Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

security - AtenLabs

advertisement 
«FIRST» «LAST»
INFORMATION SECURITY SYSTEMS ARCHITECT
Mobile: 858.382.7821 | 16908 Robins Nest Way #2, San Diego Ca 92127 | Dan@atenlabs.com
REFERENCES AVAILABLE UPON REQUEST
PROFILE ::
I’m a seasoned veteran of networking, systems and infrastructure. I have a broad range of technology experience totaling nearly 14 years, starting in 1998.
For some of this experience I hold a patent. I solve problems quickly, I design systems and network to scale, I secure what I’ve built and I document
everything. I believe in “Do it once, Do it right and never worry about it again” and “the proof is in the pudding”. I lead by example and I follow industry
standards. I have an upbeat and energetic attitude, I love my work and I play well with others. I love complexity, but only when it’s called for.
PATENTS AND INTELLECTUAL PROPERTIES ::
PCT/US2005/047580
- Inventor: System for protecting identity in a network environment (WO/2006/07052)
E
XPERIENCE ::
INFORM ATION SECURITY ANALYST, INTUIT INC JUNE 2010 - PRESENT
- Monitor SIEM alerts, modify alerting rules and tune the SIEM
- Investigate network anomalies to determine root causes, and correct them
- Engage business units upon identification of unusual network/system
behavior to remediate
- Research new threats and tune tools for improved defense posturing
- Correlate suspect network behavior with new/unknown malware
- Identify unknown machines on the corporate LAN using cisco 6509
command line interface (mac <-> IP correlation)
- Coordinate with business units to time nCircle scans for best performance
- Cross train SOC employees on using ‘offensive security’ related toolsets
(maltego, metasploit, etc)
- Tune Websense based on credible threat intelligence (from iDefense
usually)
- Analyze Tipping point digital vaccine updates, document deltas
- Analyze packet captures using netwitness / tshark / wireshark
- Emergency incident response for various security events, like DDoS attacks
and malware infestations
- Identify and contain rogue access points (cisco wcs)
- Review daily threat documentation / apply it to newest alerts found
- Write scripts to auto-import DShield and SpamHaus lists into the SIEM
- Define practices and procedures for the Intuit SOC
- Obtain and employ fresh threat intelligence using the information security
community
INFORMATION SECURITY ARCHITECT / FOUNDER, ATEN LABS APRIL 2008 - PRESENT
- Reverse Engineered perl, python and php code
- Rescued compromised installations of Wordpress and Drupal
- Demonstrated how to crack WEP using the BackTrack4 LiveCD
- Demonstrated how to crack unix/crypt passwords using John the ripper
- Demonstrated how a Windows XP system can be compromised using an
iPod Touch using the Metasploit framework
- Administered private tutoring sessions with Backtrack and Metasploit
- Code Auditing for user input sanitization
- Managed multiple concurrent business development campaigns
- Trained contractors and employees in wireless security, lockpicking and
social engineering.
- Network Design and Security
- Systems Architecture and Security
- Sarbanes Oxley (SarBox / SOX) IT compliance auditing
- Scaling NIS/NFS environments (in an EDA context)
- Wireless site survey
- Direct wireless client attack using airbase-ng and Metasploit
- Penetration testing and network scanning using android devices
- Trained clients in Kinesics, and how to withstand social engineering attacks
- Exploited SQL injection, XSS and CSRF vulnerabilities in client web apps
- Exploited IE, Windows and Adobe products in client VirtualBox VM
Images
- Presented at Qualcomm about encrypted vs cleartext traffic
- Presented at BarCamp on Kinesics, Proxemics and Social Engineering
- Presented at Toorcon 11 about Kinesics, Proxemics and Social Engineering
- Presented at Ignite Los Angeles on Social Engineering and Kinesics
- Invited to speak at SecTor Security conference in Toronto
- Deployed Secure Wireless networking hardware at multiple venues
- Demonstrated SSH/SSL Man in the Middle attacks using ARP spoofing in a
lab environment
- Pen-Tested hundreds domains, finding many XSS, CSRF and SQL Injection
vulnerabilities
- Consulted on healthcare providers implementation of OSPF across their
