Sign in

Security Manager

Issaquah, Washington, 98027, United States
May 25, 2010

Contact this candidate
Sponsored by:
Post Jobs to
Multiple Job Boards &
Get more Candidates
Try it Free!
Start your 30-day
Free Trial

William B. Hanegan, CISSP (since ****)

E-mail *******.*******@***-***.***

Post Office Box 14, Issaquah, Washington 98027-0001

(425) ***-**** Cellular (206) ***-****


Information Security & Compliance Director with twenty years of experience

in all domains of information security, including operating systems, IT

internal audit, networks, risk management, governance, privacy, regulatory

compliance, business continuity, security architectures, operations

security, physical security, cryptography, law, investigations and ethics.

Extensive experience in successfully leading project teams in the

implementation of state-of-the art security technologies and safeguard

programs, administrating budgets, creating defense-in-depth security

offerings and fraud prevention.


Randall Boyd Corporation, Pacific Northwest and California June 2000 -


Randall Boyd Corporation is an information security consultancy providing

enterprise risk solutions.

Director, Information Security and Compliance: Major responsibilities

include leading IT risk management framework implementations, developing

information security processes (governance), risk assessments, information

security strategies, comprehensive information security controls

implementation, effective security monitoring to ensure industry compliance

(PCI-DSS, GLBA/FDIC, ISO-27001, NERC-CIP, HIPAA, SAS-70), meeting audit


Compliance Programs/Projects

. Developed HIPAA compliance safeguard program, designing security and

access management frameworks utilizing Oracle's Identity Management Suite

and ESSO integration for several healthcare organizations. Projects

included LDAP directory integration using Oracle Virtual Directory,

including OID, Active Directory and Oracle Database.

. Developed SOA, object-oriented analysis and design service offering with

client/server systems, delivering governance, application

interoperability, multichannel client access, and business process

management, utilizing WS-Security standards and the WS-Policy framework.

. Developed Fraud Detection Program for online retailer/digital commerce

using internal controls and data analysis technologies (ACL and ArcSight

SIEM Platform) to detect and prevent fraud occurrences: built fraud

profiles into risk assessments, tested transactional data for fraud

indicators, delivering continuous auditing, monitoring and controls

improvement program. Project included ArcSight FraudView for pattern

recognition and correlation.

. Developed PCI-DSS Compliance Solutions for Level 1 and Level 2 merchants

and service providers that included onsite assessments (using ISO

27001/17799 methodology); penetration testing; vulnerability scanning and

remediation roadmaps; log monitoring and retention; intrusion prevention

solutions (host and network); web application vulnerability assessments

and reviews; web application firewall implementation, monitoring and

management. Specific services included:

o PCI Compliance Assessment - gap assessment; risk prioritization;

remediation strategy and SAQ.

o PCI pre-audit assessment - identify gaps in compliance for

validation; prepare for Report on Compliance.

o PCI Program Management Consulting - operational conversion of PCI;

integrate PCI in the daily workflow of technology and security;

resulting in lower costs, more efficiency, and greater security.

o Penetration Testing - internal and external penetration tests

detailing exposures related to systems, applications, and sensitive

information; leverage automated and manual processes to determine

susceptibility to code, configuration, and patch-related


o Payment Application validation - validate applications that store,

process, or transmit cardholder data as a part of authorization or

settlement services with validation against the PA-DSS standard.

. Lead consultant in the design and development of SOX 404 business process

improvement programs and cost avoidance. Developed project plans for SOX

404 annual certification, which included scope of project, testing

calendar, timeline, resource requirements, accounts mapping, IT controls

and test steps, key locations and materiality, key accounts, key

applications, key processes, control changes monitoring and deficiencies

remediation for SEC filing.

