Jaroslaw “Yarek” Biernacki
“Yarekx IT Consulting LLC” – President; Address: 11745 Arbor Glen Way, Reston, VA 20194
Mobile phone: 703-***-**** E-mail: ********.*********@******.*** Website: http://www.yarekx.com
LinkedIn: https://www.linkedin.com/in/jaroslaw-biernacki-6b1331359/
OBJECTIVE:
Seeking 100% REMOTE (no travel), NATIONWIDE, SENIOR APPLICATION SECURITY ENGINEER SME job.
Alternative position names: Manual Source Code Reviewer, Application Penetration Tester, Red Team Lead, Ethical Hacker, Application Security Consultant, Senior Information Systems (IS) Security Auditor, PCI Auditor, Security Advisor Engineer (SAE), Security Testing Engineer, Principal Security Subject Matter Expert (SME), Information Assurance Technical Analyst, Senior IT Security Analyst, System Security Architect.
Seeking Penetration Tester consulting position in a network security field with exposure to: penetration testing, manual and automated testing of: operating system, network, web application (DAST), source code (SAST), Software Composition Analysis (SCA) tools, mobile devices, database, wireless, cloud, and social engineering (phishing). And also exposure to: website security, security testing, network architecture and configuration audit, cloud security (on Azure App Service Environment (ASE) and Amazon Web Services (AWS)), application vulnerability assessments (AVA) and scanning, continuous integration/continuous deployment (CI/CD) pipelines, cyber security of Industrial Control System (ICS) / Supervisory Control and Data Acquisition (SCADA), software architecture security analysis, Protected Health Information (PHI), DevOps (development and operations) & SecDevOps (Securing DevOps), Secure Software Development Life Cycle (SSDLC), mitigation strategies and solutions, threat modeling, hardening, enterprise patch management, Continuous Monitoring (CM), U.S. federal government IT security FISMA compliance, 3 compliance, Certification and Accreditation (C&A), Security Assessment and Authorization (SA&A), Federal Risk and Authorization Management Program (FedRAMP), DoD DISA STIG compliance, financial services & secure banking compliance (PCI DSS, SOX, Basel II), banking applications Information Systems (IS) security audits, information security standards ISO/IEC 27001 & 27002.
SECURITY CLEARANCE / CITIZENSHIP:
Active DHS Suitability and TS/SCI (Top Secret Sensitive Compartmented Information) (since February 2016)
Active DoD TS SSBI (Top Secret Single Scope Background Investigation) Continuous Evaluation (CE) clearance.
Non-active DoD DSS DISCO (Department of Defense, Defense Security Service, Defense Industrial Security Clearance Office) Secret clearance (February 2006 - 2016).
Non-active DoED (Department of Education) 6C clearance (2008 - 2013).
Non-active OPM National Agency Check with Inquiry (NACI) security clearance (March 2003 - 2008).
Holding U.S. Citizenship (since 1999).
SUMMARY:
Offering a unique mixture of penetration testing, web application / computer / network security, auditing, network system engineering, operational security, management, and government consulting skills, experience, and knowledge.
Offering for clients the usage of the best commercial penetration testing tools available on the market (many expensive pentesting tools’ licenses are already owned). It previously resulted in winning government contract bids.
Experience consists of 37 years of exposure in computers and networks, 30 years in information security / assurance, 25 years in information system (IS) security auditing,, 23 years in penetration testing and vulnerability assessment, 23 years in application security, 23 years in project management, 23 years supporting government clients (DoD/ANGB, DSS, DISA; DHHS/FDA, PSC; DoL/ESA; DoS/CA; DHS/FEMA, TSA, CISA; DoED, FHFA, LOC, USAID, OPM), 15 years in source code review, and 13 years in supporting commercial companies in telecommunication, financial services, banking industry, including banking applications Information Systems (IS) security audits, Education includes ~50 IT certifications, 100+ courses, a Master Degree in Geography (1990), and a second Master Degree in Information Security (2004).