national network (OSPF over VPN using Cisco ASA 5505 devices)
- Advanced custom visualization of data mining results using perl and
touchgraph
- Monitoring and alerting on EDA environments (mentor licensing)
- Linux / Active Directory authentication unification using likewise
- Social engineering / gaining entry to secure facilities
PROGRAM MANAGER, BARCAMP SAN DIEGO JUNE 2006 - PRESENT
- Managing the budget
- Obtaining corporate sponsorship
- Managing a team of 6
- Purchasing hardware, food, and supplies for the event
- Event Coordination
- Public Speaking / Engaging the audience
- Managing a wireless network with 300 concurrent users
- Securing wireless infrastructure / traffic shaping and QoS
- Building and maintaining a community in San Diego with 500+ members
- Facilities management
SYSTEMS ARCHITECT, WARNER BROTHERS RECORDS APRIL 2008 - JUNE 2008
- Designed new Apache configuration infrastructure
- Acted as advisor to VP and Director of IT for networking infrastructure
- Instantiated precisely tuned virtual environments for developers
- Identified resources in the tech community for projects
SYSTEM S ARCHITECT, I NTUIT INC APRIL 2008 - OCTOBER 2008
- Designed and deployed 11 custom flex/java environments (redhat/ubuntu)
- Precisely documented all infrastructure and logistical key data points
- Directed IT in the creation of the hardware infrastructure for the product
- Oversaw all information security of the project
- Directly supported Senior developers and built infrastructure to suit.
- Head Systems Architect on the project (on the scale of turbotax.com)
PRODUCT SUPPORT ENGINEER, FAIR ISAAC INC MAY 2007 - APRIL 2008
- Oversaw departmental collaboration infrastructure (BaseCampHQ)
- Deployed and managed local support wiki with KnowldegeBase and FAQ
- Deployed and managed VMWare server farm
- Completed 2 of 5 Oracle 10g DBA courses towards certification (UCSD)
- Assisted Training department in refining their documentation and videos
- Managed high-profile clients (Captial One, Discover)
- Managed which defects/enhancements went to development
- Managed departmental systems resources (Debian Servers, VMWare)
- Managed re-documentation of procedures for Capstone installation
- Trained DiscoverCard corporate headquarters personnel in UNIX
SYSTEMS ENGINEER, INTERACTIVATE INC APRIL 2006 - APRIL 2007
- Migrated all company data onto fiber attached storage (apple Xraid)
- Installed ticketing system for IT, created work flow, escalations.
- Redesigned corporate network infrastructure, deployed monitoring solutions
- Migrated from old co-location facility to a another.
- Reverse engineered existing php, perl and bash scripts and applications.
- Attended security conferences such as DefCon and ToorCon.
- Migrated corporate mail server from Qmail to Microsoft Exchange.
- Linux/BSD Server Hardening, Kernel Tuning, Security Sweeps.
- Managed outsourced help desk personnel.
- Implemented backup servers, hardware, policies and routines.
- Implemented centralized documentation using a Wiki.
- Managed teams of developers for custom projects
DIGITAL INTEGRATION GROUP SEPTEMBER 2005 - APRIL 2006
- Installed a wiki for all in-house IT documentation
- Installed client facing IT ticketing system, deployed monitoring solutions
- Designed and deployed custom tracking/documentation linux servers
- Implemented network security policies/alerting for customers
- Mitigated DDoS and cross-site scripting attacks
- Managed 2-5 employees during certain contract jobs on-site
- Specced out hardware for new clients, then deployed/maintained it.
- Reverse engineered client written php/perl code
SYSTEM S ENGINEER, AN ONYMIZER INC SEPTEMBER 2004 - SEPTEMBER 2005
- Designed and deployed a wiki for all in-house IT documentation
- Installed in-house IT/Help desk ticketing system (RT), monitoring solutions
- Designed and deployed massive perl based obfuscation proxies (patented)
- Designed and deployed heads-up display for in-house security personnel.
- Mitigated spam, DDoS and other types of attacks daily
- Designed postfix/ldap/courier/sasl mail server for 12,000 users.
- Designed, purchased and deployed over 80 new servers.
- Managed routing, switching and load balancing at co-location.
