- CISSP (obtained Nov. 3, 2001 )
- Penetration Assessments (Scanning for vulnerabilities)
- Troubleshooting network problems
- Security Policies/Standards/Procedures
- Project Management
- Checkpoint Firewall (Nokia, Sun, Linux, NT)
- Security Auditing
- Risk Analysis
- PERL programming to make the job easier
- Researching newest hacking techniques
- SecurID Administration
- Architecture Design and Review
- Biometric Devices
- IDS (Snort, Realsecure)
- Forensics/Incident Response
- Disaster Recovery Planning
- Host Based IDS (Tripwire)
- UNIX Administration
- Incident Response
- HIPAA compliance
- Webinspect Application Auditing tool
- APP Scan Auditing Tool
- Windows/UNIX security architecture
- DNS administration
- Solaris 5.1, 5.6, 8, 9, 10
- Linux (Redhat, SUSE, GENTOO, and Mandrake distributions)
- Windows 2000, XP, 2003, Vista
- Shell Scripting (Bash Shell)
September 2005- Current: Network Security Engineer, Confidential, Tampa, FL. Duties included performing audits, running scan tools, helping projects with architectural design and compliance, administering and patching windows systems, user administration, Unix (Linux/Solaris) administration, DNS administration, IDS architecture, design, and maintenance, Locating and removing content with protected information, Writing security 'briefings' about risks faced, researching current trends in security, and maintaining my CISSP. Developed curriculum for security awareness training.
October 2004- July 2005: Application Auditor, Confidential, Temple Terrace, FL. Duties included performing application audits, running scan tools, helping projects with architectural design and compliance with corporate security policy, and ensuring security review documents were accurate via hand audits, and explaining risks to senior management as well as technicians. Developed curriculum for security awareness training.
April 2004- October 2004 Security Analyst II, Confidential, Gainesville, FL worked as full-time employee. Duties included: Incident response, Incident co-ordination, performing system audits, forensics, wireless evals, Wrote incident response policy, advised on security products, helped formulate three-tier architecture with Oracle OID, monitoring and responding to ISS IDS, co-ordinating patch-management. I also assisted in fraud investigations, co-ordinating between IT and Internal Audits..
June 2002-March 2004, Network Security Engineer, Confidential, Indianapolis, IN worked as full-time employee. Duties included: managing checkpoint firewall, managing Alton load balancers (for fully redundant Internet access), centralizing syslog server, documenting changes to firewall, on-call 24x7, responding to intrusion attempts, evaluating new security architectures, assisting in support of biometric infrastructure, securing DMZ servers, managing and installing Nortel Contivity VPN's, troubleshooting network problems, evaluating and installing new security products, developing security policies and procedures, developing an IDS system based on ISS Realsecure and SNORT, performing research on various security topics, protocol analysis, and occasional UNIX administration. Left due to outsourcing potential. Spoke at DEFCON 2002.
May 2000-Jan 2002 CISSP, Infosecurity Engineer Confidential, Chicago, IL worked as full-time employee. Duties included: monitoring employee web access, securing DMZ servers, monitoring and responding to intrusion attempts, managing and installing corporate VPN's, administrating and managing the Nokia Checkpoint firewall, evaluating and installing new security products, installing and managing TREND viruswall, developing security policies and procedures, developing an IDS system based on SNORT, performing research on various security topics, protocol analysis, and occasional UNIX administration, briefing management on security risks and their implications to the cost of doing business. Spoke at DEFCON 2000, 2001. Position ended due to company-wide layoff
February1999-May 2000 Infosecurity Analyst Confidential, Chicago, IL worked as a full-time employee. Duties included: monitoring and reporting on usage of web sites to management, analyzing applications for security flaws, analyzing BOTCC's environment for security weaknesses, serving as leison between management and technical people for security issues, correcting those weaknesses, monitoring for new exploits/vulnerabilities, briefing management on security risks, performing penetration assessments, writing security policies, educating users, developing an IDS(Network Flight Recorder), improving security related processes and streamlining administration of users, developing a test lab, developing a "safe workplace" policy, correcting security incidents and auditing various departments for violations of BOTCC security policy. Attended DEFCON, a well-known hacker symposium. Left for better position at Equitec.
August 1997- January 1999 Intranet Administrator/Firewall Administrator/Testing QA coordinator Confidential, Michigan. Worked as a contractor of UPP business systems to Kellogg Company. Duties included: upgrading web servers and keeping them running, OS updates, coordinating Y2k test efforts, designing reporting system on user browsing trends, writing scripts in perl for analysis of logs, responding to security incidents, reporting to management on security incidents, integrating security needs into the Kellogg corporate climate, on call 24x7, solving Internet related problems. Attended PERL training class. Position ended because contract expired.
February 1996- February 1997 Webmaster/Desktop Support, Division of Agriculture,Confidential, OK. Duties included maintaining and designing Division of Agriculture's Web Site, repairing and upgrading PC's, supporting win32 environments, maintaining Division's LINUX box, and making custom graphics in PhotoShop. Position ended due to contract expiry.
June 1993-January 1996 Technical Support, Creative Labs, Confidential, Supported customers on the phone in Spanish with Creative's soundcard products. Served all of South and Central America. Skills acquired: Troubleshooting, hardware knowledge, networking knowledge, Multimedia Authoring, beta testing. Left to pursue better opportunities at OSU.
CISSP since 2001
Fluent in Spanish
Cooking, swimming, bicycling, scuba-diving, reading the great classics, and reading to the visually impaired.
major—Technical Writing, minor—Spanish.
Available upon request