Summary: Over 35 years progressively responsible positions in Information Technology. * CISSP Certification * ITIL Foundation Certification * GREM Certification * Security Manager with proven track record in maintaining secure architecture * Responsible for the safety and security of 2,500 Financial institutions and over 9-million end-users * Maintained fraud rates of less than 0.1% overall * Created and maintained Security Analytics Engine to expose unseen risk. * Experienced in resolving FFIEC, SOX and SAS-70 Audits * Security Analyst experience with all phases of computer security: computer viruses, Hacking / Phreaking techniques and tools * Software Engineer and Architect with experience developing applications with OOD techniques. * Technical Manager with the ability to lead multiple programming teams to achieve on-time project closure. * Able to perform forensic analysis and data recovery from Virus or otherwise damaged hard disks. * Experienced in the art of reverse-engineering and disassembling of malware. * Intimate knowledge and experience with 80x86 INTEL assembly language. * Able to write device drivers and other low-level system-type code. * In-depth knowledge of, and experience with, the internals of personal computers, UNIX workstations, mainframe computers, networks and diverse operating systems * Positive, Problem-Solving Attitude with the Hands-on Knowledge to get the job done right. * Management of teams of up to 25 staff.. * Bit-level knowledge of the operating systems allows the creation of tighter, more efficient software and more secure hardware connectivity. Accomplishments * Passed SANS REM course FOR610 * Passed SANS Windows Forensic Analysis course FOR408 * Created SANS-compliant Malware Analysis Lab for CVS CSIRT * Installation of IDA Pro as a malware analysis tool Wipro - InfoCrossing Technical Security Specialist 3, Open Systems Security - 04/14 to 12/14 Reason for leaving: Offered position at CVS Healthcare Duties * Monitoring customer security in a multi-tenant MSP. * Overseeing a staff of 5 Security Engineers. * Forensic analysis of machines and hard disks. * Disassembly and analysis of malware and investigation of infected machines. * Performed Security Vulnerability Assessments regularly. * Security Patching of Wipro internal and customer servers * Investigated hacking, intrusion attempts, collected evidence * Responsible for Anti-Virus, Vulnerability Assessments and Security Patching for all Contracted Tenants * Responsible for granting access and identity management internally and for contracted tenants * Responsible for on-boarding and building of contracted tenant security infrastructure Accomplishments * Upgraded Symantec Altiris product from v6.2 to v7.5 * Installation Of HP ArcSight for log storage * Installation Of CA GovernanceMinder Insight Global Contractor working at Wipro/InfoCrossing - 01/14 to 04/14 Reason for leaving: Became FTE of Wipro/InfoCrossing Duties * Monitoring customer security in a multi-tenant MSP. * Overseeing a staff of 5 Security Engineers. * Forensic analysis of machines and hard disks. * Disassembly and analysis of malware and investigation of infected machines. * Performed Security Vulnerability Assessments regularly. * Security Patching of Wipro internal and customer servers * Investigated hacking, intrusion attempts, collected evidence * Responsible for Anti-Virus, Vulnerability Assessments and Security Patching for all Contracted Tenants * Responsible for granting access and identity management internally and for contracted tenants * Responsible for on-boarding and building of contracted tenant security infrastructure Accomplishments * Upgraded Symantec Altiris product from v6.2 to v7.5 * Began Installation Of HP ArcSight for log storage * Began Installation Of CA GovernanceMinder Chas. Schwab & Co. SENIOR STAFF SECURITY ANALYST - 04/09 to 01/14 Reason for leaving: Seeking better position Duties * Monitoring systems, using ArcSight for anomalies/intrusions/malware. * Creation of many in-house tools for monitoring and analysis of security issues. * Forensic analysis of machines and hard disks. * Disassembly and analysis of malware and investigation of infected machines. * Performed Security Assessments of all products before allowing them to be rolled into production. * Member of Security Incident Response team * Investigated all hacking, intrusion attempts, collected evidence * Performed regular event monitoring to detect intrusion attempts and other fraud * Responsible for both hardware and software solutions * Architect for Security Reporter in-house product * Experienced and successful in resolving external audits as well as Schwab internal audits * Collected documentation and prepared management responses for all audits * Maintained and