LEAD PRODUCT SUPPORT ENGINEER, WEBSENSE I NC AUGUST 2001 - MAY 2004
- Acted as primary contact for clients with 1 million+ seats
- Acted as primary contact for all Solaris and Linux clients
- Performed on-site technical assistance for large clients
- Wrote Perl and VB scripts for large clients (BP Amoco, Kmart)
- Met with VP / Upper Management to discuss inter-departmental work flow
- Trained new employees in Linux and Cisco for integration with Websense
- Designed department policies and goals with Management
- Supported IT department by helping with Linux issues in other departments
- Managed tech support testing laboratory and network
- Wrote shell scripts to administer tech support printers and other hardware
AFFILIATIONS ::
BarCamp San Diego: Head Organizer, Community leader, Event Director, IT Security and Infrastructure Engineer
BarCamp Los Angeles: IT Security and Infrastructure Engineer
Conferences: BarCamp San Diego, BarCamp Los Angeles, MobileCamp Los Angeles, O’Reilly Emerging Technologies, Web 2.0 Expo,
DefCon, ToorCon, Refresh San Diego
Presented at: Barcamp, Refresh San Diego, ToorCon (videos available upon request)
CERTIFICATION AND TRAINING ::
Certifications
OSCP - Offensive Security Certified Professional (penetration and information security certification)
WCSE - Websense Certified Systems Engineer (expired)
WCTR - Websense Certified Training Representative (expired)
NVCBA - NetVault Certified Backup Administrator
Vocational Training: Offensive Security/IT Security coursework, Linux Systems Administration, Management Communications, Oracle DBA certification
classes, Cisco CCNA coursework, Introductory Java and Ruby on Rails coursework
SKILLS MATRIX
OPERATING
SYSTEMS
NETWORKING
All flavors of Windows
Cisco routers
RedHat Linux
Cisco PIX/ASA
CentOS Linux
Cisco Catalyst
Ubuntu Linux
switches
Debian Linux
Dell PowerConnect
FreeBSD4/5/6/7
switches
Solaris
HP ProCurve
HPUX
switches
AIX
Cisco Aironet
Apple OSX
wireless devices
Cisco IOS
Cisco Airespace
mesh wireless
Aruba (mesh)
wireless devices
Netscreen firewalls
Sonicwall Firewalls
IPCop Firewalls
PFSense Firewalls
IPTables
PF
Checkpoint Firewalls
Baracuda Load
Balancers
Coyote Point Load
Balancers
BigIP F5 Load
Balancers
Foundry Load
Balancers
Xirrus wireless
arrays
SERVICES
SECURITY
DEVELOPMENT
LANGUAGES
Apache/SSL
Bind
Postfix
SASL
SpamAssassin
ClamAV
Amavis
Qmail
Microsoft Exchange
LDAP
MySQL
Oracle 10g
Captive Portals
FTP
Java Containers (tomcat, glassfish)
MSSQL
IIS
Active Directory
Sharepoint
VMWare
Virtuozzo
NetVault backups
Veritas
MediaWiki
RequestTracker (RT3)
BackPack
CampFire
Kernel Tuning Kernel Model Modification
Cacti
Zenoss
LMGRD
BackTrack 4
John the Ripper
ighashcpu
BeEF framework
Maltego
AirCrack suite
ACID/BASE
Aanval
NetWitness
ngrep
driftnet
dsniff
Wireshark
tcpdump
tcpick
Cacti
Nagios
AVG
TrendMicro
McAfee
CA Antivirus
Maltego
Foca
Acunetix
Rational Appscan
Core Impact
All Metasploit vers
Q1 Radar (SEIM)
TippingPoint
SourceFire/Snort
FireEye
Nessus
Perl (proficient)
Shell Scripting (proficient)
Python (still learning)
C / C++ (been years)
PHP (still learning)
HTML/CSS (proficient)
Related documents
WWW+Internet+networking - Edulink
WWW+Internet+networking - Edulink
Ch 5 Quick Quiz
Ch 5 Quick Quiz
Senior Systems Administrator
Senior Systems Administrator
James D. Vaughn - Pocono ProFoods
James D. Vaughn - Pocono ProFoods
Mr.Sachin Gupta, CISCO - India Electricity 2013
Mr.Sachin Gupta, CISCO - India Electricity 2013
Csaba TOTH
Csaba TOTH
操作系统
操作系统
Eric-Rouse.com
Eric-Rouse.com
Annex G - Candidates Evaluation Form
Annex G - Candidates Evaluation Form
Download
advertisement