Haral Tsitsivas
33586 Via Lagos, Dana Point, CA 92629
(949) 661-2656 x103, haral@haral.com
SUMMARY
Over 29 years of experience designing, developing and managing software projects and data centers on
a variety of hardware platforms in both production and development environments. Possess extensive
experience with most versions of UNIX, Linux and Windows (NT/2000/2003/XP/Vista) with an emphasis
on computer, network and application security.
SKILLS
Hardware: HP 9000 & Itanium, SUN Sparc, IBM RS/6000, AS/400, DEC Alpha, Silicon Graphics, Cray,
Hitachi, NCR, Sequent, Pyramid, Data General, Intel.
Systems Software: UNIX (BSD, SysV, Solaris, AIX, HP-UX, IRIX, UNICOS, UnixWare, FreeBSD, Tru64,
others), Linux (Redhat, SuSE, Mandrake), Windows NT/2000/2003/XP, TCP/IP, IIS, Apache, Tomcat.
Databases and Tools: ORACLE (7.X, 8i, 9i, 10g), SQL*PLUS, PL/SQL, DESIGNER 2000, DEVELOPER
2000, Sybase ASE (11.9, 12.5), DB2 (v8.x), (Sonic) eXcelon XIS, MS SQL Server, mySql.
Technologies: J2SE, J2EE, HTML, XML, XSLT, CGI, TCP/IP, SMTP, Client-Server, BSD sockets, ONC
RPC, multi-threading, X Windows/Motif, eclipse, Sun ONE Studio, NetBeans, ant.
Languages: C, C++, Perl, Java, JavaScript, UNIX Shell script, awk, lex, yacc, FORTRAN, DOS cmd.
Other: Adobe Photoshop, Acrobat, Microsoft Office, FrontPage, Rational Rose, Rational Requisite Pro,
Rational Purify, Rational ClearCase, CVS, Windows Installer, Installshield, Inno Setup, MediaStudio Pro,
Centrus AddressBroker & GeoCoder, Nessus, CIS security tools, SARA, LC5, John the Ripper, MBSA,
nmap, snort, nc, iptraf, p0f, etherape, ethereal/wireshark, ssldump, fragrouter.
EDUCATIONAL BACKGROUND
M.B.A., Pepperdine University, Malibu, CA
M.S., Computer Science, California State University, Northridge
B.S., Computer Science, California State University, Northridge
GIAC Security Essentials Certification (GSEC)
GIAC Certified Firewall Analyst (GCFW)
ORACLE Application Development, University of California, Irvine
Java Application Development, IBM Solutions Center, Menlo Park, CA
Disaster Preparedness Academy & Business Continuity Planning, Orange County Red Cross
PROJECTS/EXPERIENCE
Telcordia Technologies, Carson, CA
Senior Software Engineer
 Designed and developed the performance management component of a Network Management
System for a wireless radio network, in a multi-threaded Java application communicating with other
components using RMI. Network performance data is stored in a DB2 database and is accessed with
JDBC for report generation and threshold analysis.
 Designed the security management component of a Network Management System for a wireless
radio network, responsible for the configuration of switches, routers and firewall devices.
 Provided support to team members and customer staff during the integration effort of the Network
Management System at Northrop Grumman’s SWIT lab.
Mavent Inc, Irvine, CA
Java Consultant
 Performed comprehensive company-wide security audit and assessment, evaluating the company's
security policies and procedures, and determining the risk and exposure level of IT resources using
the tools Nessus, SARA, MBSA, CIS Scoring Tool, LC5 and John the Ripper. Made
recommendations in order to harden system security and performed various remediation steps.
Haral Tsitsivas









Page 2
Updated and/or created various security policy documents in order to standardize security procedures
throughout the company.
Designed an application-wide authentication and authorization system that allows customer
organizations to specify and maintain customer-specific roles that determine the privileges assigned
to each customer representative and the type of data that they may access and modify.
Designed, developed, and implemented an ARM Data Mapper and Index Reviewer that validates
customer loan rates with published rates for the specified index, over a specified time period, and
provides the correct loan rate for the specified date(s) and index type(s).
Designed, developed and implemented a Flood Data Mapper and Reviewer that extracts property
flood information from a Centrus AddressBroker database and reviews lender provided data for
correctness, providing updated property flood information as required and a final determination on
whether flood insurance is required and/or valid.
Analyzed application performance using application metering software and tuned the application in
order to eliminate redundant operations, cache data used by multiple modules and streamline
processing, resulting in significant performance improvements.
