Security Engineer
Resume:
SIMON S. PRAZAK, CISA, CISSP, GCIA, GCFA
Mobile: +518-***-****, Email: abl8xy@r.postjobfree.com
Objective:
Senior information security professional with 9 years of extensive
experience in configuring and auditing various information security
technologies seeking a Senior Security Engineer or a Security Manager
position in a medium to large size corporate environment.
[Willing to relocate.]
Skills:
. Fundamental understanding of system and network administration best
practices.
. Understanding of various IT audit and IT assurance approaches.
. Strong in design, development, and maintenance of information security
policies and standards.
. Highly proficient, hands on approach to solving information security
challenges.
. Experience with establishing a gold standard configurations of various
network and server platforms.
. In depth knowledge of TCP/IP protocols, and OSI model.
. Unix/Linux shell scripting (bash & some Perl), ethical hacking, and
penetration testing.
. Certified Intrusion Analyst, and Certified Forensics Analyst.
Professional experience:
2005 - present Senior Information Security Analyst Paul
Weiss Rifkind, New York, NY
. Performed risk assessments of various aspects of information technology.
. Reviewed and maintained IT information security policies.
. Audited environment to verify compliance with firm security policies and
standards.
. Managed and monitored network and host based intrusion prevention
systems.
. Investigated and analyzed security incidents.
. Developed and managed incident handling procedures.
. Monitored anti-virus and anti-malware systems.
. Audited and certified firewall, router, and proxy related ACL and
configuration changes.
. Managed central logging infrastructure and security alerting.
. Performed internal and external vulnerability assessments and penetration
testing activities.
. Monitored remediation activities and ensured timely resolution.
. Assisted managers to evaluate technical solutions and to define processes
and procedures.
. Developed firm wide secure hard disk erasure standards and procedures and
provided a solution.
. Reviewed all technology related projects with regards to security as part
of the project management activities.
. Monitored information security news and recent trends in vulnerabilities
and exploits to ensure risk mitigation activities were undertaken to
protect firm's information resources.
. Performed a risk assesment of firm's virtual infrastructure and developed
security standards to protect firm's data.
2003 - 2005 Senior Security Analyst Division of New York
State Police, Albany, NY
. Performed risk assessments of various aspects of information
technology.
. Participated in monthly New York state agency Information Security
Officer meetings.
. Deployed Snort intrusion detection system along with Sguil analyst
console for network security monitoring.
. Performed wireless survey and deployed, configured and monitored wireless
intrusion prevention system.
. Developed virtual lab environment to facilitate lab testing activities
and POC's related to prospective information security products and tools
under different system configurations.
. Performed internal and external vulnerability assessment and penetration
testing activities.
. Performed real-time analysis of security events from network and host
based intrusion detection systems, firewall logs, system logs (Unix &
Windows), and various applications and databases.
2003 Senior Network Systems Engineer NY
State Department of Health, Albany, NY
. Administered a Cisco wide and local area networks (WAN/LAN) using
SolarWinds application.
. Created security configuration standards for Cisco network devices based
on industry best practices.
. Performed error and security related analysis using SNMP and syslog
protocols.
. Developed an automated process for updating security configurations
across all network devices using Perl scripts running on a Linux OS.
. Performed vulnerability assessment activities of firewall, router, and
switch configurations.
. Tested firewall rule bases using various packet crafting and network
monitoring tools.
. Audited server environment against industry best practices and provided a
detailed remediation report.
. Provided guidance to the Director of Information Technology on how to
monitor compliance with agency information security policies.
2001 - 2003 Information Systems Auditor
NY State OSC, State Audit Bureau, Albany, NY
. Assisted with development of an information security audit program of New
York State agencies.
. Performed audits of general and application controls.
. Performed internal and external penetration testing and vulnerability
assessments.
. Created audit work papers, prepared audit reports and presented audit
findings to agency management.
. Performed analysis of network security events from various network
device, system, and application logs.
. Designed and configured Network Security Lab environment and developed
operational manual.
. Performed penetration testing activities and vulnerability assessments of
wired and wireless networks.
. Managed Snort network intrusion detection system and central logging
infrastructure.
Education:
University at Albany School of Business, Albany, New York - M.S.
Accounting Information Systems
Certifications:
Certified Information Systems Auditor (CISA)
Certified
Information Security Manager (CISM) [passed
exam]
Certified Information Systems Security
Professional (CISSP)
GIAC Certified Intrusion Analyst (GCIA)
GIAC Certified Forensic Analyst (GCFA)
EXPERIENCE WITH THE FOLLOWING PRODUCTS AND
TECHNOLOGIES
o Server OS: Linux, Unix, BSD, Windows Server 2000/2003/2008, VMWare & ESX
Server.
o Network Security Devices: Cisco PIX/ASA, Cisco wireless AP, Check Point
NG firewall, Bluecoat Proxy, Websense Proxy, Tumbleweed EMF, Third
Brigade HIPS, Top Layer NIPS, Forescout Network Admission Control.
o Protocols and Networking Models: TCP/IP, OSI, Ethernet, Wireless
Networking, TCP, UDP, ICMP, FTP, TFTP, TELNET, DNS, ICMP, SMTP, NETBIOS,
Kerberos, SSH, NTP, SYSLOG, SNMP.
o Security Applications: Packet Filter, Iptables, Nessus Vulnerability
Scanner, Core Impact, Stillsecure VAM, Tenable Lightning Console, Snort
NIDS, Metasploit Framework, OWASP, Top Layer NIPS, Tripwire, Trend Micro
Third Brigade, Forescout Network Admission Control (NAC), Sniffer Pro,
Wireshark, nmap, tcpdump, SNARE, Symantec AV, netbios tools, proxy tools,
wireless network attack tools, hping, MITM tools and web application
testing tools, Helix, The Sleuth Kit, Autopsy Forensic Browser, The
Coroner's Toolkit, Foremost, Event Tracker SIEM, routed and routing
protocols, IPsec, PGP/GPG WDE, TrueCrypt, SSL and other encryption
technologies, VOIP, Websense Proxy.
Contact this candidate