Engineer Security
Resume:
Robert Magnuson
Sioux City IA 51104
703-***-**** Cell
Email: ************@*****.***
Network Security Engineer
EXPERIENCE
Network Security & Compliance Engineer, BearingPoint, McLean VA, April 2007 to
Present
Senior consultant in BearingPoint’s Managed Services practice. Duties included network
security, configuration, internal & external security audit, disaster recovery plans, backup
procedures, and SAS 70 planning and compliance for all of Managed Services hosting
and sites worldwide. Manage and monitor world-wide Cisco based IDS/IPS systems;
utilizing Cisco Security Manager to provision and upgrade signatures, and Cisco MARS
to correlate all the events.
Network Security Consultant, J&E Consultants LLC, Arlington VA November 05 to
April 2007
Assigned as Senior Security Architect as IBM Core Team member supporting the
Security requirements for the National Healthcare Information Network (NHIN)
prototype. Developed and recommended a required set of data, information, and other
technical standards as well as security policies needed for the NHIN. Collaborated with
other HHS health IT contractors and stakeholders such as HHS, VA, DoD, DoC, DHS,
EPA, NSF, and GSA to deliver a standards based solution which utilized IBM supplied
hardware and software.
Senior Security Consultant (CISSP), CTG Information Security Solutions, Buffalo
NY January 2003 to November 2005
Senior consultant in CTG's Information Security Solutions practice, with extensive
knowledge and experience in project management, computer security, large scale
government systems integration and implementation, business process analysis, data
analysis, and government civilian agency pre and post sales engineering. Focused on
government civilian agency systems (VA, SSA, and DOC) and DOD/DOJ security
requirements, and has also worked with senior management in commercial organizations
to assess IT security needs and implement secure encryption, data transmission, and IDS
solutions for client information security.
Security Engineer, Subcontractor, Army MDW ESM POC, June 2002 to January
2003
Contract Security Engineer to support the Military District of Washington Enterprise
Systems Management First Implementation. Drafted the Security Management Plan to
support the security management aspects of a Windows 2000/Active
Directory/Exchange/Tivoli deployment for 6 MDW sites, incorporating DOD/NETCOM
security regulations and policies. Provided draft SSAA to support the
DITSCAP/NIACAP process in obtaining an Interim Authority to Operate (IATO).
Responsible for compliance with all national, departmental and service/agency laws,
regulations, and guidance. (OMB A-130, NIST 800 series, FISMA, GISRA, Computer
Security Act of 1987, Clinger-Cohen Act, DITSCAP, NIACAP, DoD 8500 series, Privacy
Act, FOIA, etc.)
Systems Engineer, Subcontractor, DOJ, Security Assessment and Upgrade Project,
December 2000 to June 2002
Provided a Computer Incident Response Team (CIRT) document as part of a BOP
structured program for implementing an intrusion detection and incident response
capability. Provided a draft SSAA IAW NTISSAM, NTISSI, NTISSD with
recommendations to improve confidentiality, integrity, and availability of information as
it relates to voice, data, multi-media, and facsimile transmissions in terms of LAN, WAN,
and remote access systems to implement a SRB (Security Requirements Baseline).
Utilized best practices templates/techniques to prevent, detect, and correct configuration
vulnerabilities using a variety of internet/intranet/extranet tools for firewalls, gateways,
routers, switches, access lists, servers, and applications. Utilized HP OpenView, Concord
Network Health, and EtherPeek protocol analysis to collect, monitor, and decode network
packet data to determine network health; also ISS Internet Scanner and Linux Nessus to
assess internal network platform, O/S, and application vulnerabilities pursuant to NIST
800 series and GAO FISCAM policies. Utilized Nmap and an assortment of other tools to
assess external network port, service, and application vulnerabilities. Provided
recommendations for computer network defense techniques including computer and
network intrusions, surveillance/monitoring, vulnerability assessments, penetration
testing and disaster recovery analysis.
Systems Engineer, NextiraOne, Fairfax VA, January 2000 to December 2000
Pre/Post Sales Systems Engineer; analyzed complex local and wide area network
systems; including planning, designing, evaluating, selecting operating systems and
protocol suites and configured communications media with routers, gateways, switches
and related devices. Performed vulnerability assessments for commercial/government
accounts to properly propose security policy compliant firewall, encryption, hardware,
and software solutions. VA, SSA, USPS, Treasury, and DISA were among significant
client assignments. Applied appropriate laws, regulations, and guidance. (OMB A-130,
NIST 800 series, FISMA, GISRA, Computer Security Act of 1987, Clinger-Cohen Act,
DITSCAP, NIACAP, DoD 8500 series, Privacy Act, FOIA, etc.)