enforced stringent best-practices policies to ensure the safety and integrity of our clients * Performed quality, ongoing training for professional staff to ensure highest levels of technical competence Accomplishments * Highest yearly rating of "Far Exceeds Expectations" 3 years in a row. * Architect and creator of the Security Reporter, a security analytics product * Created security analytics methodology to merge and analyze gigabytes of internal data to expose vulnerabilities * Worked with the executive support team to ensure the highest security of critical systems and executive laptops * Wrote the malware disaster recovery plan * Attended and Passed SANS FOR408 Forensics class * Attended and Passed Red Hat System Administration 124 class Digital Insight / Intuit MANAGER, SECURITY & FRAUD - 11/04 to 03/09 Reason for leaving: Economic changes within Intuit Duties * Responsible for all security issues: Intrusion Detection Anti-Virus Firewalls etc. * Responsible for all fraud investigations and resolution, worked with Federal and local authorities. * Led a staff of 15 Security Professionals under Intuit's High Performance Organization * Reported directly to the VP of Security, Scott Mackelprang * Maintained network and application security for 2,500 Financial Institutions and over 9-million end-users * Performed regular penetration testing and analysis on all servers * Member of Security Incident Response team * Investigated all reports of fraud * Investigated all hacking, intrusion attempts, collected evidence and worked with law enforcement * Performed regular event monitoring to detect intrusion attempts and other fraud * Responsible for both hardware and software solutions * Architects for Security Project Solutions * Experienced and successful in resolving SAS-70, SOX and FFIEC audits as well as Intuit internal audits * Collected documentation and prepared management responses for all audits * Maintained and enforced stringent best-practices policies to ensure the safety and integrity of our clients * Interfaced directly with financial institutions to resolve customer issues * Performed quality, ongoing training for professional staff to ensure highest levels of technical competence Accomplishments * Zero security breaches during my time at Digital Insight * Zero negative security stories in any media during my time at Digital Insight * Fraud level across all Financial Institutions at less than 0.1% during my time at Digital Insight * Members of my team obtained two security patents * Oversaw yearly budget of over 4 million dollars * Oversaw the gathering and correlation of company-wide security logs to create a comprehensive forensic engine * Oversaw the implementation of forensic analysis and event monitoring tools First Data Corp./Cardservice International / Linkpoint International SENIOR SECURITY ADMINISTRATOR - 6/00 to 11/04 Reason for leaving: Company consolidating this department to Denver facility Duties * Responsible for all security issues: Intrusion Detection Anti-Virus etc. * Maintained network security for 50,000 merchants doing real-time credit card processing * Member of the Security Incident Response team * Investigate cyber-fraud and hacking attempts, prepare evidence * Monitor security logs for hacking attempts * Ensure compliance with PCI standards * Participate in and resolve issues with PCI and SAS-70 audits * Performed regular penetration testing and analysis on all internet exposed servers * Responsible for both hardware and software solutions * Architects for Programming/Project Solutions * Gather Project Specifications, Resources and Time Estimates * Insure Schedules are Met * Responsible for creation of the 'LEN' network * Interface Issues between Developers and Customers * Technical Mentor to Junior Staff (Best Practices, Coding/Architectural Questions). Accomplishments * Created /maintained separate security domain for developers / QA staff * Promoted to Network Administrator of the 'LEN' * Promoted to Security Administrator of the Linkpoint Gateway MerchanTrust PROJECT SECURITY/INTEGRATION MANAGER - 10/99 to 4/00 Reason for leaving: Company purchased by East Coast firm, contract changed Duties * Insure All Software Meets Security Requirements * Analyze and Maintain Server - Level Security * Research Methods to Foil Hostile Penetration * Architects for Programming/Project Solutions * Work with Sales and Professional Services to produce 'Statement of Work' * Gather Project Specifications, Resources and Time Estimates * Produce Project Plans, Timelines and Charts * Interface Issues between Developers and Customers * Technical Mentor to Junior Staff (Best Practices, Coding/Architectural Questions Accomplishments * Brought in the 'ECX' Project on-time (A MerchanTrust first) * Handled 5 Major