Sr Engineer, network layer 2&3, switching, routers, border BG, etc.
Resume:
Steve Thomas
Latham, NY *****
Cyber Security Professional, Application Security Professional, Network Engineer
Security Clearance
Held Confidential, Secret and Top Secret Clearance. Currently not active but can obtain again as needed.
Key Skills and Knowledge
Domain Expertise & Solutions
DNS, DNS-SEC,
Management Consulting Services
Design and manage various resources within and external to company.
Project and Program Management
SDLC, Project Mgt using Project Plans and other tools as needed.
Communication and Networking
Dialup, T1, Fractional T1, Firewalls, Routers, Network Switches (managed,unmanaged and virtual), SAN, NAS, NFS, wired and wireless and other.
Databases
DB2, MySQL, MariaDB, SQL Lite, Oracle, xBase, FoxBase, others.
Hardware
DEC, PC, Laptops, Hand Held devices, rack design and equipment, Data Center Engineering, including Mainframe, Micro and Desktop PCs and Servers.
Cyber Security
Hacking/Anti-hacking techniques and protections. Forensics, data mining, investigative, reverse engineering, training, documentation, wired and wireless penetration and observance.
Operating Systems
Windows (1.x to 2016R2 Server)
Linux (Ubuntu, Redhat, CentOS, Ubuntu and others) using Linux extensively since 1992.
Unix (SCO and others)
Novell, Banyan Vines, DEC, Mac OS, Android, iOS
Virtual Environments
VMware 5.5 and 6.x, VMware Workstation Pro, Oracle Virtual Box, Containers.
Software/System Architecture
Black/White boarding, conceptual designs, needs management, test design, flow diagrams, thought and logical diagrams, customer needs and flow. Software augmentation strategies. SDLC for software. Same principles applied towards Network Architectures.
Programming Languages & Tools
Linux Shell, PERL, Python, DOS, Oracle, MS Access, .NET, C, C++, dBase, Clipper, UDL, Pascal, Java, HTML, Javascript
Log Management/SIEM
Logalyzer, Splunk, RSyslog, Logrythm, others
Call Center and Help Desk
Ran various Help Desks for own company as well as for Clients, for ISPs and small to Mid-Corporations.
Installed and maintained Knowledge Based software for capturing “tribal knowledge” pertaining to various topics.
Office Productivity Tools
MS Office, Open Office, MS Project, MS Visio, SNAGIT
Technical Documentation
Uses Snagit extensively for walk through documentation giving clear paths through objectives for both high level and introductory users. Technical manuals for systems developed by teams or self. Utilizes Visio Pro for detailed drawings and layouts.
Photography and Video Skills as a professional Photographer for various Magazines and Local Radio Stations
Professional Summary
Experienced and tested Network and Cyber Security infrastructure Architect focused heavily on Security and availability. Helped numerous companies achieve Network, Security and Internet goals.
Network Architect/Engineer/Administrator, Project and Security Manager,
Systems and software developer,
IT Security Professional for more than 20 years. Assessing risk through interview, penetration tests of applications and network. Aided law enforcement in the capture of nefarious hackers as an expert witness and professional. Hands on experienced with various tools and techniques
Management Support for Cyber Security, Risk Assessments and Analysis, Systems and Security Policies, Procedures and Statements of Work.
IDS/IPS/Log Management talents.
Manage projects throughout SDLC, including Patch Management for existing systems and services.
Consultant and Analyst for needs, design, creative solutions and build effective teamwork.
Strong talents on multiple platforms, interoperability and security.
20+ years of hands on Security and Networking experience coupled with Operating System Platforms, Hardware and Software. Utilizing Linux, Windows and other OS’s to meet and exceed project plans.
Hands on use of multi-flavors of Linux use going back to pre-kernel 1.x. including kernel hacking, modifications, etc.
Advanced Troubleshooting techniques including ability to diagram and document troubleshooting techniques.
