Summary

• MS with 28 years UNIX, 25 years Networking / Security, 20 years Microsoft experience. Have NERC CIP, SCADA, PCI, Integration, Troubleshooting, C, Perl, Java, Cloud, Android experience, etc.
• Directly managed up to 20 persons.
• Preventive and Protective Measures against Insider and Advanced Persistent Threats.
• Can build sufficient defense against USB hardware keylogger threat.

Professional Experience

Confidential

Security Consultant

Responsibilities:

• Hacking incident investigation, forensic analysis remediation, IT Audit of huge university environment.
• Made monitoring for hardware keyloggers. Built PoC for sufficient defense against USB hardware keylogger threat.
• TRA, likelihood, impact, risk evaluation, Harmonized / OWASP risk rating methodology.
• Vulnerability Assessments, WiFi Wardriving.
• Made remediation recommendations technical and policy including security incident investigation and BYOD .
• Designed Qradar deployment. Splunk.
• Found decision for all modern SIEM systems Qradar, enVision, Arcsight common problem.
• Citrix NetScaler reconfiguration project.
• OWASP code analysis project, lapse, eclipse, java.
• Mobile security project.
• Modbus malicious traffic analysis SCADA project .
• SAP BusinessObjects Business Intelligence, Oracle Security Project.
• Apache, OpenSUSE 12.3, CentOS, Windows XP, Android, iOS, Novell ZENworks Endpoint Security Management, Xen, VMware, Virtualbox, vagrant cloud automation, Windows Azure, Google Compute Engine, lua, botbrew, adb, python, sqlmap, ruby, perl, sh, IDA Pro, USB hardware keyloggers, USBDeview, udev, wireshark, tcpreplay, kbackup, zenmap, nessus, burpsuite, Wigle, Fortinet, rkhunter, Metasploit, YaST, Tripwire, Oracle Application Access Controls, NERC, PCI 2, OpenID, OAuth.

Confidential

Sr. Security Specialist

Responsibilities:

• Participated in legacy access system remediation after SOX / PCI 1 2 audit. Resolved integrity and access control problems with server farms configuration. ETL tasks. Made Perl, ksh, awk programming. Worked with CSV, XML, XSLT. Used COBIT, ISO 27001/2 standards.
• Worked with RSA enVision 4.0 SIEM, analyzed configuration, data collection, SOX / PCI related issues. Supported enVision implementation, wrote and analyzed enVision Reports.
• Worked on Suspicious Activity Reports, RBAC, File Integrity, RSA Archer eGRC, SAP NetWeaver projects.
• OS Hardening server, storage, private cloud security security policies / procedures, CyberArk.
• Worked with AIX, HP - UX, Solaris, Windows XP, Vmware, OpenSuSe 11.3/11.4, Redhat, Remedy.
• Participated in audit project.

Confidential

Build/Deployment/SysAdmin Team Lead, CISO,

Responsibilities:

• Restructured ITIL and Company Security systems to accommodate Good Practice standards.
• Managed distributed overseas sysadmin team.
• Worked with Amazon Cloud technology, AWS, AMI, Elasticfox and EC2.
• Conducted E-Commerce risk assessment.
• Configured iptables.
• Analyzed PCI requirements.
• Reviewed PCI code / infrastructure OWASP code review project, ReviewClipse plugin project, performed OWASP web application audit.
• Initiated Massachusetts data protection regulation project.
• Participated in Selenium, openCRX CRM, Solr projects.
• Analyzed commercial Imperva and opensource tools for WAF project. Installed / configured ModSecurity with Breach rule set as a part of PCI Compliance Project.
• Built Security awareness program.
• Worked with OpenSuSe, CentOS, RedHat, Vmware, Citrix, Xen, Puppet, Chef, java, java swing, jython, git, Eclipse, perl, shell. Used TOGAF for EPF Eclipse Process Framework .

