Dave Patterson

*** ******* **.

Centerton, Arkansas 72719

Cell: 408-***-****

Email: ads8ff@r.postjobfree.com

Objective: I am a seasoned IT professional with a diverse background in technical and business experience in Operations and Information Security. If you are seeking a motivated, detail oriented team-player, willing to learn and share new technology, I am currently seeking a position within your organization.

Specialties: Application development, process improvement and automation (physical and electronic), architecture design, access provisioning, vulnerability management, security incident analysis and remediation, threat hunter, disaster resiliency and recovery, project management, problem solving, cross-functional communicating, writing, mentoring, team building, Teaching/Training, Public speaking, ERP, finance reporting, client relations, customer service, technical jargon translator

Technical Experience:

Security Analyst - Allegiant Airlines

January 2014 Las Vegas, Nevada Area

Performed installation of MovIt by Ipswitch (AKA Progress) for securing file transfers. This application is used for the crew to communicate in a secure manner. Stewards could reliably place orders via a mobile device for foods aboard the aircraft. This was in order to comply with PCI, HIPAA, CCPA as well as GDPR and SOX governance requirements.

Security PCI Program Coordinator (TEK Systems) / Caesars Entertainment Corporation

March 2012 – January 2014 Las Vegas, Nevada Area

Organization of Data Digital Security team activities and individual projects for the PCI Security Program

Monitor and report PCI Program project progress

Vulnerability Management - Perform vulnerability scans, define and reported insecure compliance issues within the cloud infrastructure.

Incident Response - Respond to security incidents reported via SIEM applications, through successful resolution

Investigate and remediate: Virus Infections, elevated privileges, Cisco ASA PIX FW issues, load failure/terminated/missing AV definitions, etc.

Write and Critique - Security Policies, guidelines, standards, procedures and best practices.

Develop Team communications web pages through SharePoint that included FAQ, Knowledge base, individual, team and organizational information, project Gantt charts, calendars and security updates

Deploy 2-factor Symantec VIP token authentication for VPN

Design and develop the internal department web site to formally exchange required information to the enterprise and to produce seamless online engagement for providing expedient client services regarding security matters. Programming in HTML, JavaScript and CSS.

Information Security Investigator / Analyst - Cisco Systems

March 2002– July 2011 (9 years 6 months) Remote Position

Information security incident diagnosis and remediation, process improvement and automation, intrusion detection, application and system vulnerability assessments, Security Tiger Team leader/facilitator, provided case-by-case incident metrics, Multi-Project Manager, Windows Security Team Lead, Southern Nevada InfraGard member

CSIRT and Infrastructure Security Teams, personally handled ~800 individual security incident cases on a yearly basis that included malware, botnet, spam, phishing, email spoofing, compromised access, copyright infringement, and other issues requiring remediation.

Investigations were performed with the use of SPLUNK, Netforensics, Wireshark and other tools, along with network commands to gather and validate pertinent information relative to each case.

Performed application PCI risk assessments to enforce compliance of security policies for SOX and ISO standards

Performed penetration tests. Random exploits to demonstrate accessibility to vulnerable systems (Metasploit)

Communicated information security awareness to enterprise cliental via presentations, white papers, memos and videos

Enforced security compliance by notifying and instructing sys/app owners of the latest vulnerabilities and remediation

Maintained the Host Security web site and documentation (procedures, governance initiatives, policies, upgrades, etc.)

Worked with many administrators to improve/streamline the various operating systems and applications patch processes.

Apache vulnerability remediation project to migrate 10k+ global web servers to a secure version or decommissioned.

Identified and investigated unregistered generic accounts and saw them through to legitimate registration or removal.

Implemented upgrade migration of Remedy7 problem ticketing system for Information Security

Developed automated internal/external incident engagement process, decommissioned obsolete manual process

Created a case reduction initiative through process improvement and policy communication

Completed implementation for; cleaning up /etc/group UNIX files, email account creation, tracking and disabling unused UNIX accounts, identifying and disabling unused accounts.

Completed cross-functional project to validate and resolve the UNIX dba group access on all critical business systems

Removed insecure r*commands from Unix hosts (like rlogin) and services such as ftp, login, telnet, shell & exec and replaced with more secure services.

Managed the Netflow global deployment project to collect ingress/egress network traffic for SIEM integration.

Secure Shell (SSH) implementation replacing telnet and mapping Reflections to be user intuitive.

Eliminated excessive root access gained through the Sudoers elevated access privilege program

Managed the Vulnerability Alert Manager application project implementation – Security vulnerability alert database and installed original CVSS (common vulnerability scoring system) on board

Automated host security vulnerabilities detection and prevention process

Managed Lab security audits and compliance initiative for over 2000 Cisco internal labs located globally

Member of Anti Phishing Work Group (APWG), SANS and Forum of Incident Response Security Teams (FIRST)

Global Access Team Lead / Cisco Systems

March 1997– March 2002 (5 years 1 month)

Managed a global team consisting of 5 U.S based, 3 Europe and 4 located in Sydney.