Implemented changes to the database structure of saved loan transactions to eliminate data
redundancy, reduce disk usage (by at least 50%) and improve loan review application performance
(by up to 100%).
Developed accounting, summary and detailed reports of processed loan transactions for use by both
customers and internal company staff.
Developed migration utilities that were used to convert, transform and upgrade loan transaction data
between the various application versions.
Modified web application (xpath and xquery) data queries that improved the performance of loan
status and exception reports by as much as 400% on initial queries and as much as 900% on
subsequent queries, dramatically improving web application performance.
US Treasury, Financial Management Services
IT Consultant
• Designed and led the development of a server database usage chargeback system for Oracle 10g,
Sybase and DB2. The product tracks session time, CPU usage, memory usage, disk I/O and network
I/O by user and project.
Mavent Inc, Irvine, CA
IT Consultant
 Enhanced client/server java application that communicates using the Sonic MQ messaging system
(with the client portion installed at customer sites), implementing authentication, encryption, and
compression in order to improve application security and performance. Implemented Java and RMI
APIs for integration with customer applications. Created application use-case documentation.
 Created XML-based graphical software installation package (using izPack), allowing the packaging of
the end-user software to simplify installation on customer sites, while also creating end-user
documentation for installation and product operation.
 Developed (Java) cryptographic libraries for use in encryption of application passwords and sensitive
fields in XML documents. Modified back-end application to encrypt sensitive customer data before
saving the customer data, and modified web application to view the encrypted data if permissions
allow. Created application security documentation for both internal use and for prospective clients.
 Implemented a software bridge to connect messaging applications using Sonic MQ and WebSphere
MQ. Developed utilities to copy, save, monitor and manage Sonic MQ queues.
Unisys Corp, Mission Viejo, CA
IT Consultant
 Participated in the development of a Windows based source code control system (integrated with
Windows Explorer) as a client of the UREP/EMSC Data Repository. Developed techniques for
immediate execution of the product after installation (not requiring a system reboot) and the
installation of system services.
Haral Tsitsivas


Page 3
Stabilized and increased product robustness and marketability by debugging both client and server
code with Rational Purify, identifying and correcting several serious (memory corruption and leakage)
problems.
Developed network discovery tools using Perl that queried servers on the network and displayed
running processes and DLLs in Internet Explorer. Discovery data was converted to XML and
formatted with XSL, in order to be viewed with a standard web browser.
National Security Agency
IT Consultant
 Implemented a chargeback system on Cray UNICOS and integrated the Cray chargeback system
with UNISOL JobAcct running on other Agency computers and platforms.
Unisys Corp, Mission Viejo, CA
IT Consultant
 Upgraded Data Repository product (UREP/EMSC) to Solaris 8 with Sun Forte 6, modifying templates
and other code for the new compiler and OS version. Prepared maintenance releases of the software
for customer distribution.
 Performed initial port of source code control software from Windows NT to Solaris 8.
Department of Management Services, State of Florida
IT Consultant
 Aided in the integration of the UNISOL JobAcct chargeback software within DMS, facilitating the
exchange of chargeback data with legacy chargeback software on legacy mainframes.
 Implemented disk space tracking and chargeback system on department file servers at the user and
project level.
Unisys Corp, Mission Viejo, CA
IT Consultant
 Ported Data Repository product (UREP/EMSC) from Windows NT to Solaris, HP-UX and AIX.
Product consisted of 730,000 lines of C and C++ code and 96,000 lines of Java code interfacing with
the core product via JNI.
 Ported object oriented database (OSMOS) to HP-UX and AIX (written in C and C++). Product
consisted of 580,000 lines of C and C++ code.
 Ported data repository interfaces for the Sybase and Oracle databases from Solaris to HP-UX and
AIX.
 Installed and maintained server computers running Solaris, AIX, HP-UX and Digital True64 Unix.
 Installed and configured Oracle and Sybase databases on Solaris, AIX, HP-UX and NT systems.
US Army Core of Engineers
IT Consultant
 Designed and led the development of a server database usage chargeback system for Oracle 7.x
through 10g. The product tracks session time, CPU usage, memory usage, disk I/O and network I/O
by user and project.
UniSolutions Associates, Dana Point, CA
Principal Consultant / Developer, 1990 - Present
 Managed every aspect of running a small software company, from product design and development,
to product literature and documentation, product introduction, marketing and support. Worked with
customers and potential clients to provide consulting services and product customizations to meet
client requirements. Performed product presentations to clients and wrote white papers for industry
organizations in the areas of computer security and system chargeback.
