ROBERT S. RADVANOVSKY
**** ********* *****, ***** ***, GENEVA, IL 60134-1838
TELEPHONE: 630-***-**** - EMAIL: abm87x@r.postjobfree.com
SUMMARY OF QUALIFICATIONS
A seasoned Senior Information Security and Technology professional with
expertise in many aspects of business technology solutions which include
risk and strategic management, web and application security, policy,
regulatory and compliance management. A successful record of leading
projects for a broad range of industries and infrastructure sectors,
combining technology, business and security expertise, with proven
management and communications skills.
EMPLOYMENT HISTORY
Employer: RESURRECTION HEALTH CARE
Title: LEAD NETWORK SYSTEMS ADMINISTRATOR
Location: CHICAGO, IL
Duration: 04/2003 - PRESENT
Job Duties:
* Managed remote access and telecommunication security remediation team
(for HIPAA compliance).
* Managed teams relating to varied projects, including project
management on several projects.
* Managed and performed routine internal audits of infrastructure,
consisting of mixed architecture of Windows and UNIX/LINUX environments.
Auditing functions included non-destructive internal penetration testing
analysis and post-regression analysis of events.
* Managed auditing/remediation efforts of enterprise-wide application
of modems throughout RHC.
* Established Incident Response Handling procedures for network
compromise, hardware/server compromise, viruses, and social engineering
(includes network [wired and wireless] sniffing, information extraction
and extrapolation) for JCAHO accreditation.
* Coordinated enterprise-wide data center assessment of nine (9)
hospital facilities; assessments resulted from concerns from an
initiating event at one hospital, were conducted through business
contingency planning and disaster recovery coordination efforts that
included several aspects from disaster management, including avoidance
and recovery.
* Advised security and privacy risks associated with potential exposure
for HIPAA-related issues of non-HIPAA compliant servers and their
applications (ongoing); includes policy creation and management for
enterprise-wide security efforts throughout RHC.
* Managed forensics capabilities of stolen or manipulated patient data
and recovery.
Employer: MOORE CORPORATION
Title: LEAD UNIX/SECURITY ADMINISTRATOR (dual-role position)
Location: LIBERTYVILLE, IL
Duration: 02/2002 - 08/2002
Job Duties:
* Managed several small teams (4-6 people each) relating to various
projects involving security.
* Responsible for investigation and security implementation measures
and countermeasures for all infrastructure contained within the Internet
complex.
* Implemented enterprise-wide security policy documentation (web usage,
intellectual property, e-mail, etc.).
* Established a charter of a Computer Security Incident Response Team
(CSIRT) which included Incident Response Handling procedures for
compromise, viruses, social engineering, etc.
* Communicated (at all levels) between Moore executive management and
technical staff pertaining to all security-related issues.
* Performed routine internal auditing of infrastructure, consisting of
mixed architecture of Windows NT, Windows 2000, Novell, UNIX (AIX, Sun
Solaris), LINUX (Red Hat), and providing recommendations (as needed).
Auditing functions included non-destructive internal penetration testing
analysis.
* Conducted routine disaster recovery planning assessments of
facilities at four (4) facilities.
* Assessments were utilized with exterior assessments as standardized
measurements.
Employer: CENTRAX CORPORATION
Title: SECURITY ARCHITECT/CONSULTANT
Location: CHICAGO, IL
Duration: 06/1999 - 08/2004
Job Duties:
* Configured networking environments; implemented measures and
countermeasures for Internet, including DMZ.
* Implemented enterprise-wide security policy documentation (web usage,
intellectual property, e-mail, etc.).
* Defined corporate firewall environments for the enterprise network.
Employer: UNITED AIRLINES
Title: LEAD SYSTEMS/SECURITY ENGINEER (dual-role position)
Location: ELK GROVE VILLAGE, IL
Duration: 12/1997 - 10/2001
Job Duties:
* Defined additional key roles for management for permanent Corporate
Security group at UAL Headquarters.