Information security and audit skills: support the secure development of systems by discovering information protection needs, defining system security requirements, designing systems security architecture, implementing system security, and finally assessing information protection effectiveness to ensure that they support the business mission and provide assurance. Ensure that all practical steps have been taken to protect the information system itself, as well as the data it contains from violations of policy, laws or customer expectations of availability, confidentiality, and integrity. Writing security policies, standards, procedures, guidelines, best practices, Project Management Plans (PMP), System Security Plans (SSP), Contingency Plans (CP), Security Categorization Report (SCR), Security Requirements Traceability Matrix (SRTM), Incident Response Plans (IRP), Disaster Recovery Plans (DRP), Business Continuity Plans (BCP), Plan of Action and Milestones (POA&M) for General Support Systems (GSS) and Major Applications (MA). Performing Privacy Impact Assessment (PIA), Business Impact Analysis (BIA), Framework Self-Assessment (FSA), Risk Assessment (RA), conducting Certification and Accreditation (C&A) activities in accordance with DITSCAP and NIACAP, preparing Authority To Operate (ATO) documents, developing Security Test and Evaluation (ST&E) and Certification Test and Evaluation (CT&E) plans and procedures, Continuous Monitoring (CM), security test reporting, and other deliverables for system accreditation.
Exposure and experience with: Penetration Testing Framework (PTF) v.0.59, Penetration Testing Execution Standard (PTES), Open Web Application Security Project (OWASP) Testing Guide v.3, OWASP Top 10, OWASP Software Assurance Maturity Model (SAMM), The Open Source Security Testing Methodology Manual (OSSTMM) v3, NIST SP 800-115 "Technical Guide to Information Security Testing and Assessment", NIST SP 800-53 "Security and Privacy Controls for Federal Information Systems and Organizations", NIST SP 800-37 "Guide for Applying the Risk Management Framework to Federal Information Systems", Federal Risk and Authorization Management Program (FedRAMP), Third Party Assessment Organization (3PAO), Sarbanes-Oxley Act (SOX) compliance, Health Insurance Portability and Accountability Act (HIPAA) compliance, The Institute of Internal Auditors (IIA) professional standards, Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE), Control Objectives for Information and Related Technology (COBIT), Governance Risk and Compliance (GRC), information security standards ISO/IEC 27001 & 27002, System Development Life Cycle (SDLC), Federal Information System Controls Audit Manual (FISCAM), Systems Assurance (SA), Quality Assurance (QA), Information Assurance (IA) policies, GISRA/FISMA compliance reporting and enforcement, developing of Information Systems Security (ISS) solutions, Configuration Management (CM), Continuity of Operations Planning (COOP), Secure Software Development Life Cycle (SSDLC), software architecture security analysis, Information Assurance Vulnerability Assessments (IAVA), Application Vulnerability Assessment (AVA), Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Software Composition Analysis (SCA) tools, Penetration Testing of critical applications including banking applications Information Systems, Identity and Access Management, detection and mitigation weaknesses to prevent unauthorized access, protecting from hackers, incident reporting and handling, cybercrime responding, analyzing Intrusion Detection System (IDS), Intrusion Prevention System (IPS), developing Data Leakage Prevention (DLP) strategy, performing computer forensic, security auditing and assessment, regulatory compliance analysis, testing, and remediation consulting, securing Protected Health Information (PHI), Personally Identifiable Information (PII), Sensitive Security Information (SSI), point-of-sale (POS) transactions, and card holder data (CHD) environments, creating a security review program, architecting and implementing customer security solutions, developing a security training and awareness program, anti-virus scanning, security patch management, testing hardware/software for security, hardening/auditing Windows, UNIX, VMS, SQL, Oracle, Web, and network devices, providing recommendations for secure network architecture, firewalls, and VPN.
