Nicholas H. Schmidt POSITION: Information Technology/Information Assurance Lead Architect DETAILED EXPERIENCE: Information Assurance/Information Technology Lead, Boeing, Huntsville Alabama 2006 – 2008 Recognized within weeks of joining program as an expert in the system security field as well as the overall information technology area. Worked with customer counterparts to Certify and Accredit system for national program. Diligent hard work moved system from 100+ high vulnerabilities to 1. Awarded and recognized by customer Program Manager. As Lead Information Assurance technical lead, created secure baselines and architecture documents. Briefed multiple high level meetings and interfaced weekly with senior level customers. NOC/SOC Architecture used as basis of proposal. Produced over 200 pages of detailed documents pertaining from technology to operating procedures. Architect lead also allowed for system engineering role for specifications, requirements, and schedule/cost impact. Managed team of 15+ individuals not to include 3 subcontractors. Recognizing the importance of advancing a team, worked after hours to ensure technicians were trained and provided guidance. Ability to mentor recognized by customer who also utilizes materials and applications developed for Boeing. A spokesperson and liaison to multiple customers and management, often called upon as technical expert to assist in decision making process for security and information technology issues. Secure Computing Systems Administrator, Boeing, Huntsville Alabama 2006 – 2007 Created network deployment appliance that was able to patch and provide Operating System installs for 4 flavors of Linux, Windows 2000/2003/XP. This project decreased deployment times for classified labs and allowed for better baseline imaging. Provided training videos to allow fellow technicians to learn and replicate good administrator practices on Linux and UNIX systems. Wrote scripts to bring Huntsville Boeing in better Sarbanes-Oxley compliancy by dynamically changing network permissions and reporting. With no budget, created a satellite latency machine to allow programs to test their code under conditions they would experience in real world conditions. Commercial alternative was 40,000 dollars per system. The machine is now installed in 10 different environments providing a savings of 400,000 dollars to the customer. Installed Linux clusters using Beowulf, OpenMOSIX, and OpenSSI technology to transition from SGI server farms. Customer was able to move from proprietary solutions and long-term contracts by using hardware already in place. Wrote security checklists for Defense Security Service inspections on Linux servers and desktops. Provided technical overview on VMWare usage and installation for entire network migrations and consolidations using failover and SAN solutions. Due to increased VMWare usage, was able to live migrate customer’s 3 networks without impact to mission. With a 2-week deadline, created network architecture that spanned 10 remote locations and partners including federal agencies with 2 different classification levels. This required the documentation and planning of an enterprise network complete with monitoring and security scanning. After initial documentation and planning stages, created network servers and implemented all the technology as lead on 3 person team. Senior System Engineer/Administrator, General Dynamics, Keesler AFB Mississippi 2005 – 2006 Created Keesler AFB’s first VMWare Server Farm. The 30-node HP farm provided 750 virtual machines and servers for training use. Not only was the sheer number of available servers increased but also the variety. Created VMWare Sessions running Windows 95Vista, Linux, BSD, Sidewinder, and Plan9. This number increased available nodes by 150%. Total cost of project was zero dollars. Savings to the Air Force estimated at 6 million dollars. Solution was entirely Linux-based. Upgraded 333TRS Core Training Network from IPv4 to IPv6 using Linux V4-V6 tunnels in order to provide students and instructors an early look at the coming DoD Architecture. Created Action Request Servers (Remedy/Etang) in VMWare providing realistic INOSC to NCC ticket flow training. Since Combat Information Transport System provides a customized install CD, had to manually rewrite scripts and environment to fit virtual hardware. Scripts were written in VB, Python, Autoit, and batch files. Created a SCORM compatible distant learning system for training worldwide. The system allowed for online testing and course development while providing students real access to servers. The entire suite was accessible without any distant end firewall configuration. Using Linux, Moodle, SSL VPN, VMWare, and Apache; was able to provide this system at a cost of zero dollars. Administered a network of 170 HP thin clients running Embedded Windows XP. Created customized images for each classroom and the ability for the students to run VNC/X11 from stations. Entire network was administered through an Altiris Deployment suite. Using Python and Autoit programming languages, created installs for HP