Projects Simultaneously Countrywide Home Loans SENIOR ENGINEER - 10/98 to 10/99 Reason for leaving: Company reorganized 3 levels of management, consolidated departments Duties * Administration and Troubleshooting of 24 Websites * Responsible for Security on all websites * Installed / Maintained SiteMinder Security * Aggressively and Proactively Foil all Hacking Attempts * Perform Penetration Testing to Maintain Security * Provide Demonstration code and Object/Business Models to lower-level software developers * Create Low-Level Tools for Ease of WebSite Administration * Installed / Maintained Netscape Directory Server * Installed / Maintained NetDynamics Servers * Involved with Both Hardware and Software Solutions Accomplishments * Created the 'EASITOOL' to allow Support Personnel to Check Status of, and Redirect Sites * Created the 'NETOOL', a Full-Featured version of EASITOOL for Primary Administrators * Promoted to Lead Engineer of the Enterprise Architecture Services Division. * Provided Mentoring and Best-Practices Resource for Corporate Developers QAD Inc. SENIOR SOFTWARE ENGINEER - 5/97 to 10/98 Reason for leaving: Financial problems, company stock price fell from $20 to $1 Duties * Designing Security Methodology to foil data theft. * Provide Proof of Concept demonstrations and scenarios of new technology. * Analyze and provide feasibility studies of new and emerging technologies. * Find technology solutions for existing and upcoming business needs. * Mentor QAD's New Technology Group. * Provide Demonstration code and Object/Business Models to lower-level software developers. Accomplishments * Created programs to foil reverse engineering our Java classes. * Created ActiveX controls to communicate via CORBA. * Created DHTML / ASP pages that communicate via CORBA. * Designed and developed encryption methodologies for use in JavaBeans. * Designed wireless Windows/CE solution for 'Access Anywhere' project. * Designed and developed security methodologies via firmware iButton technology (JavaRing). * Won the 'QAD Champion' Award for my work on the ON/Q project. CyberMedia Corp. SENIOR SOFTWARE ENGINEER - 6/96 to 5/97 Reason for leaving: Company sold and merged with new parent Duties * Architecture and development of new commercial software. * Reverse Engineering (disassembly) of Windows. * Designing Security Methodology to foil software piracy. * Architecture and development of new In-House Technical Support/Customer Service Tools. * Design and development of Internet-based Credit Card Billing System. * Design and development of SQL Database solutions for customer tracking. * PC/Workstation/LAN Security Accomplishments * Worked with software security group to design client-server security solutions. * Senior Engineer on the 'OILCHANGE' Project. * Wrote the Internet Communication Modules for OilChange using WinInet/Winsock. * Designed and Developed an in-house anonymous e-mailer for marketing use. * Designed and Developed an in-house, web-based Credit Card Purchase System for OilChange. * Designed and Developed an in-house, web-based Technical Support/Customer Service Tool. Accomplishments * Upgraded Symantec Altiris product from v6.2 to v7.5 * Installation Of HP ArcSight for log storage * Installation Of CA GovernanceMinder Insight Global Contractor working at Wipro/InfoCrossing - 01/14 to 04/14 Reason for leaving: Became FTE of Wipro/InfoCrossing Duties * Monitoring customer security in a multi-tenant MSP. * Overseeing a staff of 5 Security Engineers. * Forensic analysis of machines and hard disks. * Disassembly and analysis of malware and investigation of infected machines. * Performed Security Vulnerability Assessments regularly. * Security Patching of Wipro internal and customer servers * Investigated hacking, intrusion attempts, collected evidence * Responsible for Anti-Virus, Vulnerability Assessments and Security Patching for all Contracted Tenants * Responsible for granting access and identity management internally and for contracted tenants * Responsible for on-boarding and building of contracted tenant security infrastructure Accomplishments * Upgraded Symantec Altiris product from v6.2 to v7.5 * Began Installation Of HP ArcSight for log storage * Began Installation Of CA GovernanceMinder Chas. Schwab & Co. SENIOR STAFF SECURITY ANALYST - 04/09 to 01/14 Reason for leaving: Seeking better position Duties * Monitoring systems, using ArcSight for anomalies/intrusions/malware. * Creation of many in-house tools for monitoring and analysis of security issues. * Forensic analysis of machines and hard disks. * Disassembly and analysis of malware and investigation of infected machines. * Performed Security Assessments of all products before allowing them to be rolled into production. * Member of Security Incident