Network system engineering and operational skills: extensive experience in the full life cycle network development (routers, switches, and firewalls), network requirement analysis, architecture, design, drawing, specification, configuration, test, simulation, implementation, development, integration, operation, maintenance, system administration, system performance optimization, software and hardware troubleshooting, and product research and evaluation.
Management and organizational skills: write winning proposals for federal government IT security contract solicitations, provide leadership, motivation, and direction to the staff, successfully managing day-to-day operations, tasks within schedule and budgetary constraints, responsible leader, manager, evaluator and decision-maker, thinking independently, identifying project scope, analyzing and solving complex problems, quickly learning and applying new methods, adapting well to changing environment, requirements and circumstances, excellent collaborating with corporate and government customers and technology stakeholders, excellent writing, oral, communication, negotiation, interviewing, and investigative skills, performing well in teams as well as independently, working effectively under pressure and stress, dealing successfully with critical deadlines, implementing activities identified in statements of work (SOW), detail orienting, managing team resources efficiently to ensure customer satisfaction and maximize team utilization and effectiveness (Information Resources Manager – IRM), utilizing time management, and project management methodology.
NETWORK SECURITY PROFESSIONAL CERTIFICATIONS:
CISSP – Certified Information Systems Security Professional # 35232 (by ISC2 in 2002)
GWAPT – GIAC Web Application Penetration Tester # 3111 (by SANS in 2011)
CPT – Certified Penetration Tester (passed written & practical exploitation exam; by IACRB in 2015)
LPT – Licensed Penetration Tester #BI07-049 (by EC-Council in 2007)
ECSA – E-Council Certified Security Analyst (by EC-Council in 2006)
CEH – Certified Ethical Hacker #916277 (by EC-Council v.4 in 2006 & v.8 in 2014)
CHCP – Certified Hacking and Countermeasures Professional (by Intense School in 2003)
HBSS – Host Based Security System Certification (by McAfee in 2009)
CHS-III – Certification in Homeland Security – Level III #101535 (the highest level) (by ACFEI in 2004)
NSA CNSS – National Security Agency & Committee National Security Systems Certification (by NSA in 2003)
NSA IAM – National Security Agency INFOSEC Assessment Methodology (by NSA in 2003)
CSS1 – Cisco Security Specialist 1 (by Cisco in 2005)
SCNP – Security Certified Network Professional (by SCP in 2002)
CSSCS – Cyber Security Strategy Certified Specialist (by LTI - Learning Tree Inc in 2015)
CECSS – Certified Expert in Cyber Security Strategy (by LTI - Learning Tree Inc in 2016)
PSCS – Perimeter Security Certified Specialist (by LTI - Learning Tree Inc in 2015)
CEPS – Certified Expert in Perimeter Security (by LTI - Learning Tree Inc in 2016)
NSCP – Network Security Certified Professional (by LTI - Learning Tree Inc in 2002)
EWSCP – Enterprise and Web Security Certified Professional (by LTI - Learning Tree Inc in 2002)
SOFTWARE PROGRAMMING PROFESSIONAL CERTIFICATIONS:
CJPS – Certified Java Programming Specialist (by LTI - Learning Tree Inc in 2014)
CJP – Certificate Java Programming (by NVCC - Northern Virginia Community College in 2014)
MOBILE PROFESSIONAL CERTIFICATIONS:
GMOB – GIAC Mobile Device Security Analyst #524 (by SANS in 2015)
CMDMADS – Certified Multi-Device Mobile Application Development Specialist (by Learning Tree Inc in 2014)
CADS-Android – Certified Application Development Specialist – Android (by LTI - Learning Tree Inc in 2014)
CADS-iOS – Certified Application Development Specialist – iOS (by LTI - Learning Tree Inc in 2014)