Network Design Engineer, Unisys Federal Systems, Reston VA., September 1998 to
January 2000
Team member on Dept. of Commerce Census 2000 Contract. Maintained Configuration
Management Database in MS Access, which created WAN/LAN configuration files used
in system build and system implementation. Implementation and level 3 support for 520
individual site rollouts. Validated, verified, tested the IP Addressing structure/Frame
Relay provisioning plan with AT&T for the entire Census LCO implementation as well as
successfully integrating it with existing Census Bureau WAN. Configured and tested
Cisco 2500/2600/7000 routers and Catalyst 1200/1900/2820 switches. Awarded for
achievement for completion of LCO Census rollout of 522 LANs, including 7,830
workstations, 522 servers, routers, and switches in 120 days.
WAN Administrator/Engineer, Contractor, Sterling, VA September 1994 to
September 1998
Performed duties on short-term contracts and projects for technical sourcing companies
such as RHI, Vistech, ATR, Brandon Systems, and Aetea. Most projects were two to three
months in length and involved data migrations/upgrades/recommendations, disaster
recovery, LAN/WAN design, analysis, test and evaluation, and performance
improvements.
Senior Government Contracts Advisory Consultant, Peat Marwick Main & Co,
Wash DC, 1985-1994
Responsible for providing a wide range of consultations and advisory services to
individuals and organizations. Provided systems consulting services to government
contractors for contract management and compliance issues. Also provided defense
contractors with vulnerability assessment analyses and consultation on issues related to
CAS, GAAP, and FAR/DAR. Provided training and guidance on project management,
Cost/Schedule Control Systems, and contract management. Installed Novell based Deltek
and Dekker/Trakker cost and scheduling systems. Conducted client investigation/surveys
to answer contract audit inquiries. Prepared large DOD proposals on behalf of various
clients.
Programmer Analyst, Rockwell International (NASA), TSD, Houston, TX,
1984-1985
Provided computer/operations capability to integrate the payloads scheduling work effort,
setup the appropriate systems interfaces, and development/support software/database
routines for DOS, HP 3000 and IBM in Artemis to meet specific data and management
presentation requirements. Supported and coordinated program/project level reviews and
special status presentations and briefings.
EDUCATION
5/1984
Univ. of South Dakota
Masters of Business - Accounting and Information Systems Emphasis
5/1981
Briar Cliff College
BA Business Admin & Acct (Double Major)
Minor Computer Science
RELEVANT HARDWARE/SOFTWARE COMPETENCIES
Operating Systems: Solaris, Linux 9.0, FreeBSD, Windows 2007, Windows 2000, Active
Directory, Windows Xp, MacOS X
Networking: Cisco Catalyst Switches, Cisco routers, Cisco CSS content switches,
Foundry switches, Sniffer Network Analyzer, Ethereal, ISS Internet Scanner, GFI
Languard
Security: Cisco Secure PIX, Cisco ASA, Cisco VPN Concentrator 3000 series, Cisco
Secure IDS, CiscoWorks VMS, Cisco Secure Policy Manager, Cisco Secure ACS, Cisco
Security Agent, Checkpoint NG (FW-1 and VPN-1), Checkpoint InterSpect, Nokia IP
Security appliances, ISS Proventia security appliances, NAI IntruShield, NAI Entercept,
SonicWall firewalls, Nortel Contivity VPN devices, RSA SecurID, Snort
Wireless: Cisco Aironet access points, CiscoWorks
VoIP: Cisco CallManager
Protocols: TCP/IP, OSPF, BGP, RIPv1, RIPv2, EIGRP, IPSec, DNS, NFS, SMTP, SNMP
Languages: Visual Basic 6.0, Visual C++, Perl
Servers: Sun Enterprise, Compaq Reliant, Dell Proliant
Server Applications: Veritas Volume Manager (VXVM), Veritas Cluster Server, Veritas
NetBackup, Apache, Internet Information Server (IIS), Oracle, BEA Weblogic
Storage: Dell PowerVault arrays. EMC Symmetrix arrays
Office Suite: All including Project, Visio, Power Point and NetViz
CERTIFICATES
Certified Novell Engineer (CNE) 1992 V.3
Cisco Certified Network Associate (CCNA 1.0) Dec 98
Cisco Certified Network Professional (CCNP 2.0) Dec 2001
Cisco Certified Design Professional (CCDP 2.0) Jan 2002
Nortel Networks Certified Account Specialist (NNCAS) Sep 2000
Nortel Networks Certified Design Specialist (NNCDS) Sep 2000
Nortel Networks Certified Support Specialist (NNCSS) Sep 2000
NSA InfoSec Assessment Methodology (NSA IAM) Nov 2000
Certified Information Systems Security Professional (CISSP) Jan 2002
Contact this candidate