Confidential

Security Consultant Crisis Manager, CISO,

Responsibilities:

• Mitigated insider threat.
• Redesigned Security / System Architecture, Video Management Solutions.
• Wrote security policy.
• Performed audit and forensic analysis, Harmonized / OWASP Threat Risk and Vulnerability Assessments. Searched for covert channels.
• Analyzed botnet attacks.
• Scanned for vulnerabilities by nmap 5, nessus 4 and webinspect, performed OWASP web application audit.
• Initiated EPIC tools project.
• Used Windows Vista / 2008, ScreenOS 5.4 Juniper, Mac OS X 10.6, iOS, OpenSuSe 11.1 / 11.2, FreeeBSD 7.2, Fedora, Simultaneous Dual-N Band Wireless Router, IP KVM, Startech, Foundry Load Balancer, MySQL, Apache, Hadoop Distributed File System HDFS, Pig, Hive, mediawiki, openldap, Open DS, OpenSSO, postfix, Cyrus imap, OWASP, THC-Hydra, burp suite professional v1.3, autopsy, munin, svn, yafic, dovecot, Time Machine, Xsan, AFP, skype.
• Performed PCI compliance analysis, infrastructure / DB / private cloud / code review.
• Created anti-spam project. Suggested Iron Port RSA as an anti-spam and DLP decision.
• ACL project for FreeBSD and MacOS.

Confidential

Responsibilities:

• Primary responsible for projects management.
• Led the design, testing, planning, and implementation of complex projects.
• Led the development and implementation of a broad, coordinated set of plans and programs to meet the goals and priorities of the company.
• Made the definition of project missions, goals, tasks, and resource requirements resolve or assist in the resolution of conflicts within and between projects or functional areas develop methods to monitor project or area progress and provide corrective supervision if necessary. GO-ITS 24, 25.
• Participated in outside professional activities to maintain knowledge on developments in the field.
• Continuously improved project management tool kits and methodologies.
• Was responsible for project staff.
• Participated in interviewing and hiring process.
• Used tools: Fedora c7, Gentoo r6, openSuSe 11, RedHat, Win2K/XP/Vista/2008, System Center Configuration Manager SCCM, lighttpd, Solaris 10, iptables, MySQL, SCADA, AGA-12, Modbus, DNP3, Perl, sh, bash, PHP, seagull, java, java swing, spring, javascript, flex lex, bison yacc, SSL certificates using openssl, umbrello, gnupg, C, Eclipse, cvs acl, bugzilla, cvs web, syslog-ng, snortalog, Nagios, Android, Nessus, HP WebInspect, N-Stalker, nikto, Paros, OWASP, Pantera, OVAL, SCAP, OpenVAS, SLAD, tiger, nessus plugins development nasl2, nmap, zenmap, snort Sourcefire, oinkmaster, ITSA v3.5, Wireshark v0.99.6, Metasploit framework 3.1, ruby, python, Burp Suite 1.1, MoinMoin Wiki, Drupal, Web Content Accessibility Guidelines, lua, NetIQ, Google Mail / Calendar / Talk / Docs, etc.
• Ruggedized IEEE 1613 complaint Platform Project. Used Schneider platform with flash memory drives.
• Identity Management Project AD, OpenSuSe LDAP, Fedora Directory Server, Sun Identity and Access Manager, Novell Identity Manager, WS-Security, SASL . Gentoo and Fedora pam ldap implementation.
• Created Version Transformation parsing and lexical analysis .
• Wrote Modbus gateway on Android platform.
• Participated in cloud computing project.
• Performed Ethical Hacking and Vulnerability Scanning Project Harmonized / OWASP Threat Risk and Vulnerability Assessments including general purpose and web application vulnerabilities scanning, vulnerabilities analysis, hardening, SELinux. Produced NERC and PCI compliance reports using Nessus, N-Stalker, Webinspect and Burp Suite, performed OWASP web application audit.
• Developed Snort SCADA signatures and Nessus vulnerability plugins.
• Created Snort enhancement project: EMERALD, SnortSP, SnortSMS.
• Contributed to snort reporting and syslog server projects based on complex message filtering, integrating, archiving and visualization made by syslog-ng, snortalog, perl.
• Participated in NERC and other industry, Canadian and NIST standards for example ISO 27001/2, COBIT, Domain Expert Working Groups further NIST 7628, Compliance project OEB / NEB .
• Managed ARP Poisoning project. Wrote SOW, Project phases.
• Initiated Security Information Event Management Project analyzed SRI's suggestion of EMERALD connected to ArcSight and opensource Squil
• SCADA Audit project.
• Assisted in staff development and mentor colleagues as needed.
• Used TOGAF and Zachman framework.
• Participated in Hydro One, Smart Meter / ZigBee / GO-ITS 51, High Availability HA, HDFS Hadoop Distributed File System, SDLC Projects.
• Used Bugzilla Problem / Change Management. Architected ICT Technical Support Management based on moinmoin wiki.
• Security Monitoring.
• Third Brigade and OSSEC Open Source Host Intrusion Detection and Prevention Project HIDS / IPS
• As a part of projects support I created Network Infrastructure and Servers System Administration Cisco, OpenSuse, Gentoo, Solaris, Fedora, RedHat, Windows NT/ 2003/ XP/ Vista/2008, Installation, System Configuration, Network and System tuning, hardening, scripting sh, bash, tcsh, perl, NFS, SMTP, POP3, IMAP, HTTP, HTTPS, DNS, NTP, SNMP, etc.