Response team * Investigated all hacking, intrusion attempts, collected evidence * Performed regular event monitoring to detect intrusion attempts and other fraud * Responsible for both hardware and software solutions * Architect for Security Reporter in-house product * Experienced and successful in resolving external audits as well as Schwab internal audits * Collected documentation and prepared management responses for all audits * Maintained and enforced stringent best-practices policies to ensure the safety and integrity of our clients * Performed quality, ongoing training for professional staff to ensure highest levels of technical competence Accomplishments * Highest yearly rating of "Far Exceeds Expectations" 3 years in a row. * Architect and creator of the Security Reporter, a security analytics product * Created security analytics methodology to merge and analyze gigabytes of internal data to expose vulnerabilities * Worked with the executive support team to ensure the highest security of critical systems and executive laptops * Wrote the malware disaster recovery plan * Attended and Passed SANS FOR408 Forensics class * Attended and Passed Red Hat System Administration 124 class Digital Insight / Intuit MANAGER, SECURITY & FRAUD - 11/04 to 03/09 Reason for leaving: Economic changes within Intuit Duties * Responsible for all security issues: Intrusion Detection Anti-Virus Firewalls etc. * Responsible for all fraud investigations and resolution, worked with Federal and local authorities. * Led a staff of 15 Security Professionals under Intuit's High Performance Organization * Reported directly to the VP of Security, Scott Mackelprang * Maintained network and application security for 2,500 Financial Institutions and over 9-million end-users * Performed regular penetration testing and analysis on all servers * Member of Security Incident Response team * Investigated all reports of fraud * Investigated all hacking, intrusion attempts, collected evidence and worked with law enforcement * Performed regular event monitoring to detect intrusion attempts and other fraud * Responsible for both hardware and software solutions * Architects for Security Project Solutions * Experienced and successful in resolving SAS-70, SOX and FFIEC audits as well as Intuit internal audits * Collected documentation and prepared management responses for all audits * Maintained and enforced stringent best-practices policies to ensure the safety and integrity of our clients * Interfaced directly with financial institutions to resolve customer issues * Performed quality, ongoing training for professional staff to ensure highest levels of technical competence Accomplishments * Zero security breaches during my time at Digital Insight * Zero negative security stories in any media during my time at Digital Insight * Fraud level across all Financial Institutions at less than 0.1% during my time at Digital Insight * Members of my team obtained two security patents * Oversaw yearly budget of over 4 million dollars * Oversaw the gathering and correlation of company-wide security logs to create a comprehensive forensic engine * Oversaw the implementation of forensic analysis and event monitoring tools First Data Corp./Cardservice International / Linkpoint International SENIOR SECURITY ADMINISTRATOR - 6/00 to 11/04 Reason for leaving: Company consolidating this department to Denver facility Duties * Responsible for all security issues: Intrusion Detection Anti-Virus etc. * Maintained network security for 50,000 merchants doing real-time credit card processing * Member of the Security Incident Response team * Investigate cyber-fraud and hacking attempts, prepare evidence * Monitor security logs for hacking attempts * Ensure compliance with PCI standards * Participate in and resolve issues with PCI and SAS-70 audits * Performed regular penetration testing and analysis on all internet exposed servers * Responsible for both hardware and software solutions * Architects for Programming/Project Solutions * Gather Project Specifications, Resources and Time Estimates * Insure Schedules are Met * Responsible for creation of the 'LEN' network * Interface Issues between Developers and Customers * Technical Mentor to Junior Staff (Best Practices, Coding/Architectural Questions). Accomplishments * Created /maintained separate security domain for developers / QA staff * Promoted to Network Administrator of the 'LEN' * Promoted to Security Administrator of the Linkpoint Gateway MerchanTrust PROJECT SECURITY/INTEGRATION MANAGER - 10/99 to 4/00 Reason for leaving: Company purchased by East Coast firm, contract changed Duties * Insure All Software Meets Security Requirements * Analyze and Maintain Server - Level Security * Research Methods to Foil Hostile Penetration * Architects for Programming/Project Solutions * Work with Sales and Professional Services to produce 'Statement of Work' * Gather Project Specifications, Resources and Time Estimates * Produce Project Plans, Timelines and Charts * Interface Issues between Developers and Customers * Technical Mentor to Junior Staff (Best Practices, Coding/Architectural Questions Accomplishments * Brought in the 'ECX' Project on-time (A MerchanTrust first) * Handled 5 Major Projects Simultaneously Countrywide Home Loans SENIOR ENGINEER - 10/98 to 10/99 Reason for leaving: Company reorganized 3 levels of management, consolidated departments Duties * Administration and Troubleshooting of 24 Websites * Responsible for Security on all websites * Installed / Maintained SiteMinder Security * Aggressively and Proactively Foil all Hacking Attempts * Perform Penetration Testing to Maintain Security * Provide Demonstration code and Object/Business Models to lower-level software developers * Create Low-Level Tools for Ease of WebSite Administration * Installed / Maintained Netscape Directory Server * Installed / Maintained NetDynamics Servers * Involved with Both Hardware and Software Solutions Accomplishments * Created the 'EASITOOL' to allow Support Personnel to Check Status of, and Redirect Sites * Created the 'NETOOL', a Full-Featured version of EASITOOL for Primary Administrators * Promoted to Lead Engineer of the Enterprise Architecture Services Division. * Provided Mentoring and Best-Practices Resource for Corporate Developers QAD Inc. SENIOR SOFTWARE ENGINEER - 5/97 to 10/98 Reason for leaving: Financial problems, company stock price fell from $20 to $1 Duties * Designing Security Methodology to foil data theft. * Provide Proof of Concept demonstrations and scenarios of new technology. * Analyze and provide feasibility studies of new and emerging technologies. * Find technology solutions for existing and upcoming business needs. * Mentor QAD's New Technology Group. * Provide Demonstration code and Object/Business Models to lower-level software developers. Accomplishments * Created programs to foil reverse engineering our Java classes. * Created ActiveX controls to communicate via CORBA. * Created DHTML / ASP pages that communicate via CORBA. * Designed and developed encryption methodologies for use in JavaBeans. * Designed wireless Windows/CE solution for 'Access Anywhere' project. * Designed and developed security methodologies via firmware iButton technology (JavaRing). * Won the 'QAD Champion' Award for my work on the ON/Q project. CyberMedia Corp. SENIOR SOFTWARE ENGINEER - 6/96 to 5/97 Reason for leaving: Company sold and merged with new parent Duties * Architecture and development of new commercial software. * Reverse Engineering (disassembly) of Windows. * Designing Security Methodology to foil software piracy. * Architecture and development of new In-House Technical Support/Customer Service Tools. * Design and development of Internet-based Credit Card Billing System. * Design and development of SQL Database solutions for customer tracking. * PC/Workstation/LAN Security Accomplishments * Worked with software security group to design client-server security solutions. * Senior Engineer on the 'OILCHANGE' Project. * Wrote the Internet Communication Modules for OilChange using WinInet/Winsock. * Designed and Developed an in-house anonymous e-mailer for marketing use. * Designed and Developed an in-house, web-based Credit Card Purchase System for OilChange. * Designed and Developed an in-house, web-based Technical Support/Customer Service Tool. Accomplishments * Upgraded Symantec Altiris product from v6.2 to v7.5 * Began Installation Of HP ArcSight for log storage * Began Installation Of CA GovernanceMinder Chas. Schwab & Co. SENIOR STAFF SECURITY ANALYST - 04/09 to 01/14 Reason for leaving: Seeking better position Duties * Monitoring systems, using ArcSight for anomalies/intrusions/malware. * Creation of many in-house tools for monitoring and analysis of security issues. * Forensic analysis of machines and hard disks. * Disassembly and analysis of malware and investigation of infected machines. * Performed Security Assessments of all products before allowing them to be rolled into production. * Member of Security Incident Response team * Investigated all hacking, intrusion attempts, collected evidence * Performed regular event monitoring to detect intrusion attempts and other fraud * Responsible for both hardware and software solutions * Architect for Security Reporter in-house product * Experienced and successful in resolving external audits as well as Schwab internal audits * Collected documentation and prepared management responses for all audits * Maintained and enforced stringent best-practices policies to ensure the safety and