. Performed gap assessments across ISO-27001/ISO-17799 domains for premium

mobile content collocation services and major wireless communications

carriers, designing successful gap remediation plans that included

vulnerability scanning, intrusion detection, encryption, 2-factor

authentication, security controls, and application security program

management. Most assessments delivered a multi-standard methodology (PCI-

DSS, GLBA/FDIC, ISO-27001, NERC-CIP and/or HIPAA), consolidating

requirements and testing procedures.

. Developed/implemented FFIEC information security programs for collocation

infrastructure and operations of customer online financial services.

Programs included risk assessment, policies and procedures, technology

design, access control, physical and environmental protection,

encryption, malicious code prevention, systems development, secure

software coding practices, personnel security, data security and business


. Developed/implemented FISMA enterprise risk management program, utilizing

security categorization for FIPS 199 and information systems. Benchmarked

appropriate security controls and verified effectiveness of removing

vulnerabilities. Delivered security accreditation of information systems.

Met project goals in delivering more consistent, comparable and

repeatable evaluations of security controls.

Security Technologies Projects

. Reduced monitoring and reporting by $1.4M annually by designing and

implementing a policy-based compliance monitoring and reporting system to

measure host, network, and application security compliance.

. Reduced misconfiguration incidents by 90% by building scalable trusted

computing environments on UNIX/Linux servers and Cisco networking

components, providing essential controls at the operating system level.

. Implemented Ingrian i325 DataSecure Appliance for Fortune 500, title and

escrow company, across J2EE, JAVA Websphere, AS/400 (iSeries), and .NET

platforms, providing privacy solution at the column level within database

files for Oracle, SQL and DB2.

. Imperva WAF implementation and network installation, including Linux

system administration, using IMPCFG and IMPCTL, Management Server GUI

administration and complex data center modeling. Extensive experience in

tuning security policies, violations reporting, profile reporting and

tuning, database auditing for PCI, SOX, GLBA compliance initiatives,

creating actions sets/defining action interfaces, system event policies,

configuration and profile backups, audit archive management. Imperva G4

and G8 installation, maintenance and training as well as various

configurations including inline gateway, high availability inline

gateway, sniffing gateway, kernel and reverse proxy.

. Implemented secure remote VPN access server with Cisco Concentrator and

ACE Radius/SecurID, providing two-factor authentication in accordance

with best practices and compliance with standards for HIPAA (healthcare

providers), NERC-CIP (utilities providers) and contractual requirements

for wireless content provider.

. Designed/implemented Intrusion Detection/Prevention Service offering,

deploying Cisco ASA devices, including AIP-SSM management, configuration,

signature tuning, signature updates, configuration changes, security

event monitoring, performance, availability management, IP Audit and

shunning setups.

. Developed Secure WAN/LAN gap assessment programs that included closing of

unnecessary router services and control access to the router and

switches; Authentication, Authorization, and Accounting (AAA

implementations); Dynamically Authenticate and Authorize Users with

Authentication Proxy; Filtering IP Sessions with Reflexive Access Lists;

Prevent DoS Attacks with TCP Intercept; Intelligent Filtering with

Context-Based Access Control (CBAC); Detect Attacks and Threats with the

IOS Intrusion Detection System.

. Developed SNMP, Syslog and Event processing with Perl- and Shell scripts

for monitoring network/server system logs and backup automation.

. Configuration and troubleshooting of F5 products, including BigIP Load

Balancers for traffic management and failover as well as F5 TrafficShield

Application Firewall and BigIP ASM for auto-adaptive solutions to achieve

four nines.

Adecco-USA Redwood City, California April 1999 - June 2000

Adecco is the world's largest professional placement firm.

Manager, Network Services: Responsible for fourteen network administrators,

network engineers, and telecommunications engineers, providing

comprehensive networking services and support.

. Created overall strategic and tactical auditing plan for risk analysis;

selection and evaluation of safeguards; cost benefit analysis; management

decision processes; safeguard implementations; effectiveness review;

security awareness training; policies and procedures for gathering and

preserving evidence of computer crime.

. Developed Security Core Competencies: Governance and Policy Management,

Program Office Management, Outreach and Awareness, Engineering and

Operations Management, Identity and Business Continuity Management.

