Post Job Free
Sign in

Security

Location:
Willamina, OR
Posted:
June 24, 2015

Contact this candidate

Resume:

MARK ANDREWS

gdroids< >gmail<dø*>com

a*

253-***-****

BIO

Mark is a software engineer with over 18 years of experience in a variety of disciplines that include

application security, penetration testing, network security, threat modeling, vulnerability discovery,

and application quality assurance (QA) analysis. He has worked for industry-leading security com-

panies, which include Raytheon, @Stake, Symantec Vulnerability Assessment Services, and Aventail

Corporation.

EMPLOYMENT HISTORY

Dagger Networks FL, 2013 - 2015

Sr. Engineer

• Program specific testing of security focused software

• One-off test automation scripts in Python

• Created scalable test automation framework using veewee, vagrant, puppet provisioning, and

Virtualbox on Ubuntu Linux

• OS X related testing, Xcode

• System testing

• Creation and delivery of customer documentation.

• Coordinated and Run program’s in-person, onsite, customer acceptance tests.

• Further details upon request and need.

Raytheon SI Government Solutions FL, 2009 - 2013

Cyber Engineer II

• Low-level application and OS testing

• Driver testing

• Embedded OS RE and VR

• Test automation in Python/VMware

• Mobile application testing

• Vulnerability Research

• Reverse Engineering

• Penetration Testing

• System testing

• Creation and delivery of customer documentation.

• Coordinate and run program’s in-person, onsite, customer acceptance tests.

• Further details upon request and need

• Developed an offline Anti-Virus Farm (AVF) idea project, which involved the creation of a

Python script that monitored a shared network folder where files were dropped. Multiple

machines running different flavors of anti-virus software consumed the dropped files. Each

machine responded with the scan results. A report was then generated from the aggregate

data for each dropped file. Signature updates for AV software were automated.

Russell Investments (Contract), WA 2008 - 2009

Quality Assurance / Automation Engineer

• Tested the functionality and security of the company’s many internal and external financial

management applications.

• Saved time on regression testing by suggesting automation. Used C# for SQL queries. Used

Selenium for the web interfaces.

aQuantive/Avenue A/Razorfish (Contract) WA, 2007 - 2008

Security Administrator

• Part of the security response team monitoring Internet traffic on the corporation’s websites,

which included testing firewall rules and participating in weekly Symantec anti-virus report

reviews to assess potential threats.

• Developed an internal asset website to catalog devices for Sarbanes Oxley compliance.

Symantec Corporation WA, 2004 - 2007

Senior Security Consultant

• Performed a wide array of full-site security assessments, which included the following organi-

zations: MySpace, Gates Foundation, Iron Mountain, multiple Coca Cola sites, C&K Auto,

Palm Inc. (Hewlett Packard), Ebay, Intuit, Quantum-Axeda, Shutterfly, Qwest, and Bank of

Butterfield.

• Identified the initial samples of cross-site scripting around the same time the Samy Worm

occurred demonstrating how important it is for organizations to act upon identified security

problems.

Mark Andrews Page 2

• Reverse engineered applications and protocols, performed code and report reviews, and vul-

nerability research.

• Create and deliver customer documentation.

• PCI certified

• Tools: Paros Proxy (ZAP), Qualys, nmap, netcat, Metasploit, BackTrack (Kali Linux).

Safeco Insurance (Contract) WA, 2004 - 2004

Automation Engineer / Quality Assurance Analyst

• Automated existing test suites for the company’s intranet and Internet agent web sites.

• Filed and fixed bugs

Premera Blue Cross (Contract) WA, 2002 - 2003

Senior Programmer Analyst

• Part of a large team hired to ensure organizational HIPAA compliance.

• Managed and configured the builds and testing of a large number of disparate, new, and legacy

applications in multiple build environments that were required to work together.

• Ported existing build environments to a more manageable design.

• Created unit test tools for development teams.

• Premera-certified in Mercator Integration Flow Designer.

Aventail Corporation WA, 1999 - 2001

Senior Software Quality Assurance Engineer

• Designed and implemented test suites for a large Secure Business to Business management

solution.

• Testing required detailed knowledge of many authentication and encryption methods.

• Joined a small team that developed a proprietary, layered, service-provider client sniffer (similar

to a network packet sniffer, but for a proprietary software application).

Sequel Technology WA, 1998 - 1999

Software Quality Assurance Engineer

• Designed and implemented test suites for a network-filtering product. Testing included au-

tomating SQL queries and web site interfaces.

• Designed and maintained the department’s internal web site.

Microsoft (Contract) WA, 1997 - 1998

Software Test Engineer

• Focused on testing the Remote Access Service (RAS) for NT4 and Windows 2000 (including

Point-to-Point Protocol [PPP], Point-to-Point Tunneling Protocol [PPTP], Layer 2 Tunneling

Protocol (L2TP), AppleTalk, etc.).

• Performed kernel-level debugging on the Network Driver Interface Specification (NDIS) wide

area network (WAN) driver.

• RAS Lab Manager responsible for lab maintenance, uptime, multiple hunt groups, 20+ servers.

CLEARANCE

Active

Details upon request and need.

PROFESSIONAL AFFILIATIONS and ACTIVITIES

WASC Threat Classification Review (1 yr.)

DefCon CTF

EDUCATION

BS Computer Science, California State University San Bernardino 1996



Contact this candidate