integrity of our clients * Performed quality, ongoing training for professional staff to ensure highest levels of technical competence Accomplishments * Highest yearly rating of "Far Exceeds Expectations" 3 years in a row. * Architect and creator of the Security Reporter, a security analytics product * Created security analytics methodology to merge and analyze gigabytes of internal data to expose vulnerabilities * Worked with the executive support team to ensure the highest security of critical systems and executive laptops * Wrote the malware disaster recovery plan * Attended and Passed SANS FOR408 Forensics class * Attended and Passed Red Hat System Administration 124 class Digital Insight / Intuit MANAGER, SECURITY & FRAUD - 11/04 to 03/09 Reason for leaving: Economic changes within Intuit Duties * Responsible for all security issues: Intrusion Detection Anti-Virus Firewalls etc. * Responsible for all fraud investigations and resolution, worked with Federal and local authorities. * Led a staff of 15 Security Professionals under Intuit's High Performance Organization * Reported directly to the VP of Security, Scott Mackelprang * Maintained network and application security for 2,500 Financial Institutions and over 9-million end-users * Performed regular penetration testing and analysis on all servers * Member of Security Incident Response team * Investigated all reports of fraud * Investigated all hacking, intrusion attempts, collected evidence and worked with law enforcement * Performed regular event monitoring to detect intrusion attempts and other fraud * Responsible for both hardware and software solutions * Architects for Security Project Solutions * Experienced and successful in resolving SAS-70, SOX and FFIEC audits as well as Intuit internal audits * Collected documentation and prepared management responses for all audits * Maintained and enforced stringent best-practices policies to ensure the safety and integrity of our clients * Interfaced directly with financial institutions to resolve customer issues * Performed quality, ongoing training for professional staff to ensure highest levels of technical competence Accomplishments * Zero security breaches during my time at Digital Insight * Zero negative security stories in any media during my time at Digital Insight * Fraud level across all Financial Institutions at less than 0.1% during my time at Digital Insight * Members of my team obtained two security patents * Oversaw yearly budget of over 4 million dollars * Oversaw the gathering and correlation of company-wide security logs to create a comprehensive forensic engine * Oversaw the implementation of forensic analysis and event monitoring tools First Data Corp./Cardservice International / Linkpoint International SENIOR SECURITY ADMINISTRATOR - 6/00 to 11/04 Reason for leaving: Company consolidating this department to Denver facility Duties * Responsible for all security issues: Intrusion Detection Anti-Virus etc. * Maintained network security for 50,000 merchants doing real-time credit card processing * Member of the Security Incident Response team * Investigate cyber-fraud and hacking attempts, prepare evidence * Monitor security logs for hacking attempts * Ensure compliance with PCI standards * Participate in and resolve issues with PCI and SAS-70 audits * Performed regular penetration testing and analysis on all internet exposed servers * Responsible for both hardware and software solutions * Architects for Programming/Project Solutions * Gather Project Specifications, Resources and Time Estimates * Insure Schedules are Met * Responsible for creation of the 'LEN' network * Interface Issues between Developers and Customers * Technical Mentor to Junior Staff (Best Practices, Coding/Architectural Questions). Accomplishments * Created /maintained separate security domain for developers / QA staff * Promoted to Network Administrator of the 'LEN' * Promoted to Security Administrator of the Linkpoint Gateway MerchanTrust PROJECT SECURITY/INTEGRATION MANAGER - 10/99 to 4/00 Reason for leaving: Company purchased by East Coast firm, contract changed Duties * Insure All Software Meets Security Requirements * Analyze and Maintain Server - Level Security * Research Methods to Foil Hostile Penetration * Architects for Programming/Project Solutions * Work with Sales and Professional Services to produce 'Statement of Work' * Gather Project Specifications, Resources and Time Estimates * Produce Project Plans, Timelines and Charts * Interface Issues between Developers and Customers * Technical Mentor to Junior Staff (Best Practices, Coding/Architectural Questions Accomplishments * Brought in the 'ECX' Project on-time (A MerchanTrust first) * Handled 5 Major Projects Simultaneously Countrywide Home Loans SENIOR ENGINEER - 10/98 to 10/99 Reason for leaving: Company reorganized 3 levels of management, consolidated departments Duties * Administration and Troubleshooting of 24 Websites * Responsible for Security on all websites * Installed / Maintained SiteMinder Security * Aggressively and Proactively Foil all Hacking Attempts * Perform Penetration Testing to Maintain Security * Provide Demonstration code and Object/Business Models to lower-level software developers * Create Low-Level Tools for Ease of WebSite Administration * Installed / Maintained Netscape Directory Server * Installed / Maintained NetDynamics Servers * Involved with Both Hardware and Software Solutions Accomplishments * Created the 'EASITOOL' to allow Support Personnel to Check Status of, and Redirect Sites * Created the 'NETOOL', a Full-Featured version of EASITOOL for Primary Administrators * Promoted to Lead Engineer of the Enterprise Architecture Services Division. * Provided Mentoring and Best-Practices Resource for Corporate Developers QAD Inc. SENIOR SOFTWARE ENGINEER - 5/97 to 10/98 Reason for leaving: Financial problems, company stock price fell from $20 to $1 Duties * Designing Security Methodology to foil data theft. * Provide Proof of Concept demonstrations and scenarios of new technology. * Analyze and provide feasibility studies of new and emerging technologies. * Find technology solutions for existing and upcoming business needs. * Mentor QAD's New Technology Group. * Provide Demonstration code and Object/Business Models to lower-level software developers. Accomplishments * Created programs to foil reverse engineering our Java classes. * Created ActiveX controls to communicate via CORBA. * Created DHTML / ASP pages that communicate via CORBA. * Designed and developed encryption methodologies for use in JavaBeans. * Designed wireless Windows/CE solution for 'Access Anywhere' project. * Designed and developed security methodologies via firmware iButton technology (JavaRing). * Won the 'QAD Champion' Award for my work on the ON/Q project. CyberMedia Corp. SENIOR SOFTWARE ENGINEER - 6/96 to 5/97 Reason for leaving: Company sold and merged with new parent Duties * Architecture and development of new commercial software. * Reverse Engineering (disassembly) of Windows. * Designing Security Methodology to foil software piracy. * Architecture and development of new In-House Technical Support/Customer Service Tools. * Design and development of Internet-based Credit Card Billing System. * Design and development of SQL Database solutions for customer tracking. * PC/Workstation/LAN Security Accomplishments * Worked with software security group to design client-server security solutions. * Senior Engineer on the 'OILCHANGE' Project. * Wrote the Internet Communication Modules for OilChange using WinInet/Winsock. * Designed and Developed an in-house anonymous e-mailer for marketing use. * Designed and Developed an in-house, web-based Credit Card Purchase System for OilChange. * Designed and Developed an in-house, web-based Technical Support/Customer Service Tool. Accomplishments * Highest yearly rating of "Far Exceeds Expectations" 3 years in a row. * Architect and creator of the Security Reporter, a security analytics product * Created security analytics methodology to merge and analyze gigabytes of internal data to expose vulnerabilities * Worked with the executive support team to ensure the highest security of critical systems and executive laptops * Wrote the malware disaster recovery plan * Attended and Passed SANS FOR408 Forensics class * Attended and Passed Red Hat System Administration 124 class Digital Insight / Intuit MANAGER, SECURITY & FRAUD - 11/04 to 03/09 Reason for leaving: Economic changes within Intuit Duties * Responsible for all security issues: Intrusion Detection Anti-Virus Firewalls etc. * Responsible for all fraud investigations and resolution, worked with Federal and local authorities. * Led a staff of 15 Security Professionals under Intuit's High Performance Organization * Reported directly to the VP of Security, Scott Mackelprang * Maintained network and application security for 2,500 Financial Institutions and over 9-million end-users * Performed regular penetration testing and analysis on all servers * Member of Security Incident Response team * Investigated all reports of fraud * Investigated all hacking, intrusion attempts, collected evidence and worked with law enforcement * Performed regular event monitoring to detect intrusion attempts and other fraud * Responsible for both hardware and software solutions * Architects for Security Project Solutions * Experienced and successful in resolving SAS-70, SOX and FFIEC audits as well as Intuit internal audits * Collected documentation and prepared management responses for all audits * Maintained