Information Security

Craig Alan Rodenberg GIAC, IAM

Mobile Phone: 618-***-****

E-mail: **********@*****.***

Statement:

The challenge of Information Security is to remain absolutely transparent while enabling business to securely leverage dynamic technology.

I am absolutely passionate about Information Security and managed services.

Experience:

Advanced ICU Care St. Louis, MO.

Information Privacy and Security Officer July, 2013 – Current

•Created the Information Security Department and established the Information Security Strategy.

Responsible for the vision, scope and daily operation of global information security engineering and services.

Obtained HIPAA/HITECH, SOC2 and Joint Commission certification.

•Designed, Deployed, and managed security practices consistent with an assessment of business needs:

Advanced server and application hardening, Firewall and VPN management,

Network intrusion prevention, Server intrusion prevention, Network and server integrity monitoring, Virus and malware protection, DDoS mitigation services,

Vulnerability assessment and remediation, Penetration testing, Advanced data encryption, Forensic data recovery, Counter-Forensic data destruction, Security log management and Event correlation.

Obtained HIPAA/HITECH, SOC2 and Joint Commission certification.

Acted as the company’s contact for security incident response.

Developed and implemented enterprise security awareness training.

Developed and implemented rolling internal audits to manage compliance and enforce policy.

Created and deployed ArcSight security status and compliance status dashboards for executive level updates and operations level use.

Frequently designed and implemented complex security solutions in a “high pressure” customer environment and against challenging deadlines.

• Coordinated the remediation of vulnerabilities detected during security scans.

Frequently designed and implemented complex security solutions in a “high pressure” customer environment and against challenging deadlines.

Responsible for the investigation, resolution and reporting of security breaches.

Worked with Executive management to provide security status and compliance updates to the company’s Board of Directors.

Savvis, Inc. St. Louis, MO.

Security Operations Manager January 2011 – July 2013

• Designed, Deployed, and managed the following Managed Security Services:

Advanced Server and Application Hardening Services, Network and Server Intrusion Prevention Services Network and Server Integrity Services

DDoS Mitigation Services, Vulnerability Assessment and Remediation Services, Penetration Testing services, Advanced Data Encryption services

Security Log Management and ArcSight Event correlation services.

• Maintained SAS-70 type 2, SOC2 and VISA PCI certifications.

• Designed and deployed IPSEC, SSL, PPTP and L2TP VPNs.

• Deployed and maintained Centralized network and host anti-virus solutions.

• Deployed and managed multi-factor authentication solutions for multiple customers.

• Designed, deployed and managed custom cryptographic protection for data while in-use and in-storage.

REDPLAID Managed Hosting St. Louis, MO.

Director, Information Security June 2005 – May 2010

• Created the Information Security Department and developed Managed Security

Services.

• Designed, Deployed, and managed the following Managed Security Services:

Advanced server and application hardening services, Firewall and VPN management, Network intrusion prevention services, Server intrusion prevention services, Network and server integrity services, Virus and malware protection services, DDoS mitigation services, Vulnerability assessment and remediation services, Penetration testing services, Advanced data encryption services, Data forensic recovery, Counter-Forensic data destruction services, Security log management and ArcSight Event correlation services.

• Developed the Information Security department from a cost-center to profitability within 15 months.

• Achieved and maintained GLB, SAS-70 type 2 and VISA PCI certifications.

• Engineered custom Cisco ASA, Juniper NetScreen and SonicWall solutions.

• Designed custom TLS and VPS over MPLS solutions for privatized circuits.

• Deployed and maintained Centralized network and host anti-virus solutions.

• Deployed and managed multi-factor authentication solutions for multiple customers.

• Designed, deployed and managed custom cryptographic protection for data while in-use and in-storage.

THE PLANET Dallas, TX

VP, Information Security 10/2003 - June 2005

• Created the Information Security Department and developed Managed Security Services.

• Developed standard Information Security practices into seventeen distinct Managed Security Services.

• Responsible for the vision, direction and daily operations of web-hosting Managed Security Services. Managed a Director, 6 Sr. Security Engineers and 19 Jr. Security Engineers.

• Managed departmental profit and loss. Exceeded executive expectations of minimizing cost by producing profit. After producing an initial profit, I was made ultimately responsible for an annual profit contribution of $1,650,000.00.

• Established a "Security Operations Center" which averaged a 420% return on Investment over three years. The Security Operations Center ranked #2 in customer satisfaction surveys, just below our "low-cost dedicated servers".

• Designed and managed the healthcare HIPAA compliance practice for our healthcare customers.

• Implemented custom cryptographic practices to protect data in-motion and data “at-rest”.

• Consulted on major healthcare data privacy and HIPAA/HITECH compliance projects including custom security controls for the Cloverleaf suite of products.

• Completed 3 major Data loss-prevention projects for our healthcare and insurance customers. Integrated DLP with Intrusion Prevention so that compliance could be monitored in real-time by the monitoring team as they watched for intrusions.

• Resolved numerous business risks such as DDoS attacks, IRC bot-nets, Abuse complaints, Spam, DMCA copyright infringements and terrorist Internet activity.

DATA RETURN / TERREMARK Dallas, TX

Information Security Director 9/2000-10/2003

• Created, implemented and managed the Information Security department for a world-wide multi-platform web and application hosting enterprise.

• Achieved consistent and measurable results implementing and managing network and host-based IDS against aggressive deadlines. (snort, Real Secure, Tripwire, LIDS, ISS and NetRanger).

• Re-defined the objectives and procedures for configuration and management of network DMZ's and virus scanning gateways.

• Established OS hardening practices and policies for Sun, NT and Linux platforms.

• Established the Healthcare Industry compliance practice.

• Provided HIPAA compliance services using the Cloverleaf suite of products and integrating into legacy “in-house” systems.

