120 Malmy Drive, Brick, NJ 08724
(732) 948-0463 firstname.lastname@example.org
August 2001 – August 2010
PR Newswire, 806 Plaza Three, Harborside Financial Center, Jersey City, NJ 07311
This position required me to play several roles to prioritize and perform multiple tasks concurrently, often with strict and unmovable deadlines, while still providing a consistently high quality of output in the final product.
IA duties included the deployment and integration of special projects, consistent with procedures to ensure stability, supportability, and uptime. Interfacing with the development group during the onset of a project in order to ensure that architectural decisions were consistent and sound. Providing hardware selection and sizing expertise. Overseeing the construction of the environment, integration and deployment into production. Briefing and providing system documentation for the administration staff and providing 3rd tier expert support to the SA department when required.
IT security duties included monitoring and event correlation between various firewall and system logs. Incident response, system security auditing and reporting. Performing investigations for senior management and legal departments regarding external inquiries to provide verification of, and a point of liaison for, externally contracted penetration testing.
Notable projects include a clustered high availability accounting system based on Sun enterprise servers running Oracle Financials, an international deployment of a global database of media contacts. Developing a companywide server monitoring/administration system for immediate and pro-active alerting and trending. The construction and maintenance of a completely new distributed intrusion detection and log aggregation system for PR Newswire. This system, consisting of multiple network sensors which collect network traffic data and compare it against signatures using the popular Snort IDS system as well as the commercial Sourcefire 3D sensors and Defense Center. Database entry for ease of correlation with the collected syslog information while performing an analysis or responding to a security incident.
August 1999 – August 2001
Responsible for leading and assisting a team of 8 administrators. Coordinating time off and on-call schedules to provide 24x7x365 support for over 200 systems. Collectively, my team and I significantly increased uptime of undocumented legacy systems by implementing procedures and re-writing much of the script-based logic that ran a majority of the back end software. Provided support to users of in-house products when server issues arose. Evaluating new deployments on a per-case basis to ensure that supportability and service level agreements for the designated project could be maintained before releases were deployed into the production environment.
August 1997 – August 1999
Dow Jones, Ridge Rd & US 1, South Brunswick, NJ 08543
Responsible for setting up, debugging, and supporting a pair (Production and QA) of mirror networks for both the NY and NJ data centers for redundancy and disaster recovery. Installing hardware and configuring customized software, redesigning portions of the network to meet fault tolerance levels needed for a production environment. Configuring LAN and WAN interfaces as well as network communication devices. This position, like the Lexington Ave one before it, was part of the Dow Jones ‘Quickstrike’ initiative; and was on an extremely accelerated schedule. After the network went live, I provided technical support to the production environment.
March 1997 – August 1997
Dow Jones Markets, 420 Lexington Ave, New York NY 10001
Network Integration Advisor
Responsibilities included working closely with the development team, on an accelerated schedule, to migrate existing proprietary network information to an ‘off the shelf’ open environment. An entire network was designed to accomplish this goal and I provided legacy network information as well as proprietary equipment configuration for a backend database interface.
June 1993 – March 1997
Dow Jones/Telerate, Harborside Financial Center, 600 Plaza Two, Jersey City, NJ 08731
Senior Network Quality Assurance Technician
Responsibilities included maintenance and troubleshooting a large QA network. Quality assurance testing on new software packages prior to worldwide release. Generation of bug and status reports, maintaining and troubleshooting data communication links. Coordination of tests and construction of test scripts. The Dow Jones QA network consisted of a mirror of the production environment and was highly configurable to meet various testing scenarios. I was responsible for reconfiguring the network on the fly, as well as developing my own testing tools in order to adequately perform tests in various scenarios.
2002 - 2006
SANS Institute, various locations.
I have taken various security and network related courses from sans over the last several years including: TCP/IP for intrusion detection, Network traffic analysis using TCPdump, Intrusion detection with snort, IDS signatures and analysis, Forensic methodology using linux, Windows 2000XP filesystem forensics, Computer crime law and best practices, Incident handling and computer crime investigation, and Computer and network hacker exploits.
September 1991 - February 1994
Brick Computer Science Institute, 515 Highway 70, Brick, NJ 08723
Digital Processing Repair and High Technology
AC/DC circuits, digital circuitry, assembly language programming, advanced assembly language programming, BASIC, PC repair, applied physics, PC communication (RS-232 C&D spec, sync. & async. comm.), PC networking, fiber optics, and robotic technologies.
January 1987 - June 1989
Ocean County College, College Drive, P.O. Box 2000, Toms River, NJ 08754
Calculus, applied physics, Pascal, assembly, advanced assembly, UNIX, COBOL, C, psychology.
The proven ability to lead and motivate a team of technically minded individuals toward a common goal and subsequent results as well as cross department communication and organizational abilities.
In depth knowledge of IT security procedures and software, including but not limited to: Intrusion detection both network based and host based, and analysis and correlation of the data retrieved from these systems. Knowledge of and the ability to apply current IT security methodology in regards to incident analysis and response. Knowledge of system level forensics including the ability for the potential recovery of data from systems where it has been deliberately removed and the ability to construct a timeline of events related to a security incident from the filesystem of a given machine. I also make it a point to stay abreast of new developments in the realm of IT security and monitor several mailing lists and digests in order to remain informed of new threats and occurrences.
In addition, I also am adept at troubleshooting hardware, software, and networking problems on both Intel and various Unix platforms. Over the last several years, I have set up and configured a wide variety of equipment including sun hardware ranging from Ultrasparc machines to the most recent SunFire servers, knowledge and configuration of storage in a SAN environment for high availability and consolidation, specialized load balancing hardware RND Web Server Directors and F5 Networks BigIP, configuration of Cisco routing and switching equipment. Using a network analyzer or sniffer to troubleshoot network problems and bottlenecks across a wide variety of protocols, in depth knowledge of the IP protocol and, due to my tenure at Dow Jones and redesigning PR Newswire’s legacy distribution system, I can also troubleshoot both synchronous and asynchronous RS-232, X.21, and X.25 lines.
Operating Systems: Solaris, Linux (gentoo, debian, redhat, slackware, ubuntu), OS 32, Novell NetWare, HPUX, Windows (2003, 2000, NT4, 2000, 2003, Xp). In addition, I am familiar with many common software packages including, but not limited to, Apache, Squid, Weblogic, Netscape Server Suite, MySQL, Verity search engines, TIS Gauntlet Firewall, Firewall 1, IPChains/Tables, Snort, Cisco PIX, Sourcefire 3D sensors and Defense Centers, Nagios, Zabbix, Webtrends, Microsoft and Open Office, Visio, and Adobe PhotoShop.
Network administration/monitoring : HP Openview, HP Netmetrix, Performix (PureAtria), Optimal Application Expert, Optimal Internet Expert, NetXray, Bay Networks Site Manager,BMC Patrol, Nagios and Zabbix which I recently did an entrerprise-wide deployment of.. I can also program in Visual Basic, and PHP, and have a good working knowledge of MySQL; in the past I have used these skills to write my own test tools when other packages either did not perform the functions needed or were simply impractical for the task at hand. I have advanced scripting skills in various system shells as well as php4/5 and use this to develop new applications or perform complicated automations whenever necessary. I have basic knowledge of perl although I tend not to use it as a primary scripting language.
REFERENCES: Furnished Upon Request