Post Job Free
Sign in

Security Information

Location:
San Diego, CA
Posted:
August 15, 2017

Contact this candidate

Resume:

Howard M. Greenspan

**** ****** *** #*** *** Diego, CA ac1ts5@r.postjobfree.com 678-***-****

Information Technology Security Specialist

Mr. Greenspan is an IT Security Specialist with over 25 years of experience in investigating malware, web vulnerabilities and viruses, quality assurance of security products, penetration testing of networks and websites, and planning and implementation of enterprise information-security solutions. Mr. Greenspan has participated in creating over two dozen software products for software engineering, enterprise, and consumer technology segments. Recently, Mr. Greenspan has extensive experience as a liaison between QA, Engineering, and Support to handle complicated issues with software security product lines (HP WebInspect, AMP, QAInspect, DevInspect ESET ERA and Fortify SCA). Mr. Greenspan has a strong security background originating from his experience on the IBM Internet Security Systems X-force combating malware and disassembling the code red virus. Mr. Greenspan has also worked for Clark Atlanta University, a 5,000 user network consisting of IDS systems, anti-virus and 24/7 SIEM monitoring of anomalies and incidents.

Professional Experience

ESET, San Diego

Malware Agent, Business Agent, Software Developer II 3/24/2015 – Current

Resolved malware infiltrations for large business customers and helped create new detections

Act as a mentor and a liaison to bring team members together technically to work towards a common goal

Created performance tools and log collectors to resolve common issues with our products

Trained new members of the business support team to succeed in their roles

Researched new threats and infiltrations in the wild to keep up to date on customer issues

Created and improved Knowledge base articles for top business support issues

Assisted with ESET MSP, Partners including Labtech and Kaseya specific issues

Helped with front line support teams with training and problem resolution

Speaker at ToorCon San Diego over ransomware protection with whitelisting

Help customers with PCI-DSS compliance

Cyber boot camp instructor helping high school students learn cyber security

Flying Cloud Technologies, Santa Cruz, California / Roswell, Georgia 7/1/2014 – Current

Founder, Product Manager, Penetration Tester

Conduct Penetration tests and report and remediate findings with customers (Nessus, Burp, etc)

Created Security Threat Intel SIEM product the language used is C#

Create Splunk filters and Wireshark add-ons in order to filter large data sets

Provide security policies and countermeasures

PCI and HIPPA compliance checks with clients

Assist with the SDLC security with QA and Development

Hewlett-Packard ASC / Fortify (SPI Dynamics, Inc.), Alpharetta, Georgia 12/12004 – 6/13/2014

WebInspect Sr. QA Analyst, Sr. Information Security Analyst, Tier 3 Vulnerability Remediation Support, QA Manager Security Products

Supervisor Ken Bargeron – 770-***-****

Presented at HP Universe speaking on securing the SDLC from start to finish in a live demo using all our products to remediate a security threat and how to solve it in the source code

Won the Global Support Delivery Fab 5 award in December 2009 for creating the HP secure upload process this was used by 30,000 support engineers

Performed penetration tests for customers with difficult scanning issues and documented these issues into the bug tracking system to improve the product

Recommended security improvements for future releases investigated vulnerabilities and how to detect them with our products Arcsight, Fortify, Tipping Point and Webinspect

SME with creating system architecture recommendations and implementing solutions with customers using our product lines

Taught security and hacking methods and mentored colleagues

Built security lab environment for real customer testing of our products

Helped with PCI and HIPPA compliance with customers

Documented security lab procedures

Documented defects relating to WebInspect, AMP, DevInspect, Secure Objects using Mercury Quality Center and Team Foundation Server

Created a web based security knowledge base running on python/plone Worked through customer scan data to figure out if security vulnerability was exploitable

Advised and created HP support tools in order to reduce the number of support calls

Found XSS/SQL Injection and other vulnerabilities in customer and client web sites which were added to our regressing testing

Performed quality assurance and testing on three product lines (WebInspect, AMP, DevInspect) executing up to 300 tests per sprint

Supported customers with relentless enthusiasm and a goal to have them succeed with our products and our team