CADE-iOS – Certified Application Development Expert – iOS (by LTI - Learning Tree Inc in 2016)
MANAGEMENT PROFESSIONAL CERTIFICATIONS:
CISM – Certified Information Systems Manager #0912844 (by ISACA in 2009)
CEISM – Certificate in Enterprise Information Security Management (by MIS in 2008)
ITMCP – IT Management Certified Professional (by LTI - Learning Tree Inc in 2003)
PMCP – Project Management Certified Professional (by LTI - Learning Tree Inc in 2003)
CEPMR – Certified Expert in Project Management Risk (by LTI Learning Tree 2016)
CSMCS – Cyber Security Management Certified Specialist (by LTI - Learning Tree Inc in 2015)
CECSM – Certified Expert in Cyber Security Management (by LTI Learning Tree 2016)
CSRAMCS – Cyber Security Risk Assessment & Management Certified Specialist (by LTI Learning Tree 2015)
CECSRAM – Certified Expert in Cyber Security Risk Assessment & Management (by LTI Learning Tree 2016)
CBGS – Certified Business to Government Specialist (by B2G in 2007)
AUDITING PROFESSIONAL CERTIFICATIONS:
CISA – Certified Information Systems Auditor #0435958 (by ISACA in 2004)
CITA – Certificate in Information Technology Auditing (by MIS in 2003)
NETWORK ENGINEERING PROFESSIONAL CERTIFICATIONS:
CCIE – Cisco Certified Internetwork Expert candidate (passed a written exam) (by Cisco in 2001)
CCDP – Cisco Certified Design Professional (by Cisco in 2004)
CCNP – Cisco Certified Network Professional (by Cisco in 2004)
CCNP+ATM – Cisco Certified Network Professional + ATM Specialization (by Cisco in 2001)
CCDA – Cisco Certified Design Associate (by Cisco in 2000)
CCNA – Cisco Certified Network Associate (by Cisco in 1999)
MCSE – Microsoft Certified Systems Engineer (by Microsoft in 1999)
MCP+I – Microsoft Certified Professional + Internet (by Microsoft in 1999)
MCP – Microsoft Certified Professional (by Microsoft in 1999)
USACP – UNIX System Administration Certified Professional (by LTI - Learning Tree Inc in 2002)
SSACP – Solaris Systems Administration Certified Professional (by LTI - Learning Tree Inc in 2002)
Network+ – Computing Technology Industry Association Network+ (by CompTIA in 1999)
A+ – Computing Technology Industry Association A+ Service Technician (by CompTIA in 1999)
DoD 8570.01-M INFORMATION ASSURANCE WORKFORCE (IAWF) IMPROVEMENT PROGRAM CERTIFICATION POSITION LEVELS:
IAT – Information Assurance Technical Level III (DoD Directive 8570) (by DoD in 2004)
IAM – Information Assurance Manager Level III (DoD Directive 8570) (by DoD in 2002)
CND-AU – Computer Network Defense-Service Provider (CND-SP) Auditor (DoD Directive 8570)
AFFILIATIONS:
ACFEI – member of the American College of Forensic Examiners International (www.acfei.com)
CSI – member of the Computer Security Institute (www.gocsi.com)
IEEE – member of the Institute of Electrical and Electronics Engineers (www.ieee.org)
IIA – member of the Institute of Internal Auditors (www.theiia.org)
ISACA – member of the Information Systems Audit and Control Association (www.isaca.org)
ISSA – member of the Information Systems Security Association (www.issa.org)
NAGC – member of the National Association of Government Contractors (web.governmentcontractors.org)
NBISE OST – member of the National Board of Information Security Examiners’ Operational Security Testing Panel (https://www.nbise.org/home/about-us/governance/ostp)
NoVaH – member of the Northern Virginia Hackers, DC InfoSec Group (http://novahackers.blogspot.com)
OWASP – member of the Open Web Application Security Project (OWASP) Northern Virginia Chapter
(https://www.owasp.org/index.php/Virginia) and Washington DC Chapter (https://www.owasp.org/index.php/Washington_DC)
EDUCATION:
Master of Science in Information Technology, Specialization in Information Security, School of Technology, Capella University, Minneapolis, MN (July 2004, GPA 4.0 – Summa Cum Laude). Wrote degree thesis on the subject: "Network Vulnerability Assessment at a U.S. Government Agency".