Confidential

Hummingbird Exceed 7.0, Cygwin, Cygwin-X, KDE, Windows XP, Remedy 5.5, Solaris 8/9/10, AIX, Linux RedHat, CentOS, LFS, Operator, Novell SuSe, Knoppix, BackTrack, Ubuntu, VMware installation / configuration / support, Big Brother 1.9e, Mirapoint 4500N MOS, Sunfire 1600 chassis, B100s blades, NetApp FAS960 SAN, Sunfire V210, HP Proliant DL360, IBM BladeCenter XTR14NCE, IBM Blades HS20, RAID management and clustering, Cisco, F5, IronPort AsyncOS 4.7, MS Exchange, PostgreSQL-7.3.4, OpenLDAP 2.1.29, BerkeleyDB 4.2.52p2, Apache 2.0.48, Juniper Firewall, syslog-ng, mod jk 1.2.5, Jakarta Tomcat 3.3.1a, jsdk-1.4, Oracle, Weblogic, Sybase, MS Visio, Axure PR, MS Excel, Evolution, Ethereal, Bluetooth, GPRS, EDGE, EPIC tools, Mars, SolarWinds, Sendmail, SnertSoft, milter, postfix, cloud technology SAAS, server index query protocol for email reputation and identity project, data flow diagrams, umbrello.

Responsibilities:

• Service problems resolving.
• Was a primary point of contact and advice.
• Scripting: bash, Perl, PostgreSQL.
• SPF Sender Policy Framework project.
• Security Tools Installation and Configuration: Entrust, chkroot, rkhunter, The Sleuth Kit, Autopsy, EnCase, Cheops, John The Ripper, Nikto, Paros, OWASP, WebScarab, IPTraf, Ettercap, EtherApe, Nessus, Fortify 360, Nmap, Kismet, gkismet, Watchfire AppScan, Cenzic Hailstorm, Aircrack-ng, SecureAware, bastard, IDA Pro, ModSecurity, Joomla, Symantec, OpenText, Cisco ACE XML, TippingPoint, WebGUI, SSO, GlobalPlatform SCP02, etc.
• Analysed / Redesigned System / Network / Security Architecture.
• Resolved WiFi laptop modem monitor mode problem.
• Enterprise Content Management Project. Facility Management. Business Objects Assessment Project.
• Anti-Spam Project.
• Business Continuity Planning Project.
• Security incident response plan.
• Forensic Analysis Project. Reverse engineering.
• Participated in DLP project.
• IT Audit. Vulnerability Assessment/Management/Penetration Testing project Threat Risk and Vulnerability Assessments . Prepared SOW, Project phases, Process Groups. BB Datacenters, etc.
• Hacker Technique Investigation among other stuff learned: Cross Site Scripting, HTTP Response Splitting, Web Cache Poisoning, HTTP Request Smuggling .
• Corporate Information Security / Privacy Policy development and enforcement PIPEDA, FIPPA, PHIPA, HIPAA, CSA Privacy Code, ISO /2, CICA 5900, NIST, FISMA, COBIT, PCI regulation, SOX, Canadian Investor Confidence Rules, OSFI, TOGAF, Zachman, etc. . Policies/Standards Project. EPIC alerts. Development of Mature Security Program.
• PCI Infrastructure / DB / code review.
• Information security consultative support to all lines of business.
• Vendor products evaluation process.
• Supported BB e-mail directory service.
• Identity Management Project.
• Tripwire Project.
• Security Governance Project.
• Security Awareness Project.
• Security Monitoring Project.
• Development an internal information security committee.
• Wi-Fi War Driving Project.
• Bluetooth Rifle Project.
• UMTS/EDGE/GPRS War Driving Project.
• Application scanning / firewalling Project including PCI requirements.
• 0-day Vulnerability Assessment Project.
• Disk Encryption Project
• PCI Compliance Project.
• TRA project, used OCTAVE / OWASP / Microsoft / Harmonized Threat Risk Assessment TRA methodologies.
• Participated in Business Intelligence audit and development. Worked with Pega.
• Participated in Forex Project. Fast Fourier Transform.