Architect and Maintain Virtual Environments and Labs using various Virtual OS technologies
Professional Experience
Extensive, please see Employment History below for a brief description of various projects and tasks.
Employment History
Unisys Corporation 3/2014 – present
Sr Stealth Network/Security Engineer –Security Services Group
-Interfacing with Client to help ascertain best practices when implementing a Stealth Network. This includes the review of infrastructure, topology and network flows using Unisys tested and approved methodologies.
-Created and Installed a Knowledge base to capture various aspects of day to day interactions with technologies, Engineering, troubleshooting and remediation techniques. Knowledge base can be made into a Troubleshooting Guide for follow on users or engineers.
-Tasked with implementing a way to interact with SharePoint in a way to index all documents and where they reside.
-Manages various Microsoft SharePoint Portals and Informational areas.
-Created tools (scripts) to better ascertain from large data sets information required to create COIs for the Client, within a Stealth Environment.
-Participates in direct client requirements, SOW, POCs, workshops as well as demonstrations and round table discussions. Initiated the need to continue to develop internal workshops through the use of Round Table discussions and demonstrations.
-Forensic research into various events both from a Security perspective as well as software behavioral perspective. Advanced troubleshooting techniques employed.
-Data Center Management of Stealth Appliances and VMs.
-Contributes or initiates technical artifacts through team collaborations and/or Stealth and Security communities of practice.
-Through collaboration with the Client, maintain Stealth Equipment, Monitor same and troubleshoots problems when or if they arise.
-SME for various versions of Linux (RHEL, Ubuntu, etc)
-Develop various Linux Scripts for clients and internal use.
-Help develop Endpoint Monitoring solutions for Client and internal.
-SIEM management using various Log Aggregation packages both commercial and opensource.
-Through the use of Virtualization of servers using various technologies including Linux, VMware, Hyper-V, etc. Set up and maintain Stealth Verification Center on client premise. Lab used as a Verification Center to ensure seamless continuity.
-Tasked with architecting and installing the Malvern Field Labs environment for all Unisys employees to test and verify Stealth capabilities. The Lab is used to verify prior to moving into Client Environment as well as new and existing technologies. Labs were set up to mimic Client site.
-Red Team member and also Tiger Team member for Stealth with Client and internalization requirements.
-Micro-Segmentation utilizing Unisys Stealth technology.
-Cyber Security maven pushing Awareness and New techniques and guidelines within networks and applications
-Set up Unisys QA Labs with multimode VMware and well over 1,000 VMs with 2 physical servers introducing 1,500 Linux Containers.
-Implemented various software packages to create test cases, bug tracking and remediation.
-All labs are in a “sandbox of sandboxes” with connectivity only through a VPN on internal network.
Open Sky Corporation 10/2012 – 10/2013
Senior Applications Security Consultant
Application Security using Dynamic (black box) and Static (white box) Analysis techniques
Mobile Device Management
Mobile Device Security
Mobile Device Application Security
Penetration Tester of Mobile Devices and Mobile and Web based Applications.
Networking and Systems Consultant
Risk Management for Mobile and Web Applications
Client Interaction
Responsible for Lab operated in a VMWare environment.
Tailwind Associates, Schenectady NY. 05/2007 – 10/2012
Lead Security Consultant focusing on Application Security for various clients.
Help clients develop and define Application Security Incentives.
Interface with Management including CIO, CISO and other Inter-Agency CIOs and CISOs.
Create Security Standards for RFP process, including review of bids for security requirements focusing on Application Security and Infrastructure security. For Client, New York State Department of Health
Create a Standard Risk Assessment spreadsheet that all potential vendors must complete to help identify Security Risks and pinpoint areas where vendors must improve towards Security Standards adopted by the NYSDOH.
Review, enhance or create where needed various Security Policies and Procedures as related to various aspects of Security for NYSDOH.
Create a Secure Systems Development Life Cycle plan (SDLC) for NYSDOH
Train individuals in Application Security, Application Penetration testing using automated and manual tools (AppScan Dynamic Tester, Web Scarab, Burp Suite Pro, and others).