Master of Science in Geography, Specialization in Geomorphology and Quaternary Paleogeography, Faculty of Geosciences and Geology, Adam Mickiewicz University, Poznan, Poland (July 1990).
COURSES / CLASSES:
Attended 100+ classes: Web Application Penetration Testing and Assessment (by BlackHat, SANS, EC-Council, Learning Tree Int, InfoSec Institute, Foundstone, Intense School, Global Knowledge, MIS Training Institute, Cisco, ISACA, and ARS), SANS Defending Web Applications Security Essentials, SANS Network Penetration Testing and Ethical Hacking, SANS Mobile Device Security and Ethical Hacking, SANS Wireless Ethical Hacking, Penetration Testing, and Defenses, EC-Council Ethical Hacking and Penetration Testing, SANS Hacker Techniques, Exploits, and Incident Handling, Hands-On Security in DevOps (SecDevOps), SANS System Forensics, Investigations, and Response, Mobile Application Development (iPhone, Android), Foundstone Cyber Attacks, McAfee HBSS 3.0, Managing INFOSEC Program, Sarbanes-Oxley Act (SOX) compliance, Writing Information Security Policies, DITSCAP, CISSP, Project Risk Management, Auditing Networked Computers and Financial Banking Applications, Installing IBM AppScan Enterprise, Standard, Source; Securing: Wireless Networks, Firewalls, IDS, Web, Oracle, SQL, Windows, and UNIX; Windows, Linux, and Unix Systems Engineering and Administration; Programming, Web Development: Java, Objective-C, JavaScript, Python, PHP, Drupal, Shell, .NET C#, VB.
TECHNICAL SUMMARY:
SECURITY DOCUMENTATIONS, PROCESSES, POLICIES, STANDARDS, and GUIDELINES:
Security policies, standards, and procedures, SSP, SSAA, POA&M, PIA, BIA, FSA, RA, CP, DRP, BCP, COOP, C&A, SA&A, FedRAMP 3PAO, DITSCAP, NIACAP, ATO, IATO, SRTM, ST&E, CT&E, SA, QA, IA, GISRA, FISMA, HIPAA, PHI, PII, PCI DSS, ISS, CM, IAVA, IDS, DAA, PDD-63, OMB A-130, A-11 Exhibits 300s, NIST SP 800 series, FIPS 199, FISCAM, STIG, SRR, ISO 17799/27001/27002, OCTAVE, COBIT, COSO, PCAOB, IIA, ISACA, CVE, CWE/SANS Top 25, CVSS, WASC, OWASP Top 10, SAMM, OSSTMM, PTES, PTF, RMF, APT, SDLC, SSDLC, AVA, DAST, SAST, SCA, STRIDE, DREAD.
PROTOCOLS and STANDARDS:
Encryption standards: VPN, IPSec, ISAKMP, IKE, DES, 3DES, AH, ESP, PKI, PGP, X.509, SSH, SSL, TLS, hashing (SHA, MD5); RADIUS, TACACS+. Networking protocols: BGP, OSPF, IS-IS, EIGRP, IGRP, RIP, ARP, ATM, Frame Relay, NAT, HSRP, VLAN, TCP/IP, DNS, NetBEUI, DHCP, HTTP, Telnet, FTP, TFTP, VoIP, T1, T3, OC 3-48, SONET. Web protocols: XML, SOAP, WSDL, REST, JSON, UDDI: Wi-Fi: WLAN, WEP, WAP.