Installed and tested IDS/IPS systems and worked with customers to remediate their security issues

Pathfire, Inc., Roswell, Georgia 01/14/2003-12/1/2004

Sr. Systems and Security Administrator

Established an IDS system consisting of ISS Site Protector attached to a ISS Proventia’ G appliance

Established a weekly penetration test to ensure that there was no unknown systems on the network, identified the production environment security position, and provided a detailed report on how to close the system

Established a desktop defense system internally in the event of a front-line or perimeter breach; this system included firewalls, IDS and application MD5 checking, allowing the end-user to continue using the desktop

Created a central logging server that imported the following logs to one location: PIX 520, Linux, Solaris, and Cisco switch traffic, in order to get a high-level view of the issues at hand

Maintained security on over 1,500 production servers at customer sites, including 250 internal workstations

Helped with QA on the Digital Media Gateway to ensure it was released on time

Documented defects using Mercury Quality Center

Maintained and planned NT Exchange 5.5 to 2003 Exchange 2003 migration

Created Internet ethics policy for the company

Created wireless and general system use policy

Audited our product and documented security vulnerabilities and solutions

Clark Atlanta University, Atlanta, Georgia 2/14/2002-1/14/2003

Sr. Information Security Engineer

Advised and implemented solutions in all aspects of Network and Host Based Security

Converted a malfunctioning PIX 520 Firewall to Check Point NG Firewall-1

Established Dial-Up, Wireless, Secure Use, Safe Computer Practice, and Internet Ethics Policies

Developed campus wide Intruder Defense System using Snort, Dragon and ISS Real Secure IDS

Performed and analyzed Penetration Tests

Geared the University towards security by leveraging the benefits and features of a secure well run corporate enterprise

Handled FBI investigations and reports on how and why an incident happened and how to prevent it, likewise called on events that were discovered internally

Audited internal and external machines for security issues then repair them with client services that were responsible for them

Installed and configured Norton CVP anti-virus for gateways and Norton Symantec Web Security content filtering

Installed and configured Norton System Center for 1,800 workstations

Maintained Internet connection for 5,000 people

Changed e-mail remote and internal from no encryption to SSL

Managed 150K budget for security tools and protection

IBM Internet Security Systems, Atlanta, Georgia 2/1/1999-2/102001

X-Force Vulnerabilities Assessment

Completed Check Point RealSecure 5.5-6.0 QA product lifecycle SDLC

Created IDS assessment policies for the Global Threat Operation Center (NOC)

Performed research on all current and past exploits, Trojans, DOS, DDOS, worms, virus, spy ware, IDS products, enterprise, and home firewall systems

Watched for and identified patterns in malicious data with network sniffing software

Tested IDS systems for accuracy

Developed capture files to replay the malicious data for IDS to test and for developers to build into the product

Performed demos to show the effects of vulnerable IIS servers that are deployed (Code Red, Code Blue, Nimda)

Wrote draft security advisories and supplied research for numerous publications to provide information to customers and the general Internet public via http://xforce.iss.net

QA on RealSecure CheckPoint IDS product up to RealSecure 6.0 over 300 implementations of the product with Solaris, NT, and IPSO Nokia based systems each cycle

Used StarTeam and Visual Source Safe to control code and scenarios

Beta tested scenarios and feedback requirements from customers

Evaluated products for purchase

Performed load testing and evaluations of the product under great network stress

Participated in FIRST teams, CERT, Trojan, DDOS, and worm disassembly to educated the public on the capabilities of IDS systems

Developed and reviewed Ethical Hacking training course that ISS offers (Penetration testing, IDS, CGI, IIS)

Education and Credentials

Bachelor of Science Degree in Computer Information Systems 1998

DeVRY University – Decatur, Georgia

Professional Training and Certifications

Check Point Checkpoint Certified Security Administrator (CCSA), RealSecure, Internet Scanner, SAFEsuite Decisions, Navision Academy US 101, Delivering Effective Service, MS SQL 7.0, MS SMS 1.2, MS NT 4.0, XP and 2003 Certified MCP, Management and Leadership, MS Exchange 5.5, QualysGuard Vulnerability Management Certified, WebInspect Certified, Security+, StorageCraft Certified Specialist