 Designed and led the development of a UNIX, Linux and Windows (desktop and server) system
resource chargeback system which tracks system connect time, CPU time, memory usage, disk I/O,
pages printed, disk space usage and miscellaneous charges. Reports system usage charges by user,
group, project and/or cost center. Application front-end manages the product's configuration files and
generates chargeback reports for the billing of end-users and projects, and generates tabular and
graphical management reports.
Haral Tsitsivas










Page 4
Designed and led the development of a server database usage chargeback system for Oracle,
Sybase, DB2 and SQL Server. The product tracks session time, CPU usage, memory usage, disk I/O
and network I/O by user and project.
Designed and led the development of a Java based graphical user interface for the chargeback
product that manages configuration files and produces tabular and graphical reports of system usage.
The project was designed using Sun ONE Studio & NetBeans. Online help system was implemented
using javahelp. A version of the application was also developed with an X-Windows/Motif user
interface.
Designed and led the development of an unattended network backup product for UNIX systems with
a Motif user interface. End users can browse the central online database and initiate their own file
restores. The product is compatible with several auto-changer devices with (and without) bar-code
readers using generic and/or pass-through SCSI drivers.
Designed and led the development of an integrated system administration product for UNIX systems
with both a Motif and a curses interface. The product manages user accounts and groups, hosts and
networks, printers, filesystems, NFS and NIS configurations.
Designed and developed a menu oriented novice UNIX user interface with both a Motif and a curses
interface. It allows novice users to perform simple tasks (prompting them for any required command
arguments). Menus and menu items are configurable through text control files.
Developed web page for company presence (framed HTML) with feedback forms (cgi and Perl).
Developed troff to html conversion tool (C programs and Perl scripts) to automatically convert existing
product documentation from troff to HTML.
Worked with ATT to redesign UNISOL JobAcct's user interface and reporting interfaces in order to
conform ATT's requirements for product re-distribution.
The above products were developed on Sun and HP systems and ported to SGI IRIX, IBM AIX, Cray
UNICOS, NCR, SCO UNIX, UnixWare, Sequent, Unisys, Pyramid, Digital UNIX, Ultrix, Linux, Amdahl
UTS, Hitachi OSF1, CDC, Encore, Data General and Windows (NT, 2000, 2003 and XP) systems.
Taught SANS GSEC computer security course as a SANS local mentor in the Orange County area.
Ashton-Tate, Torrance, CA
Senior Member of Technical Staff, 1986 - 1990
 Managed system administration group to support and maintain the development and production
environments serving 200+ application programmers, in four geographic locations.
 Managed the procurement, configuration, and upgrade of a UNIX development environment from one
VAX 11/750 computer to a multi-processor Sequent computer.
 Managed the procurement, configuration, and installation of private WAN using Cisco routers of
closely coupled development network connecting three geographic installations.
 Provided support for all kernel and user level software including bug fixes, package evaluation and
installation, and, software development.
 Developed a prototype Problem Tracking System using the Unify database. Production system was
developed in dBase IV.
 Developed a UNIX to CompuServe e-mail gateway to exchange e-mail with other company
employees on non-UNIX systems.
CITICORP/TTI, Santa Monica, CA
Senior Member of Technical Staff, 1983 - 1986
 Managed a staff of five systems programmers, and three help-desk staff people to support and
maintain the development and production environments serving 400+ application programmers.
 Procurement, configuration, and installation of three VAX 11/780 and one Pyramid 98X computer.
 Provided support for all UNIX kernel and user level software including bug fixes, package evaluation
and installation, and, software development.
 Designed and developed front-end menu programs for file backup and file restoration, file archival
and administrative functions for operations.
Haral Tsitsivas
Page 5
Raytheon Data Systems, Thousand Oaks, CA
System Administrator, 1982 - 1983
 System Administrator of a PDP 11/70 running Unix V7. Tasks included system installation and
system generation, testing and evaluation of software packages and operations training.
 Purchased and modified database software, text editors, device-independent queuing spoolers, forms
packages and other system tools and hardware.
Jet Propulsion Laboratory, Pasadena, CA
Computer Analyst, 1978 - 1982
 Member of an applied math team, developing general-purpose software, such as structured
FORTRAN preprocessors, and front-end command interpreters to the local operating systems in
support of the Voyager and Galileo missions.
 Provided support to users of the developed software installed on several systems and system types.
 Ported FORTRAN preprocessor from UNIVAC EXEC 8 to VAX VMS and IBM mainframes.
 Programmed in MARK IV and FORTRAN G (66) on the IBM 370/158, generating data reduction
reports with data received from the Viking Orbiter and implementing a laser disk map retrieval system
of orbital surface pictures of the Mars surface and related scientific data.