Audit of Penetration Scans performed to determine vulnerabilities. Create custom reports to be used with AppScan.
Utilize 3rd party Application penetration tools to validate automated tool findings and use as main validation tools when and as needed coupled with manual Application Penetration techniques.
Set up Fortify products on clients machines, train users to scan their own code before it is released. Audit of Fortify scans of source code to aid developers.
Created an internal Application Security Portal for Developers and Management to learn more on how to prevent Vulnerabilities for Applications.
Monitor and suggest Database Security tools and techniques.
Create Web log scanning software to look for potential new vulnerabilities being attempted on new and existing Web applications.
Ran various Pilot Programs for Mobile Device Management (MDM), Cloud Initiatives including Cloud Storage for NYSDOH. These Pilot Programs were at the direct request of the NYSDOH Commissioner and CIO.
Wireless investigation lead to discover and recommend secure Wireless implementation for NYSDOH (Client) including wireless penetration testing
Security lead with CISO to work with potential Vendors on various RFPs.
Work with the NYSDOH CISO to ensure that HIPPA, HI-TECH and FISMA regulations are applied and adhered to for Vendor related issues as well as in house related questions and issues.
Act on behalf of NYSDOH CISO for various Security meetings and reviews.
Cyber Security tasks including IDS, Hacking/Anti-Hacking, forensics, documentation, expert witness,
Installed Test Lab for Application Security and dissemination of attack software (malware, stealth-ware web based attacks towards various servers and services)
Interface with Security and Network Staff as required in the review of Network and Application Vulnerabilities. This also included review of IDS and IPS logs from internal and other State agencies.
Detailed Status reporting on various tasks and functions that were required throughout contracts.
Responsible for various VM environments for testing, application pentesting.
Contract Sub for HP/Fortify contracts.
Sr Lead for Sales and Technical questions for Symantec (certified thru 2012) products.
Multi Month contracts for various clients under Tailwind Associates including direct placement from HP Fortify for UBS (International Finance) in New Jersey.
Crystal Clear P.C./Idea Noodle, Inc. 12/1990 – 5/2007
Senior Consultant, MIS Director, IT Security Manager, Owner
Provide systems, networks, INTRA / INTER and EXTRA-nets and network consulting for clients Nationwide, ranging from Fortune 100 corporations to home-based businesses and individuals. Develop and install various Internet Services.
Develop and install live system for on-line clients, created with Cold Fusion, PHP, MySQL and MS-SQL Server. System includes Help Desk, On-line Stats, Accounting and various other features.
DBA for various projects for internal as well as for multiple Clients.
Design and implement various Networks, utilizing multiple platforms and technologies, wan, lan, vpn and wireless included. Design and implement various Networks for clients, including Network Security, Camera surveillance alarms and alerts (with DVR, NVR, PVR, streaming technologies as well as live to Web photos), Fiber Optic and Copper backbones, etc.
Develop and install Internet and Network Security including Firewalling Technologies. Perform Security sweeps for in house and clientele, including risk assessment. Establish backup and disaster recovery schemes
Develop and install customized servers and services for clientele and in house projects. including Kernel Tweaking on Linux /Unix platforms. Extensive knowledge of Operating Systems including Linux, Windows and various flavors of Unix.
Set up a separate Lab for software and network testing in a SET ASIDE Virtual Environment.
Develop and install various ISPs regionally as well as Nationally.
E-Commerce utilizing custom designed solutions including POS systems for traditional sales and service., ensuring PCI compliance
Provide Network installation, troubleshooting, bandwidth monitoring, resource utilization and monitoring. Hands on with various hardware and software solutions.
Design, install and maintain dedicated telecom lines, Dial-up, fractional to T-1.
Troubleshoot and repair existing hardware, including systems ordering and integration into existing networks.
Design Documentation artifacts for various clients.