OpenView, CiscoWorks 2000, and Remedy to streamline process of installs. This took the total time of systems administrator from 8 hours to 20 minutes saving the Air Force an estimated 72,000 dollars a year. Implemented CITS network suites of NetCOP, Etang, Vertias Backup, and AD/DHCP. Managed Cisco network consisting of 6509 Core Routers, 3550 Edge Switch/Routers, and 2500 classroom switches. Also repaired Light Stream 1010 ATM equipment with Avalanche network traffic generators Senior UNIX Test Analyst, Defense Information Systems Agency (DISA), Slidell Louisiana 2005 – 2005 Performed testing on Department of Defense systems utilizing secure and standard UNIX and Linux operating systems including GCCS/COE/NCSE/GCSS. Developed Department of Defense approved Test and Evaluation Plans and Reports for any UNIX system and software. This included developing objectives and procedures with test scenarios to ensure the system met all standard requirements as determined by DoD standards. Advised the Project Manager and or Technical Project Manager on any problems noted during the testing that would affect findings or delay delivery of final results. Using government provided instructions, checklists, test tools, cases, scenarios, and scripts, performed application and operating system software test analysis of software applications and services running on platforms using the following Operating Systems (OS); SUN Solaris 8 and higher, Hewlett-Packard 10.20 and higher and Linux. Analyzing problems encountered to determine if they are the result of the operating system, test tools, DoD software test regulations or the software being tested. If the problem is attributable to the OS, modifies or corrects problem accordingly. Performed tests on database systems e.g., Oracle, Sybase, Informix. Performed tests on web-based design systems. Researched DoD and Government regulations, procedures, etc., in support of testing requirements. Performed troubleshooting tasks on UNIX platforms related to the software testing process. Interact with DCTF personnel to perform quality assurance reviews, collaborating on test issues, and attending meetings or conference calls with program engineers, program managers and developers. Received DoD training for testing security and functionality of web applications. Self-Employed Network Security/Unix Consultant, Shreveport Louisiana 2004 to 2006 Migrated 15 domains from NT4 and Samba 2.3 to newer Samba 3. Using Kix Scripts and VB, kept desktop systems on software baseline with hot fixes and software updates. Reduced deployment time from days to hours. Implemented dual media backup plans for all client servers. Backup jobs were across tape drives and DVD+RW for better reliability. Added ability to simultaneously backup to remote sftp/ftp/webdav. Installed real-time server monitoring to ensure client servers were operational at all times. Upon hardware or software error an email was sent to a pager. This allowed for the tracking of metrics to provide clients with data on performance. Stress tested networks using security scanners, packet generators, and port scans to find weak points before a critical task was at hand. Wrote shell scripts to automate the process of log rotation, backups, and to highlight possible problems throughout syslog messages using cron jobs. Implemented PPTP and IPSEC VPN for clients’ remote work centers using Linux and OpenBSD. Provided disaster recovery for clients that had lost information on RAID controllers and through faulty backups from their IT department. Migrated customers away from Outlook/Exchange to the Mozilla suite to provide better security and scanning. Using OpenExchange, was able to cut costs from licensing and provide more stability while increasing capabilities. Implemented SPAM and virus email gateways to keep clients email loads down. Worked on wireless networks to increase security. Using OpenBSD and a RADIUS server was able to lockdown wireless networks. Also compiled custom firmware for Linksys access points running Linux to further secure clients. Installed snort on all servers to keep real-time stats of intrusion attempts. Created weekly maintenance plans that included verification of backups, review of snort intrusion logs, disk/memory/cpu usage, nessus security scans for vulnerabilities, and upgrades to Operating System and required core software. Using a mixture of Appletalk, Samba, and NFS; was able to have home drives shared across multiple platforms in their native formats. By using standard UNIX username and grouping files; was able to keep permissions and security consistent though all. Network Security Administrator, United States Air Force, MacDill AFB Florida 2002 to 2004 With little formal training came to Network Control Center and became lead technician for Network Administration. Migrated secure network from NT4 based domain to an updated Active Directory domain model. This included changing software push models and update technologies. Integrated Exchange, SUS, NAV, and GPO. Implemented proactive web based server farm monitor providing real-time control and monitoring. System