Developed and implementation of OnRamp - Access provisioning web application.

Managed several application development projects through PLC (develop, test, implement) for newly introduced applications for automated account provisioning processes

Access Team representative, gave informative presentations to other departments whenever required.

Met with internal and external auditors on a regular basis to ensure SOX compliance on all levels and validating role-based access privileges

Team and individual meetings through phone, email and in person,

Regularly updated executive management team with information and business impacting data.

Performed and average of 14 acquisitions per year. Assimilating new employees without productivity loss

Managed employee and client relation issues at the team-lead level. Wrote, updated, edited and critiqued procedures.

Delegated, scheduled On-Call duty and provide coverage whenever needed.

Maintained department statistics and wrote quarterly executive summaries.

Created charts and graphs from statistics for reporting case load and performance data

Performed recruiting, interviewing, hiring, training (or delegate training), exit interviews

Continually strived to make improvements to the existing processes and workflow for the team.

Listened carefully to client survey feedback and make adjustments based on relative complaints and suggestions to improve and maintain high customer satisfaction.

Created accounts whenever there was a need such as covering queues, escalations or unusual access requests.

Created and setup programs that reduced steps for processes that could not be fully automated

TRAINING: Made visits to Raleigh, Amsterdam & Sydney. Met with TRC and Access in both regions and gave seminar forum presentations on all aspects of accounts ranging from security to interaction with various departments and clients. I trained additional team members in Sydney to handle the Asia Pacific region access requests.

SCM Team Lead / Cisco Systems/Operations

March 1999– March 2000 (1 year 1 month)

Managed a team of 4 individuals to deploy and maintain the enterprise application and database lifecycle version control system 'Apps-Integrity' (Chain Link)

Duties: Met with team members on group and individual basis. Engaged with internal clients for new development and implementation discussions. Maintained application performance records. Created and communicated version control policies and standards with clients.

Operations Analyst/Contractor - Cisco Systems/IT

March 1994 – March 1997 (3 years 1 month) Santa Clara, San Jose

Managed backups, produced system performance reports, maintained maximum system uptime through routine and out of cycle maintenance, managed weekly, monthly, quarterly MRP reporting via Minx (Later Oracle).

Developed many scripts and programs to automate the variety of processes that had many manual steps formerly that are still in use today

Developed and implemented the Emergency termination program to expedite the off-boarding process.

Track Lead in Oracle business system conversion project "Operation Backslash" for access provisioning.

Education:

University of Phoenix, BSB/EB, Electronic Business / 2000 – 2006

San Jose City College, Automotive Technology / 1974 - 1976

Networking (De Anza College) 1990

QualysGuard Certified Administrator – Policy compliance and vulnerability assessments

Completed 10 Security Domains course at SANS with Dr. Eric Cole. Preparing for CISSP examination

Counterterrorism (DHS)

Computer Systems Operations (HP)

Clear Writing Techniques (HP)

CFR49 & IATA hazardous materials certified in Logistics

Management and Supervision (San Jose Vocational School)

Certified California Fork Lift Driver (10 years active)

Lincoln High, Stockton, CA

Skills:

Pen test, UNIX/Linux, CSM, Qualys, Netflow, SPLUNK, netForensics, CSMars, Nagios, Nessus, Wireshark, Metasploit, Solutionary ActiveGuard, Symantec SEP, DLP, Cloud AWS, VIP, Perl, LDAP, BGP, Apache, Tibco, HTML, Javascript, CSS,TCP/IP, XML, C, C++, KSH, CSH, BASH, TCP/IP, VoIP, Alliance7(Remedy BMC), Business Objects, Cloud, SaaS, Bugzilla, Change Management, VPN, DHCP, DNS, Safeword (AAA), Softoken, RSA, Microsoft - Excel, Word, Access, Outlook, SharePoint, Dreamweaver, Interwoven, Wiki, Photoshop, Visio, Unix, Linux, Reflections2, Putty, MPEX, Windows98, WIN7, WIN10, Vista, Exchange, Outlook, Active Directory, Meeting Maker, MySQL, Oracle 9,12i, Minx, ERP, Mac OS, Lotus, Clarify, Ariba, DART (XTCM), EcoSign, Ipswitch, MOVEit, Crack, CPR certified

Additional Honors & Awards:

Cisco Systems ERP Team Award - February 1995

Strategic Services Key Contributor - February 1997

Cisco Systems IS Q3 FY97 Quarterly Outstanding Contractor Award - May 1997

Cisco Systems IT Q2 FY99 Quarterly Global Player Award - Access Team - March 1999

Cisco Systems IT Q2 FY01 Quarterly Outstanding Team Award "Access Team" - February 2001

Websites:

- Personal - http://www.employees.org/~dpatters

- Public Linkedin Profile - http://www.linkedin.com/in/dpatters

Contact this candidate