HARDWARE:
Cisco Routers, Catalyst Switches, PIX Firewalls, Cisco VPN Concentrators, Cisco Intrusion Detection System Appliance Sensors (NetRanger), Cisco Aironet Wireless Access Point; Juniper Routers; Foundry Networks Routers and Switches; Intrusion.com with Check Point Firewall; CSU-DSU; SUN, HP, Dell, Compaq servers.
SOFTWARE, PROGRAMS, TOOLS, and OPERATING SYSTEMS:
Penetration Testing tools:
CORE Security CORE Impact (OS, web, and wireless modules), Rapid7 Metasploit Framework (with Armitage) Pro and Express, Cobalt Strike, SAINT Corporation SAINTExploit, NGSSQuirreL for SQL/Oracle/Informix/DB2 database pentesting tools, Application Security AppDetective Pro database pentesting tool, Offensive Security Kali Linux, w3af, sqlmap, Havij, Portcullis Labs BSQL Hacker, PortSwigger Burp Suite Pro
Operating System scanners:
Rapid7 Nexpose, Lumension PatchLink Scan (formerly Harris STAT Guardian) vulnerability scanner and PatchLink Remediation module, ISS (Internet and System Scanner), GFI LANguard Network Security Scanner, Tenable Nessus Security Scanner, Secure Configuration Compliance Validation Initiative (SCCVI) eEye Retina Digital Scanner, Foundstone FoundScan scanner and SuperScan, Shavlik NetChk, Shadow Security Scanner (SSS), Microsoft Baseline Security Analyzer (MBSA), Center for Internet Security (CIS) Security Configuration Benchmarks, QualysGuard, ManTech Baseline Tool Kit (BTK) configuration scanner, Gold Disk, Anomaly Detection Tool (ADT), CIS Cisco Router Audit Tool (RAT), Cisco Secure Scanner (NetSonar), nmap/Zenmap.
Oracle/SQL Database scanners, audit scripts, and audit checklists:
Application Security Inc.’s AppDetective Pro database audit tool; NGSSQuirreL for SQL, NGSSQuirreL for Oracle, NGSSquirreL for Informix, NGSSQuirreL for DB2 database audit tool; Shadow Database Scanner (SDS); CIS Oracle audit script; Scuba Imperva Database Vulnerability Scanner, Ecora audit software for Oracle; State Dept Oracle 8i / 9i R2 RDBMS / SQL 2000 audit script; State Dept Oracle 8i / 9i / 10g / SQL 7 / 2000 / 2005 security hardening guides and audit checklists; Homeland Security Dept, DoD DISA STIGs, and CIS security guides and checklists for Oracle and SQL, DB Browser for SQLite, SQLiteSpy.
Web application scanners and tools:
Micro Focus (HP) WebInspect v.8, 9, 10, 17, 18; IBM Security AppScan Enterprise and AppScan Standard Edition v.7, 8, 9; Acunetix Web Vulnerability Scanner (WVS) v.6, 7, 8, 9, 9.5, 10, 11, 12; Cenzic Hailstorm Pro, Mavituna Security Netsparker, N-Stalker Web Application Security Scanner, Syhunt Dynamic (Sandcat Pro), Subgraph Vega, OWASP Zed Attack Proxy (ZAP), CORE Security CORE Impact Pro web module, SAINTExploit Scanner, IronWASP, Foundstone SiteDigger, Samurai Web Testing Framework (WTF), PortSwigger Burp Suite Pro Scanner, Parosproxy Paros, SensePost Wikto, NTO Spider, CIRT nikto2, BeEF, Web Application Attack and Audit Framework (w3af), OWASP WebScarab, wget, Absinthe, HTTPrint, DirBuster, Grendel-Scan, RatProxy, SprAJAX, Flare, SoapUI, Durzosploit, TamperIE, Firefox plug-ins: Web Developer Extension, Live HTTP Headers Extension, TamperData, Fiddler, Security Compass Exploit-Me (SQL Inject Me and XSS Me).
