SUMMARY OF QUALIFICATIONS IT Security and Networking Professional with excellent written and oral communication skills. Thorough understanding of Networking Information Assurance and Cybersecurity disciplines to include open-source information gathering threat and vulnerability assessments penetration testing and techniques and network defense. I have over twelve year of hands on experience in IT Security specializing in penetration testing. I am an accomplished security engineer malware analyst and incident responder. I recently attained certification as an Offensive Security Certified Professional OSCP .
AREAS OF EXPERTISE Network Analysis Physical Security Threat and Vulnerability Research Analysis Incident Handling and Response speaking two languages English and Russian. CERTIFICATIONS
EXPERIENCE
confidential
Sr. Penetration Tester
- Lead Security Engineer of an Assessment Team doing full vulnerability assessments of the US Courts national systems
- Conduct network/host penetration tests and web application penetration tests using
- Assist the information security risk assessment program by identifying risks in the current security posture. Conduct risk assessment using NIST SP 800-53 v4 Operational Management and Technical controls
- Perform network security analysis and risk management for designated systems
- Develop test cases to test web application according to OWASP and mapped every test case to NIST controls
- Assess and evaluated risk based on threats vulnerabilities and shortfalls uncovered in testing
- Develop CVSS calculator to rate risks for vulnerabilities found in assessments
- Examine assets to determine if vulnerabilities exist and if vulnerabilities are found proposes remediation strategies that can be applied to mitigate them
- Assist in vulnerability remediation efforts across various projects by proposing remediation strategies and engaging key stakeholders utilizing Plan of Actions and Milestones PO AM risk management process
- Key contributor for developing templates such as Security Assessment Plan Security Assessment Report Rules of Engagement Security Assessment Questionnaire Kick-Off and Exit Brief
confidential
- Member of the Computer Security Information Response Center CSIRC participating in incident analysis response and threat assessment on a daily basis.
- Deployed Fire Eye Symantec DLP Symantec Web Gateway and Splunk
- Performed firewall reviews and tuning
- Conducted Penetration Test of the United States Mint s non-Commerce web site and related infrastructure including web servers application and database servers. Weaknesses discovered resulted in a multi-phase remediation and upgrade effort to resolve flaws.
- Conducted PCI required Penetration Test of the eCommerce System which resulted in minor findings requiring remediation and furthered the PCI compliance effort for the system.
- Conducted PCI required Penetration Test of the outsourced call center and fulfillment operation serving the ecommerce line of business. Findings resulted in a multi-phase remediation effort.
- Performed wireless scans using Kismet KisMac and the Aircrack-ng suite
- Participated in the development of the tailored security baselines for servers and networking equipment
- Built configured and deployed Snort IDS appliances to monitor Manufacturing department SCADA and industrial control assets.
- Developed custom written malware to evade anti-virus systems as a demonstration for non-Commerce website stakeholders and United States Mint management. This resulted in the cancellation of a project to receive file submissions from the public on non-hardened infrastructure.
- Performed evasions of Symantec and Sophos antivirus suites using various techniques to deliver payloads in PDF and executable files
- Conducted social engineering test exercises coordinated with Treasury GSOC to determine level of infiltration possible using remote command and control frameworks.
- Developed custom written Python scripts to generate weekly vulnerability dashboards used by technical and management staff.
- PHP and Cold Fusion source code analysis to reveal vulnerabilities
confidential
Penetration Tester/Courseware writer
- Performed open-source intelligence OSINT gathering for target customers in preparation for security assessments
- Performed Network and Web Application Penetration tests within the parameters defined by rules of engagement coordinated with the client.
- Provided detailed reports on the findings of network and application penetration tests including mitigation and remediation activities.
- Developed training materials for Strategic Security Online courses on the following subjects
- Network Penetration Testing
- Web Application Penetration Testing
- Network/Host Forensics
- Maintained the Strategic Security Online target lab network comprised of the following Operating Systems
- o Red Hat/Ubuntu
- o Windows 2000/XP/Vista/Windows 7
- Vulnerable Web Applications on the following platforms
- o ASP/MSSQL2000
- o ASP.NET/MSSQL2005
- o PHP/MySQL
- C PHP and Cold Fusion source code analysis to reveal vulnerabilities
confidential
Project Dulles International Airport IAD
Network Administrator Assistant/Security Analyst
- Developed and maintained installation and configuration procedures for a project at Dulles International Airport. Performed system monitoring to verify the integrity and availability of hardware server resources and systems security on a proactive basis
- Assisted in creation of a Network Security website for both administrators and end users to access proper configuration templates safe internet surfing
- Monitored network intrusion attempts using Snort IDS
- Installed upgraded and diagnosed software issues
- Performed network scanning using Nessus to identify weaknesses
- Demonstrated exploits on vulnerable assets to prove weakness by using Metasploit and Nmap
- Conducted remediation activities to close vulnerabilities
TECHNICAL EXPERIENCE General Technical Skills
Scripting Languages Shell scripting Python Java C
Operating Systems Windows 95/98/NT/2000/XP/Vista/7/2003/2008 Mac OS X Linux/Unix Red Hat Enterprise Linux Debian Ubuntu Fedora Backtrack 2/3/4/5
Software Applications Symantec/Norton/McAfee Antivirus/AntiSpyWare/Antispam products Microsoft Office 2003/2007 Microsoft Office Mac 2008 Apache Microsoft IIS Virtual Box VMware Fusion/Workstation/Server Tenable Security Center FireEye Symantec Web Gateway.
Security Skills/Tools
Network Enumeration Maltego Google Hacking DNS SMB LDAP SNMP
Port/Vulnerability Scanning Nmap/Nmap Scripting Engine NSE Hping 2/3 Netcat Nessus
Sniffing/Man-in-the-Middle Wireshark Ettercap Cain
Web Application Vulnerability Scanning Acunetix tool similar to WebInspect/AppScan NTOSPider
Exploitation
o Reversing Malware analysis and source code analysis to find vulnerabilities in software
o Exploit development Windows based exploits such as Stack/Buffer overflows and Linux/Unix based exploits such as Stack/Buffer overflows.
o Server/Client-Side Exploitation Metasploit Social Engineering Toolkit SET
Core Impact/Insight
o Password Cracking Hydra Rainbow Crack 0phcrack John the Ripper
o Web Application Manual SQL Injection Manual Cross Site Scritping SQLmap
Debuggers Ollydbg Immunity Debugger WinDBG GDB
Wireless Kismet Aircrack-NG Suite