Post Job Free
Sign in

Security Manager

Location:
Juneau, AK
Posted:
January 21, 2013

Contact this candidate

Resume:

Morton Christiansen

Email: *********@********.***

Address: Beatevej 1, 4th

City: Valby

State: AK

Zip: 99802

Country: USA

Phone: (455-***-****

Skill Level: Experienced

Salary Range: $115,000

Willing to Relocate

Primary Skills/Experience:

See Resume

Educational Background:

See Resume

Job History / Details:

Personal Information

Date of birth: 24/8-1975

Nationality: Danish

Education

2003 - MSc.IT (Master thesis: Vulnerabilities in intranet and Internet protocols - Grade: A)

Certifications

2012 - GXPN - GIAC Exploit Researcher and Advanced Penetration Tester

2011 - GAWN - GIAC Assessing and Auditing Wireless Networks

2011 - CISA - Certified Information System Auditor

2011 - CISM - Certified Information Security Manager

2011 - CRISC - Certified in Risk and Information Systems Control

2010 - GPEN Gold - GIAC Certified Penetration Tester (Gold)

2010 - GWAPT - GIAC Web Application Penetration Tester

2009 - GREM - GIAC Reverse Engineering Malware

2007 - GCIH Gold - GIAC Certified Incident Handler (Gold)

2005 - CISSP - Certified Information Systems Security Professional

Brief Description

Senior Security Consultant working for the IT-security company nSense. Currently holds a Master of Science in Information Technology degree from the IT University of Copenhagen, in addition to numerous certifications from some of the most acknowledged certification vendors within the IT-security industry including SANS/GIAC, ISACA and ISC2.

Has been featured by major Danish mass media, including TV (e.g. DR1), radio (e.g. P1) and newspapers (e.g. Ingeniren). Another carrier highlight was participating as a Security Rock Star Keynote Panelist at MIS Training Institute's IT-Security World 2008. Together with Oliver Day (Lead Security Researcher, Stopbadware.org, Harvard University), Kingpin (aka Joe Grand, Host, Discovery Channel) and Fyodor (Creator, Nmap and Insecure.org).

Serves as a SANS/GIAC Advisory Board member, Gold Advisor and on the Exam Development Team (e.g. for the GIAC Exploit Researcher and Advanced Penetration Tester certification).

Focuses exclusively on penetration testing and vulnerability assessments, and is often called upon in regard to security assessments related to national security, large enterprises and nationwide ICS/SCADA environments.

Has uncovered thousands of vulnerabilities for some of the largest organizations in Northern Europe nationwide agencies.

Currently live in Denmark. Will be able to test Internet faced and VPN connected systems, conduct

code/application/configuration reviews, write reports etc. from home. And will gladly travel onsite for assignments

requiring so. Alternatively, will be willing to relocate permanently for the right job.

Knowledge about penetration testing:

Web-applications Excellent

Networks Excellent

National security and critical infrastructure Excellent

Dial ups Excellent

Malware defences Excellent

ICS/SCADA Excellent

System hardening Excellent

(CIS/SANS/NSA)

Social engineering Excellent

Password cracking Very good

Wireless systems Very good

(802.11, BlueTooth, RFID and analogue systems)

Auditing and risk analysis Very good

Compliance and legal issues Very good

Fuzzing Very good

Project management Very good

VoIP Good

IDS/IPS Good

Firewall configuration reviews Good

Physical security Good

Professional Experience

06/2009 -> nSense Denmark A/S (Ezenta A/S split)

Senior Security Consultant

Conducting penetration tests and vulnerability assessments for some of the largest organizations in Northern Europe

03/2005 - 06/2009 -> Ezenta A/S

Senior Security Consultant

Conducted penetration tests and vulnerability assessments for some of the largest organizations in Northern Europe

Developed the majority of the company's services within the area of penetration testing and vulnerability assessments

02/2004 - 01/2005 -> I360 Nordic A/S

IT Security Consultant

Worked as an IT-Security Consultant, primary for the Danish Ministry of Refugee, Immigration and Integration Affairs

08/2002 - 05/2003 -> IT University of Copenhagen

Instructor - IT security

Served as an instructor with the shared responsibility of developing training materials and the sole responsibility for holding the training sessions

Level taught: MSc.IT

08/1998 - 05/2003 -> Multiple Danish Cities

Instructor - IT security & Programming in C, C++ and Java

Served as an instructor in IT-security as well as basic C, C++ and Java programming courses. Employed at multiple cities simultaneously: City of Gentofte, City of Brndby and City of Copenhagen

Major courses and conferences attended

2012 HOPE - Hackers On Planet Earth (USA)

2012 Black Hat Europe (The Netherlands)

2011 Hack In The Box (Malaysia)

2011 US Department of Homeland Security: Control Systems Cyber Security Advanced Training and Workshop (USA)

2011 SANS: Advanced Penetration Testing, Exploits, and Ethical Hacking (USA)

2011 SANS: Advanced Exploit Development (USA)

2011 SANS: Wireless Ethical Hacking, Penetration Testing, and Defenses (USA)

2010 Black Hat: Infrastructure Attacktecs & Defentecs: Hacking Cisco (USA)

2010 Defcon 18 (USA)

2010 CanSecWest (Canada)

2009 US Department of Homeland Security & SANS: Intermediate Control Systems Security (Sweden)

2009 SANS: Reverse-Engineering Malware: Malware Analysis Tools and Techniques (USA)

2009 Hack In The Box (Malaysia)

2009 Marcus Pinto/NGS: Web Application (in)Security (Malaysia)

2009 Defcon 17 (USA)

2009 InfoSec World Conference & Expo 2009 (USA) *invited speaker*

2008 Chaos Communication Congress (Germany)

2008 Hack In The Box (Malaysia)

2008 IT Security World 2008 (USA) *invited speaker *

2008 SANS: Network Penetration Testing and Ethical Hacking (USA)

2008 Hack In The Box (UAE)

2007 Chaos Communication Congress (Germany)

2007 Black Hat Asia (Japan)

2007 Defcon 15 (USA)

2006 SANS: Hacker Techniques, Exploits and Incident Handling (Canada)

2006 Defcon 14 (USA)

2006 Black Hat US (USA)

2006 Foundstone: Ultimate Hacking Expert (USA)

2005 Black Hat Asia (Japan)

2005 Black Hat US (USA)

2005 Defcon 13 (USA)

2004 Defcon 12 (USA)

2004 EU Workshop on Secure Multiparty Protocols (The Netherlands)

2003 Danish Board of Technology: Workshop on Vulnerabilities of the IT-infrastructure

(Denmark)

2003 Copenhagen Security Seminars (Denmark) *invited speaker*

Languages

Danish - native language

English - advanced

German - understands

Keywords

Penetration testing. Security assessments. ICS/SCADA. National security.



Contact this candidate