* Defined and implemented Corporate Disaster Recovery Plan for UAL HQ
Data Operations and satellite facilities.
* Responsible as security technical lead for all Internet-related
projects at United Airlines.
* Managed several infrastructure and security architecture strategies
for multiple projects, including firewall complex upgrade/improvement,
enterprise-wide intrusion detection system implementation, ISP cutover,
and reverse-proxy server deployment:
(1) Security Logging Servers (5 locations)
(2) Firewall Complex Improvement (5 locations)
(3) Enterprise Firewall VAN Implementation
(for UAL partners; 3 locations)
4) Enterprise Intrusion Detection System Implementation
(5) Private File Transfer Server (FTP) (3 locations)
(6) WebList 2000 Server Installation/Upgrade
(7) Reverse-Proxy Server Installation/Upgrade (2 locations)
(8) UUNET Cutover (enterprise switch from PSINET to UUNET)
* Technical contact for all highly visible security-related projects at
UAL, esp. the UUNET Cutover project, the Enterprise IDS Implementation,
and the Enterprise Firewall VAN Implementation.
* Performed "ad hoc" security assurance and compliance analysis testing
through non- destructive internal penetration tests at several key
locations (most notably firewalls, intrusion detection systems and proxy
servers) with negative results.
* Managed a small team of 6 to 8 people as a team-lead as part of UAL's
Year 2000 remediation effort.
EDUCATION
Major: COMPUTER SCIENCE
School: DEPAUL UNIVERSITY
Location: CHICAGO, IL
Degree: MASTER OF SCIENCE
Completion Date: 06/2001
Major: BUSINESS ADMINISTRATION
School: CALIFORNIA POLYTECHNIC UNIVERSITY
Location: POMONA, CA
Degree: BACHELOR OF SCIENCE
Completion Date: 06/1991
SKILLS AND ABILITIES
Risk Assessment Tools:
* Familiar with DITSCAP, RAMCAP, and CARVER assessment tools.
Compliance/Governance:
* Familiar with HIPAA and FIPS 201 standards; familiar with large
healthcare provider environments; worked with McKesson, AllScripts,
MISYS, Sunquest Technologies, GE, IDX.
Hardware:
* Familiar with IBM, HP, DELL, SUN, GATEWAY.
Software:
* Familiar with DNS, SENDMAIL, APACHE, APACHE/TOMCAT, PHP, BOURNE
SHELL, C/C++, PERL, JAVASCRIPT.
Operating Systems:
* Familiar with IBM AIX 5.x, HP HP-UX 11.x, RED HAT 5.x, FEDORA, DEBIAN
LINUX, MS WINDOWS (2000, NT, XP, SERVER 2000, SERVER 2003, VISTA, 7,
SEVER 2008), Cisco IOS (router).
HONORS AND ACTIVITIES
Certifications:
* Information Systems Audit and Control Association
Certified Information Security Manager (CISM) [04/15/04]
Certificate #0405160
* International Information Systems Forensics Association
Certified Information Forensics Investigator (CIFI) [04/17/05]
Certificate #118
* CompTIA
LINUX+ Certified Professional [05/30/03]
SECURITY+ Certified Professional [07/07/03]
Certificate #COMP001001136264
HONORS AND ACTIVITIES
Honors and Awards:
* Outstanding Client Service Award (client United Airlines), Metro
Information Services, September 1999
* Outstanding Client Service Award (client United Airlines), Metro
Information Services, February 2000
* Outstanding Client Service Award (client United Airlines), Metro
Information Services, March 2000
* Bronze Service Award, United Airlines, May 2000
* Bronze Service Award, United Airlines, July 2000
* Silver Service Award, United Airlines, December 2000
* Bronze Service Award, United Airlines, May 2001
* "Good Job!" Service Award, Moore Business Communications, April 2002
* "Pass It On" Service Award, Resurrection Health Care, January 2007