Professional Affiliations

Information Security Community, Blackhat, Defcon, ISS Alumni, Security Leaders Group, OWASP

Known/Used software and hardware: CheckPoint, ESET Business Products EndPoint EEA/EES 4.x, 5.x, 6.x, ESET Remote Adminstrator 5.x and 6.x, ESET Mail Security and File Security 4.x and 6.x, Fortify SCA 4.x, Webinspect Enterprise, WebInspect 5.0-10.20, AMP, QAI, DevInspect, CheckPoint Nokia IP440 NG R55, Checkpoint Firewall-1, Checkpoint Firewall NG, Checkpoint Firewall-1 3.0-4.1-NG, Zonealarm, Mcafee, Raptor, Cisco Pix 535 Firewall, Sygate firewall, Corporate Exchange, Firewall-1, Content Vectoring Protocol with Symantec Norton Antivirus, Eeye Retina, Nessus, Nmap, Secure Objects, Internet Security Systems (ISS) Internet Scanner, ISS Database Scanner, Cybercop Scanner, AMP 1.0-9.2, Wireshark, Sniffer Pro, MS Network Monitor, Snoop, Blue Coat Proxy, Netcache Proxy, Microsoft ISA, Kiwi Sawmill, IIS, Apache, Web Sphere, Redhat Linux, Linux, Solaris 2.5.1/2.6/2.7/2.8, Windows 7,8.1, 10,Slackware, Centos 6.x and 7.x,Solaris x86, Mac OS X, BSD (Open 2.8 and Free 4.3), Slackware 14.x, DOS, OS/2 Warp 3.0, Office 98-2013, IP tools sets, Dragon IDS, Snort, Silent Runner, net x-ray, Hyena, SMS, Norton Anti-virus, Winrunner, StarTeam, Ghost, Linux Jumpstart, Navision CCAPs, FTP, PGP, TCPdump, ISS SAFEsuite Decisions, Network ICE Gigabit, Dragon NFR, Server Sensor, Exchange 5.5-2003, NT Server, Win 2000,2003,2008,2012 Server, SQL Admin, MS C++, C#, GNU C, Python, Visual Basic, C++, C, familiar with PERL and shell code, COBOL, Q basic, Visual Studio 2015, Hayes/USR/ISDN Modems, Compaq Servers, Dell Servers, HP Servers, SQL 6.5-2014, Access, Navision Financials, Remote Control Systems, Bomgar, VNC, Visio, WinHex, FileMon, RegMon, TweakUI, Adobe PhotoShop, Splunk SIEM, Arcsight SIEM, Veritas Backup Exec, SAN, Norton System Center, desktop defense, IPX, UDP, TCP, SSL, Rational Rose, JIRA, and Jenkins, Kali-Linux.

Posted Security Advisories Researched:

http://web.archive.org/web/201***********/http://sandiego.toorcon.net/conference/#16

https://web.archive.org/web/201***********/http://www.iss.net:80/threats/advise91.html

https://web.archive.org/web/201***********/http://www.iss.net:80/threats/advise90.html

https://web.archive.org/web/201***********/http://www.iss.net:80/threats/advise89.html

https://web.archive.org/web/201***********/http://www.iss.net:80/threats/advise88.html

https://web.archive.org/web/201***********/http://www.iss.net:80/threats/advise80.html

https://web.archive.org/web/201***********/http://www.iss.net:80/threats/advise79.html

https://web.archive.org/web/201***********/http://www.iss.net:80/threats/advise78.html

https://web.archive.org/web/201***********/http://www.iss.net:80/threats/advise77.html

https://web.archive.org/web/201***********/http://www.iss.net:80/threats/advise75.html

https://web.archive.org/web/201***********/http://www.iss.net:80/threats/advise74.html

https://web.archive.org/web/201***********/http://www.iss.net:80/threats/advise73.html

https://web.archive.org/web/201***********/http://www.iss.net:80/threats/advise65.html



Contact this candidate