Application source code scanners, tools, and utilities:
IBM Security AppScan Source Edition, Micro Focus (HP) Fortify Static Code Analyzer (SCA), Fortify Software Security Center (SSC), Checkmarx CxSuite: Static Application Security Testing (CxSAST), Open Source Analysis (CxOSA), Interactive Application Security Testing (CxIAST), Developer AppSec Training (CxCodebashing), Software Composition Analysis (SCA) tools, FindBugs, JetBrains IntelliJ IDEA, Armorize Technologies CodeSecure, Klocwork Solo for Java, Code DX, Brakeman Pro, Dependency-Check, Cppcheck, flawfinder, PyCharm, pychecker, pylint, Scalastyle; Scanning, and analyzing following languages and technologies: C, C++, JavaScript, Java, J2EE, ColdFusion, ASP, .NET C#, Visual Basic, PHP, Perl, Python, SQL, Scala, Ruby, Ruby on Rails, HTML, COBOL, REST, JSON, Integrated Development Environments (IDE) Eclipse, Visual Studio.
Mobile emulators, simulators, tools, and utilities:
Android Studio IDE – Integrated Development Environment (SDK - Software Development Kit tools, Android Emulator, AVD - Android Virtual Device Manager, ADB - Android Debug Bridge), Apple Xcode (iOS Simulator), BlackBerry 10 Simulator, BlackBerry Ripple Emulator, Windows Phone Emulator, Opera Mobile, Apple Configurator for Mobile Device Management (MDM) solution, Mobile Security Policy, Burp Suite Pro, drozer framework (Android explore & exploit), androwarn (Android static analysis), iNalyzer, iAuditor, iPhone Analyzer, iPhone Backup Browser, iBrowse, iExplorer, iFunbox, DB Browser for SQLite, SQLiteSpy, Satori, plist Editor, DroidBox, apktool, dex2jar, and Java decompilers: JD-GUI, Procyon, jadx, JAD; MagicBerry IPD Reader, Elcomsoft Phone Password Breaker (EPPB).
Programming Languages and frameworks (different level of knowledge):
Java, PHP, Perl, Shell, Python, Ruby, Ruby on Rails, Objective-C, .NET (C#, Visual Basic), C, C++, Scala, Groovy, HTML, XML, T-SQL, PL/SQL, Django, JavaScript, AngularJS, React, jQuery.
Wireless scanners:
CORE Security CORE Impact wireless module, Fluke OptiView Network Analyzer, NetStumbler wireless detector, Kismet, Airsnort, aircrack-ng suite, inSSIDer, Xirrus WiFi Inspector, AirPcap.
Forensics Tools:
EnCase, SafeBack, FTK – Forensic Toolkit, TCT – The Coroner's Toolkit, nc, md5, dd, and NetworkMiner.
Miscellaneous programs and services:
McAfee HBSS 2.0, 3.0 (ePO Orchestrator 3.6.1, 4.0), McAfee Hercules, VMWare, BlackICE, ZoneAlarm, Snort NIDS, Tripwire HIDS, NetIQ Security Manager, Checkpoint Firewall, Cisco Secure IDS Host Sensor – CSIDSHS, Cisco Secure Policy Manager – CSPM; Symantec products (AntiVirus, AntiSpyware, Firewall, IDS), Splunk, Wireshark (Ethereal) sniffer, tcpdump, MS Office, MS IIS 4/5/6, MS SQL 7/2000/2005, Oracle 8i/9i/10g/11g/12c, whois, nslookup, DIG, Netcraft, Geoiptool, Dnsstuff, FOCA, Paterva’s Maltego, ServerSniff, Google Hacking DataBase (GHDB), Robtex, Foundstone SSLDigger, THCSSLCheck, SSLScan, openssl, SSHCipherCheck, netcat, p0f, Fierce DNS Scanner, L0phtcrack, John the Ripper, Cain & Abel, Custom Word List Generator (CeWL), Sam Spade, NTFSDOS, Pwdump2, SolarWinds, Pwnie Express Pwn Plug Elite, Pwn Pad, Cuckoo, Regshot.