Web Hosting, graphics and site design utilizing APACHE, PHP, MySql, ODBC, MS Access, Dreamweaver, Photoshop, Flash and various other packages and tools. Web Application Security for clients and in house projects, including manual Penetration Testing.
Help various clients with Application Security issues, training, setting goals and establishment of various protocols and SDLC.
Perform network and Application evaluations for in house and clientele. This included Penetration tests as well as known hacking techniques.
Penetration tests for Clients as needed.
Help develop Security protocols for various clients of various sizes.
Barrow York Associates Ltd. 4/1990-12/1990
Senior Programmer/Analyst/Staff Trainer, Network Manager/Administrator
An Authorized training center for Nantucket (Clipper), dLesko Associates (FUNCky), Concentric Data Systems (R&R relational Report Writer)
Network Manager for Internal Network as well as for Client Networks, including dial up access, remote access and remote networking computing. Project Management of R&D, Systems Design and implementation and network consulting for clients as well as in house projects, Object Oriented Design (OOD) and programming.
Training of End Users, Technical Manuals and documentation in CA-Clipper and other in house Data Driven Applications.
Electronic Data Interchange (EDI) liaison and Programmer/Designer for clients engaged in interstate and international commerce.
JW Systems Ltd 04/1989 – 04/1990
Systems Programmer/Analyst, Network Manager/Administrator
Responsible for R&D, Work Area Design, Warehousing, Systems programming, documentation, training and work instructions.
Served as liaison for custom systems, including traveling to customers sites. Created animated graphic presentation.
Implemented and managed company network as Network Manager for business as well as clients.
EATON CORPORATION, A.I.L. DIVISION 07/1976 – 4/1989
Various Roles: Inventory Management, Expediter/Project Management, Applications Programmer/Analyst, Data Base Manager/Administrator, Network Engineer and Administrator
Responsible for full life cycle implementation on IBM PCs and compatibles, utilizing C, C++, Clipper, FoxPro, DB2, Oracle.
Project management included scheduling, expediting, liaison with manufacturing, engineering and production departments and military (DOD) representatives for government contracts.
Developed and implemented the following systems: Materials Tracking, Reporting for multi-user environment including graphics, charts, time cards and project charge tracking systems, page and line tracking systems in compliance with government regulations.
Network Engineer and Administrator for multiple departments, helped to design and implement company wide PC based Network, migrating from IBM Thicknet and Token Ring networks to Ethernet based TCP/IP.
Held Secret Clearance and Top Secret Clearance for various Projects.
Education Include High School or greater
HS Graduated 1976, General Douglas MacArthur, Levittown NY
AAS in Computer Information Systems, University of New York, Farmingdale 1985
Additional Courses ranging from Mathematics to Electrical Engineering Technologies
Professional Certification
Linux Hardening and Locking down Containers from Black Hat 2017
Advanced Application Security techniques from Black Hat in 2008
Certified Fortify Professional, Directly from Fortify in 2008
Building Knowledge based Systems (AIL training and Certification 12/1988)
Factory Management Concepts (AIL Training and Certification 4/1986)
Other Accomplishments
A Talk given in conjunction with IBM for CIOs and ISOs for NYS about Application Security, Static vs Dynamic testing focusing on Dynamic Testing. A history of Hacking and countermeasures.
Member of the Capital District ISSA group
Member of the Capital District Infra-Guard (FBI)
Contributing Member of ANYcon in Albany NY
Regular Black Hat and DEFCON Attendee
Recipient of New York State Department of Health’s Commissioners Recognition Award for Extraordinary and Collaborative efforts to implement a project in 2010
United Way of Delaware and Otsego Counties, Board member from 2001 – 2005
Active Member in CSFI and CSWD, Cyber Security Forum Initiative and Cyber Security Warfare Division on LinkedIn
Active LAB in a multi-tiered network environment in basement for testing software, network, malware, penetration testing and new Application Security tools.
Coordinator of the Albany OWASP chapter.
Contact this candidate