites and web applications containing vulnerabilities to confirm
developed software's ability to detect vulnerabilities.
Build web sites and web applications for testing using technologies such as
Apache, IIS, SQL, HTML, PHP, Ruby, C# and Flash.
Worked closely with developers in small team using Scrums and the Agile
Development Lifecycle.
Reported bugs and logged software enhancements using Microsoft Team
Foundation Server.
Preformed regression testing and completed use cases prior to product
release using HP Mercury Quality Center and HP Mercury QuickTest Pro.
Automated all aspects of software installation and graphical user interface
tasks with AutoIT scripting language.
Security Analyst, Airlines Reporting Corporation, Louisville, Kentucky,
February 2005 to November 2006
Promoted From Systems Engineer, February 2005
Represent Security in corporate projects, portal development, single-sign
on (SSO), product development, and business processes.
Assist in managing encryption standard for transmission of settlement with
major banking institutions, exceeding $1 billion in transactions weekly.
Point of contact for external audit process and in charge of remediation of
non-compliant findings that resulted in obtaining Payment Card Industry
Standard (PCI) certification.
Lead the Corporate Security Incident Response Team in development of
incident response policy, workflows, mock drills and team training.
Work closely with Web application developers to remediate issues identified
by web vulnerability testing.
Security member of disaster recovery and business continuity team, in
charge of testing recovery process of perimeter security controls and
continuity planning.
Perform penetration/vulnerability testing internally and coordinate
external tests by a third party vendor.
Administration of intrusion detection and prevention systems including
daily monitoring, generation of incident workflow and complete remediation
along with proper documentation.
Manage procurement of and administer Web application firewall (Imperva),
with daily monitoring and documentation of incident workflow and
remediation.
Administer Enterprise Antivirus solution for servers and workstations.
Deploy and maintain two-factor authentication for VPN accounts and internal
devices.
Develop and maintain corporate security standards and policies.
Systems Engineer, Airlines Reporting Corporation, December 2001 to February
2005
Administered user accounts, corporate email gateway, and all other aspects
of client/server network in mixed Microsoft/Novell environment.
Performed system backups and reviewed disaster recovery plans.
Implemented and administered corporate virus protection on clients,
servers, and peripheral devices.
Responsible for SQL database installations, backup, recovery, ODBC
connectivity and testing SQL statements using SQL query analyzer.
Deployed patches for all clients and Intel-based servers.
Implementation and administration of secure email delivery technologies
using encryption and web based mail.
Installed, administered, and maintained Intrusion Detection System (IDS).
Investigated all alerts reported by IDS systems.
Member, Corporate Security Incident Response Team.
Systems Engineer, Absolute Networking Systems, Louisville KY, December 1999
- December 2001
Set up customer LAN/WAN networks, troubleshooting problems, and instituted
best practices for IS administration and security.
Installed, configured, and supported Windows NT Server 4.0, 2000, Terminal
Server, SBS, Microsoft Exchange, Microsoft Proxy, IIS, and Microsoft SQL.
Installed and configured routers for Internet access, VPN, and frame relay.
Trained network administrators at customer sites in proper administration
of systems, user access control, system backups, and security practices.
Systems Engineer, Communitronics, Lexington KY, June 1998 to December 1999
Installed, configured, and supported LAN/WAN devices in mixed environments
of Windows, Novell, and Unix.
Implemented all technologies with emphasis on security principles and
transparency for customers.
Installed Microsoft client\server networks, back-office products, NT
Server, Terminal Server, thin clients, Metaframe, and various backup
software solutions.
Build-out of secure remote access (RAS) solutions for customers using dial
up and VPN technologies.
TECHNOLOGIES
Payment Card Industry Data Security Standard (PCI)
Web Application Technologies (Apache, IIS, SQL, PHP and HTML)
Agile Software Development Lifecycle
Web application firewall / application security (Imperva)
Software Development Tools (.NET, MS TFS, HP Mercury Suite)
ISO-17799 and BS-7799 Security Standards
Cisco Systems security solutions
Microsoft 2008, 2003, XP, 2000, NT
Microsoft Active Directory
MS SQL Database Server
Citrix Metaframe
Enterprise Patch Management, Antivirus and Host Integrity Solutions
(LANdesk)
Database security gateways (Imperva)
Security for corporate messaging (IronPort Cisco)
Encrypted Mail delivery (Data Motion)
Intrusion Detection Systems and Intrusion Prevention Systems (Sourcefire
and Palo Alto)
Log retention (Log Vault)
Exchange Server
Secure remote access and two-factor authentication (RSA SecureID)
PCI-DSS
ISO 27001
VORMETRIC file, server and database encryption
SYMANTEC DLP for network and endpoint
X Bridge Data Sniff (mainframe DLP)
Palo Alto (next gen firewall, IPS and DLP)
IBM Qradar SEIM
Governance, risk management and compliance (Modulo}
Network infrastructure security management (RedSeal)
File Integrity Monitoring (nCircle/Tripwire)
Enterprise Antivirus (Landesk AV Kapersky)
Web application testing (IBM Appscan)
Internal and external vulnerability scanning (Nexpose Rapid 7)
Disaster Recovery (Sun Guard)
Security Awareness Training (conducted internally)
Physical access controls (Kastle Systems)
Video Monitoring (eEye - Cameras)
PROFESSIONAL MEMBERSHIPS
Internet Security Consortium (ISC)
InfraGard (Alliance with FBI to promote protection of critical information
systems and the U.S. infrastructure)
Anti-Phishing Working Group
Atlanta Web Strategy for Business Group
ARTICLES
BackTrack 2 for the New User (Live Linux Security Distribution, Security
Toolbox)
Parameter Tampering - Exploiting Hidden Fields using Web Scarab.
COMMUNITY CONTRIBUTION
Contributing writer for Open Web Application Project (OWASP) LiveCD
Education Project, Spring of Code 2007.
EDUCATION
University of Louisville
A Technological Advantage (ATA)
Vendor-specific security training classes