provides automatic updates and pages on call beeper in event of problems. Self-trained on CISCO routers and switches to fix secure network problems. Setup TFTP server and reconfigured all routers and switches to operational state while training peers on advanced network security principles. Created Visual Basic, Kix Scripts, and GPOs correcting security deficiencies. Second base in Air Mobility Command (45,000 man division of the USAF) to achieve capabilities. Configured Air Mobility Command’s first Software Update Services server. Automated virus protection scheme protected entire base during multiple worm outbreaks. Only base in Air Mobility Command to not be infected. Setup became the template for all other bases. Setup Defense Information Systems Agency second operational Software Update Services server to keep secure network up-to-date with current patches. With no formal training took over Secure Computing Sidewinder Firewall. Improved setup by implementing fail over for increased uptime. Administered 2 RedHat Linux Squid-based proxy servers for base. Setup bash scripts and cron jobs to automatically tailor logs and email administrator. Implemented NTLM authentication to prohibit unauthorized use. Migrated Linux proxy servers to Air Force standard BlueCoat proxy. With no technical guidance took these machines from box to operational mode and migrated all previous proxy configurations. First base in Air Mobility Command to implement NTLM authentication and port openings for various specialty functions on the base. Hand selected by base Chief Executive Officer to support CORONA conference. Maintaining an unprecedented 99.97% uptime on both unclassified and classified machines in direct support of Secretary of the Air Force and Chief of Staff of the Air Force. Worked with Pentagon and 20 other base network officials to coordinate firewall access for VPN and Citrix clients. Wrote security policies for MacDill Network Control Center governing all aspects of asset utilization. Single-handedly rewrote entire process for firewall and VPN requests and installs. EDUCATION: Bachelor of Science (BS) in Information Technology Minneapolis, MN; 2008-Present Pursing a degree program to better myself and the career opportunities afforded BIP200 Advance Security Keesler AFB, MS; 2004-2004 Secure networks from desktop to firewall Advanced CISCO techniques for ACL and configuration GPO and login scripts Active Directory fundamentals and its use in computer security Securing CITS Suite of servers using Symantec Antivirus, Intruder Alert, and Enterprise Security Manager Use of Internet Security Systems Scanner to find problems on networks Security with Linux; use of ettercap, tcpdump, nmap, nessus, and other utilities Highest-level course in the Air Force for Network Security. One of only two E3 in class 5 Skill Level Training MacDill AFB, FL; 2002-2003 Computer and Emission Security Continuation of computer and network principles 100% Qualified for Network Administration and Boundary Information Protection 3C0x1 USAF School Keesler AFB, MS; 2002-2002 Basic Computer Maintenance Microsoft NT Server/Workstation Configuration and Implementation Solaris 7/8 in a networked environment Fundamentals of network topologies CERTIFICATIONS: Computer Operator (3c0x1) USAF Journey Man 5 skill level USAF Messaging Technician Exchange Technician Active Directory Basic Active Directory Advanced Sidewinder Firewall Advanced Internet Security Scanner Solaris 9 Administrator Linux Administrator SECURITY CLEARANCE: DEPARTMENT OF HOMELAND SECURITY SUTIABILITY FULL-BI (LES) TOP SECRET SCI, DOD, 2004 (ACTIVE) COMPUTER EXPERIENCE: Hardware: IBM Compatible PC, Micro VAX, Apple Macintosh, Sun, Network Management Hardware, LAN/WAN Hardware, Embedded xScale/z80/mips, BeBox, SGI Workstations, Newton, Amiga, DEC Alpha Software: Samba, Apache, Sendmail, Postfix, BIND, qMail, Exchange 5.5 - 2003, MSSQL 2000, IIS 4-6, Squid, Sidewinder, ClamAV, Novell Groupwise, Novell NDS, Cyrus-imapd, Veritas Backup, Norton Ghost, Bluecoat, Symantec AV Mail Relay, Symantec Intruder Alert, Symantec Eneterprise Security Manager, Symantec Antivirus Corporate, VSFTP, OpenSSH, VMWare ESX, VMWare GSX/Server, VMWare Workstation, VMWare P2V, Altiris Deployment Server Programming Languages: BASIC, SQL, PHP, ASP, Mono, C#, VB.NET, VBscript, Javascript, Java, Perl, Python, Ruby, Bash Database: ORACLE, Sybase, Beehive, PostgreSQL, MySQL, SQLite, Access, Microsoft SQL, XML, Berkely DB Operating Systems: MS Windows 3.1-Vista, Windows NT 3.51-2003, DOS, OS/2, Linux, FreeBSD, OpenBSD, NetBSD, QNX, MacOS 6-10, Plan9, Inferno, Sidewinder, Solaris 7-10, OpenSolaris, HP-UX, VMWare ESX, and Embedded Windows CE/XP. Networking Communications: Network Design, Network Management Software, Transmission Software, LAN/WAN Software Tools: HP Openview, Nagios, Cheops, nmap, ettercap, tcpdump, Nessus, ISS Scanner, NTOP, MRTG, NetIQ Application Manager, NetIQ Active Directory Manager, NetIQ GPO Policy Creator, Remedy ARS, Smarts INCharge, NetIQ App Manager, CiscoWorks 2000, Symanetc Intruder Alert, Symantec Enterprise Security Manager