• Established a profitable security practice and consulting team to Design interface engines and healthcare security systems to comply with HIPAA standards.

• Managed the design, roll-out and management of profitable Data security solutions for high profile financial corporations (Visa, H&R Block, Magnetar Capital, Citibank).

• Established and directed multi-department teams to provide security for Cisco routers and switches including VIPs and subnets.

• Managed multiple projects to provide secure access portals (SSH, SSL, VPN, SecuRemote and IPsec).

• Established a profitable data Forensics security practice.

• Represented the company's interests in 4 criminal cases involving forensic data.

PEROT SYSTEMS Dallas, TX

Jr. Engineer / Sr. Engineer / INFOSEC Manager 10/1998-9/2000

• Implemented and managed network and host-based IDS. (snort, Real Secure, Tripwire, LIDS, ISS RealSecure, NetRanger and Cisco Secure Policy Manager).

• Designed and implemented custom cryptographic data storage solutions.

• Developed and Implemented OS hardening scripts and policies for AIX, SUN, Linux, AS400 and Microsoft platforms.

• Managed the Vulnerability and Penetration Testing Team.

• Performed Vulnerability and Penetration Testing using Nmap, Nessus, CyberCop, ISS Internet scanner, ISS System scanner, ISS database scanner and Retina Scanner.

• Implemented, administered and managed enterprise VPN's including Cisco, Nortel, Checkpoint, PGP, FreeSwan and Microsoft AD based VPN's.

• Managed the Data Forensics security practice.

• Acted as an expert witness in sixteen successful data forensic lawsuits resulting in the recovery of damages.

• Managed and Lead the company's Security Incident Response Team.

• Drafted, submitted and implemented comprehensive Information Security Policies and procedures.

• Managed and Lead the company's security consulting practice.

• Design interface engines and healthcare security systems to comply with HIPAA.

• Implemented and managed Network DMZ's, Virus Scanning Gateways, Bastion Hosts, Secure Load Balancer configurations (with F5 BigIP,) Microsoft E-com Servers and PGP e-commerce servers.

• Established and directed multi-department teams to provide global Information Security coverage.

• Implemented, monitored and managed over 500 production firewalls including Cisco PIX, Checkpoint, Gauntlet, Raptor, SuSE Firewall, IPTables, SonicWall, CyberGuard and WatchGuard.

• Designed and implemented custom projects for SSH, SSL and IPsec.

US NAVY (Officer), Submarine Intelligence Command, Groton, CT

Submarine Intelligence Officer 2/1990-3/1998

• Commissioned as an Officer (LDO) in the United States Navy.

• Selected for and assigned to US Naval Intelligence, Operations Division.

• Performed and supervised classified operations.

• Designed, developed and implemented classified Intrusion detection Systems.

• Managed Incident Response and monitoring teams to protect secured networks.

• Developed and implemented Security policy and procedures.

• Managed classified Data Forensic operations.

• Managed and directly supervised INFOSEC / INFOWAR operations and network counterintelligence teams.

• Performed extensive cryptographic and counter-cryptographic operations.

• Supervised and developed OS hardening and vulnerability testing teams.

• Responsible for the security of specific Congressional communications systems.

• Supervised special security operations teams.

• Responsible for the design, implementation, monitoring and maintenance of secure information systems encompassing more than 3000 servers 11000 and Unix, Sun, NT, and IRIX nodes.

• Awarded a Navy Commendation medal for performance of information security operations.

US NAVY (Enlisted), USS Philadelphia, Groton, CT CT2 (SS) (E-5)

Submarine Cryptographic Technician 1/1983-2/1990

• Installed, configured and monitored classified network and host based security sensors.

• Installed, configured and monitored commercial network and host based security sensors.

• Installed, configured and monitored commercial Intrusion Detection Systems (snort, Tripwire, StarNet, TCP packet dumps and log analysis).

• Utilized commercial firewall products and classified packet mangling techniques to maintain access control of secured networks.

• Updated and maintained INFOSEC policy and procedures in accordance with standing orders and procedural guidelines.

• Developed OS hardening procedures in accordance with INFOSEC and SPAWAR orders.

• Performed OS hardening in accordance with INFOSEC and SPAWAR.

• Responded to and resolved intrusions and anomalies detected on secure networks and equipment.

• Assisted the INFOSEC Officer in data forensic and analysis duties.

• Assisted in systems INFOSEC / INFOWAR operations as ordered.

• Performed vulnerability analysis of classified systems as directed.

• Assisted in vulnerability remediation of classified systems as directed.

• Awarded a Navy Achievement medal for performance during operations.

Education:

US Navy College-At-Sea program – Bachelor of Computer Science equivalence certificate, June 1989

Navy Enlisted Commissioning Program, San Diego, CA

• Commissioned as Limited Duty Officer (LDO) with ECP Bachelor of Computer Science

Certifications:

09/2015 Re-certified as GSEC. GCIH, GPEN, GCFE in progress

10/2015 DoD (8570) IAT III certification

10/2015 DoD (8570) IAM III certification

10/2015 DoD (8570) CND-IR certification

10/2015 DoD (8570) IASAE certification

02/2010 Re-Certified as NSA Information Assurance Methodology (IAM) Penetration Tester

11/2005 SANS Data Forensics Endorsement

08/2004 CERT Incident Response

11/1999 Certified as NSA Information Assurance Methodology (IAM) Penetration Tester

09/1994 Course in Cryptographic Mathematics

05/1994 Course in Applied Cryptography

Professional Associations:

FBI INFRAGARD St. Louis - Member and Consultant

High Tech Crime Consortium - Advisor

DHS Committee on Cyber-Terrorism - Member

References:

Professional and Federal references are available when appropriate.

Contact this candidate