. Installed and configured HPOV Network Node Manager (NNM), CiscoWorks 2000

LAN Management Solution (LMS) and CiscoWorks 2000 VPN/Security Management

Solution (VMS).

. Developed support methodology for HPOV NNM and CiscoWorks 2000 for

efficient network support. Provided additional layer of security by

implementing advanced feature sets, the Universal Inspection Engine

(UIE), iRules and iControl. A 30% savings was attained for hardware


. Implemented Verisign Certificate Authority for secure payroll

transactions development, providing user awareness for algorithm

construction, key distribution, and methods of attack. Deployed digital

signatures for authentication of electronic transactions, ensuring non-


. Installed monitoring mechanisms (Cisco Secure, TripWire) and tools that

permit the identification of security events and subsequent actions to

identify key elements and report pertinent information to appropriate

individuals, groups or processes (Computer Security Incident Response


Ross Systems, Inc. Redwood City, California April 1998 - April 1999

Ross Systems is a software manufacturer of iRenaissance ERP products.

Manager, Network Engineering: Responsible for ten reports providing audit,

monitoring, design, installation, maintenance and security of U.S. domestic

and European voice, data and video communications network.

. Evaluated and implemented VPN solution and ISP firewall for tangible

payback savings of $26,000 per week (Raptor and Checkpoint Firewall and

VPN solutions).

. Reduced costs for long distance charges and customer-hosted modems.

Remote employees access SAP R/3 via local ISPs instead of through 1-800

or long distance telephone calls. Entrust/Access' virtual private network

(VPN) solution enabled business users to securely exchange information

over internal and public networks.

. Implemented network security infrastructure specifications for

iRenaissance software products (internet enabled, iPortal and ThinX

client) for the following platforms: Windows 2000, NT 4.0, HP-UX, IBM AIX

and Sun Solaris.

. Implemented quarterly audit of Cisco router configurations of frame relay

(co-hosted, global WAN) with Proactive Software's ProntoWatch monitoring

resulting in re-negotiating a reduction of annual costs by 40%.

. Developed security infrastructure for global, web-centric, applications

for Internet and Intranet systems, with Oracle back-end and Java front-

end, providing online client and end-user support, for self-provisioning

access of databases and FTP servers in the U.S. and Europe.

Aames Financial Corporation, Los Angeles, California January 1996 - April


Aames Financial is a sub-prime mortgage lender.

Manager, Technical Services: Responsible for sixteen network

administrators, engineers and help desk personnel.

. Provided security technology leadership, risk assessment and security

project management for the company's e-commerce and e-business programs.

Deployed e-commerce solution to branch offices, via Net.Commerce, using

connectivity DRDA across TCP/IP, reducing lifecycle delivery by 300%.

Design included firewalls and data encryption.

. Implemented quarterly security audit of Cisco router configurations of

WorldCom frame relay performance and implemented Cisco 1600 routers in 80

branch offices for ISDN backup upon frame failure.

. Responsible for security of transparent interconnectivity of differing

platforms, Novell, Windows NT, and HP/UX and platform hardening.

. Implemented network partitioning and VLAN departmental segregation using

Fore System PowerHub 7000. Project also provided upgrade from 10Base-T to

100Base-T and FDDI network segments.

. Configured access control mechanisms for Oracle database backend with

Metacube front-end.

. Participated in the development of the annual capital budget and review

actual and projected expenditures.

. Worked as project lead for planning, installation and configuration of

IVR Computer Telephony on Nortel's Meridian 1 options 61C and 81C, using

VISIT Voice and FastCall over TAPI front end, TSAPI back end, ACD


. Operational responsibilities included HP/3000, HP/9000, Novell NDS,

Windows NT, NAS, Shiva LanRover, ForeSystems PowerHub, ISDN, T3

communications to Datalink IBM/MVS Main Frame in Florida, IBM RJE.