Operating Systems:
Windows (DOS/3.1/95/98/NT/2000/XP/2003/Vista/2008/7/8/10/2012), UNIX, Linux, Cisco IOS, Mac OS X, iOS.
VULNERABILITY ASSESSMENT / ETHICAL HACKING / PENETRATION TESTING SKILLS:
Hacking Methodology: footprinting, scanning, enumeration, penetration, and root access privilege escalation.
Hacking Techniques: cracking, sweeping, SYN flooding, audit log manipulation, DNS Zone transfer, DDoS, IP spoofing, sniffing, brute force, buffer overflows, keystroke logging, trojans, and backdoors.
Countermeasures: patching, honey pots, firewalls, intrusion detection, packet filtering, auditing, and alerting.
Application vulnerabilities: inadequate input validation, SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), buffer overflow, security misconfiguration, cookie manipulation, insecure cipher.
EXPERIENCE:
August 2015 – present Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity Division (CSD) Mission Engineering (ME) Subdivision (former National Protection and Programs Directorate (NPPD) Office of Cybersecurity and Communications (CS&C) Network Security Deployment (NSD)) on contract with SCS / Arcfield (former Inspyir, Peraton, Perspecta, Vencore)
as sub-contractor on project through own company – Yarekx IT Consulting LLC; Chantilly & Ballston, VA – Senior Application Security Engineer SME / Lead Penetration Tester.
Supported the Department of Homeland Security (DHS) Systems Engineering and Integration (SE&I) Program.
Performed various security audits, educated the client about the risks, and provided mitigation strategies.
Conducted network and application penetration and vulnerability testing, logical security assessments, and hands-on technical security evaluations and implementations against commercial and in-house built applications.
Conducted software architecture and application source code audits (using automated scanning tools and manual source code analysis), Static Application Security Testing (SAST), SCA tools, application Dynamic Application Security Testing (DAST), and web services analysis (SOAP, RESTful) as part of application Secure Software Development Lifecycle (SSDLC), performed on physical and on Amazon Web Services (AWS) cloud servers.
Operated with the developers throughout the development lifecycle in the Agile software development of the multiple simultaneous projects and help them to find and fix application vulnerabilities and misconfigurations, to ensure compliance with secure software development lifecycle (SSDLC) best practices and DHS standards.
Performed automated assessments and manual Static Code Analysis delivered during Agile Sprint cycles development during operations against DHS secure code policies and industry (CERT) best practices.
Manually reviewed source code for software flaws, improper configuration, and poor development practices.
Ensured source code security by integrating automated static and dynamic analysis tools into CI/CD pipelines.
Implemented best practices for source code security within CI/CD pipelines, automated code and dependency checks reviews, improved code quality and reliable software delivery in every software deployment life cycle.
Found, reported, and mitigated web and source code issues related to OWASP Top 10: SQL Injection, Cross-Site Scripting (XSS), Cross Site Request Forgery (CSRF), Broken Authentication, and Session Management.
Ensured existing application security controls are adequate and identified those that require improvement.
Collaborated with software development groups to remediate identified security issues and provide detailed recommendations on how software development lifecycles need to be modified to address issues.
Coached developers’ groups in vulnerability assessments, secure coding practices, and security processes to ensure that security events are properly identified, mitigated, and documented according to department standards.
Worked with developers during application design stage and documenting secure software development practice.
Introduced SecDevOps (securing development & operations); trained developers to use secure design patterns.
Conducted architecture review, STRIDE threat modeling, DREAD risk assessment, FISMA compliance check.
Installed, administered, customized, operate, taught, and wrote user guides for automated source code scanning tools: Micro Focus (HP) Fortify