L. A. Gear, Inc., Santa Monica, California June 1990 - January 1996

L. A. Gear, Inc. is an athletic footwear manufacturer.

Network Manager: Responsible for six network engineers supporting Novell,

Windows NT, Unix based LANs in distributed WAN.

. Lead management of technical services group in security administration

and platform hardening of Novell, Windows NT and HP/Unix based LAN's in

distributed environments.

. Developed secure Visual Basic front-end creation of GUI views for online

Oracle database report viewing in a client/server environment. Oracle

back-end running on HP/9000.

. Utilizing HP OpenView, implemented network capacity and performance

management methodologies with notification processes of network events.

. Responsible for audit and secure configurations of Bay router backbone

network. Increased network backbone throughput by 400% by upgrading Bay

routers to BCN and T1 ports to T3.

. Increased business operations efficiency by 120% via company-wide

conversion to cc:Mail, utilizing SMTP gateways into SGI and SCO/UNIX


. Lead project manager to connect company to the Internet utilizing a

bastion host for dual-homed host firewall configuration, providing

blocking and filtering between the trusted and un-trusted network.


Platforms: Unix, Linux, Novell, Windows NT, Windows SQL. Monitoring: HP

Open View, NAI Sniffer, NetIQ, WebTrends, Akamai Freeflow, TripWire,

Sourcefire. Frontends: Java JDBC and JCE, Netscape, Explorer. Backends:

PeopleSoft, Oracle through 10g, SQL Server, SAP. Directory Services: LDAP,

X.500, DNS, NDS. High Availability: BIG IP, Microsoft. Portals: BEA

WebLogic, Sun ONE, Oracle OID. Network Engineering: Cisco Switches/Routers

12000, 7606, 7609, 4500s, 3600s, 3550s, 2600s, MC3810, 1750, 1600, MFSC,

RSM, AS5300, CSIDS, 6500-IDSM, 3000 VPN; Force 10 E-300 and E600; Juniper

Multiservice Edge Routers and Multiservice edge router delivering Layer 2

or Layer 3 services.


Firewalls: CheckPoint, F5, Cisco, Juniper. SIEM: Cisco: CiscoWorks,

Sourcefire IDS, NetSonar, NetFlow, HP OpenView, WebTrends, ArcSight SIEM

Platform. Remote Access Servers: Radius, TACACS (Shiva, Ascend).

Certificate Authorities: PGP, Verisign, Entrust. Secure Protocols: SSL, SSH

and TMS. Proxy Servers: Sun Solaris, DMZ deployment. Compliance/Auditing

Standards: CoBit, FFIEC/GLBA, PCI-DSS, COSO, FDA CFR 21 Part 11, GLBA,

Sarbanes-Oxley, CMM 5-Level. Vulnerability Scanning: eEye Retina, Nessus,

Foundscan, Qualysguard, Fortify, WebInspect. Forensics: Encase, Coroner's

Toolkit. Encryption: Ingrian DataSecure, nCipher, Oracle TDE, and

dbEncrypt. Web Application Firewalls: Imperva and Breach. Fraud

Detection/Prevention: ACL, ArcSight FraudView. Penetration Testing: NMAP,

Nessus, Metasploit, Pass-The-Hash, Hydra, Cain & Abel. Single Sign-On:

Oracle IDM, OAM, OAAM, OES, OIF, and ESSO.


Graduated with a Bachelor Degree from Louisiana State University, Baton

Rouge. Curriculum: Computer Science and English Literature. Continuing

education in Application Firewalls, Cisco Switching and Routing, Juniper,

Microsoft, Unix, Linux, Carnegie Mellon CSIRT Team Design, Raptor,

Sourcefire, Checkpoint, SAP Basis Administration, Information Security,

Java, .NET as well as training in CCIE, CISM, CISA, PCI-DSS, PA-DSS and


Member of PMI, CSI, Infragard, ISSA, ISACA, IAA and IEEE.

Contact this candidate