and enforced stringent best-practices policies to ensure the safety and integrity of our clients * Interfaced directly with financial institutions to resolve customer issues * Performed quality, ongoing training for professional staff to ensure highest levels of technical competence Accomplishments * Zero security breaches during my time at Digital Insight * Zero negative security stories in any media during my time at Digital Insight * Fraud level across all Financial Institutions at less than 0.1% during my time at Digital Insight * Members of my team obtained two security patents * Oversaw yearly budget of over 4 million dollars * Oversaw the gathering and correlation of company-wide security logs to create a comprehensive forensic engine * Oversaw the implementation of forensic analysis and event monitoring tools First Data Corp./Cardservice International / Linkpoint International SENIOR SECURITY ADMINISTRATOR - 6/00 to 11/04 Reason for leaving: Company consolidating this department to Denver facility Duties * Responsible for all security issues: Intrusion Detection Anti-Virus etc. * Maintained network security for 50,000 merchants doing real-time credit card processing * Member of the Security Incident Response team * Investigate cyber-fraud and hacking attempts, prepare evidence * Monitor security logs for hacking attempts * Ensure compliance with PCI standards * Participate in and resolve issues with PCI and SAS-70 audits * Performed regular penetration testing and analysis on all internet exposed servers * Responsible for both hardware and software solutions * Architects for Programming/Project Solutions * Gather Project Specifications, Resources and Time Estimates * Insure Schedules are Met * Responsible for creation of the 'LEN' network * Interface Issues between Developers and Customers * Technical Mentor to Junior Staff (Best Practices, Coding/Architectural Questions). Accomplishments * Created /maintained separate security domain for developers / QA staff * Promoted to Network Administrator of the 'LEN' * Promoted to Security Administrator of the Linkpoint Gateway MerchanTrust PROJECT SECURITY/INTEGRATION MANAGER - 10/99 to 4/00 Reason for leaving: Company purchased by East Coast firm, contract changed Duties * Insure All Software Meets Security Requirements * Analyze and Maintain Server - Level Security * Research Methods to Foil Hostile Penetration * Architects for Programming/Project Solutions * Work with Sales and Professional Services to produce 'Statement of Work' * Gather Project Specifications, Resources and Time Estimates * Produce Project Plans, Timelines and Charts * Interface Issues between Developers and Customers * Technical Mentor to Junior Staff (Best Practices, Coding/Architectural Questions Accomplishments * Brought in the 'ECX' Project on-time (A MerchanTrust first) * Handled 5 Major Projects Simultaneously Countrywide Home Loans SENIOR ENGINEER - 10/98 to 10/99 Reason for leaving: Company reorganized 3 levels of management, consolidated departments Duties * Administration and Troubleshooting of 24 Websites * Responsible for Security on all websites * Installed / Maintained SiteMinder Security * Aggressively and Proactively Foil all Hacking Attempts * Perform Penetration Testing to Maintain Security * Provide Demonstration code and Object/Business Models to lower-level software developers * Create Low-Level Tools for Ease of WebSite Administration * Installed / Maintained Netscape Directory Server * Installed / Maintained NetDynamics Servers * Involved with Both Hardware and Software Solutions Accomplishments * Created the 'EASITOOL' to allow Support Personnel to Check Status of, and Redirect Sites * Created the 'NETOOL', a Full-Featured version of EASITOOL for Primary Administrators * Promoted to Lead Engineer of the Enterprise Architecture Services Division. * Provided Mentoring and Best-Practices Resource for Corporate Developers QAD Inc. SENIOR SOFTWARE ENGINEER - 5/97 to 10/98 Reason for leaving: Financial problems, company stock price fell from $20 to $1 Duties * Designing Security Methodology to foil data theft. * Provide Proof of Concept demonstrations and scenarios of new technology. * Analyze and provide feasibility studies of new and emerging technologies. * Find technology solutions for existing and upcoming business needs. * Mentor QAD's New Technology Group. * Provide Demonstration code and Object/Business Models to lower-level software developers. Accomplishments * Created programs to foil reverse engineering our Java classes. * Created ActiveX controls to communicate via CORBA. * Created DHTML / ASP pages that communicate via CORBA. * Designed and developed encryption methodologies for use in JavaBeans. * Designed wireless Windows/CE solution for 'Access Anywhere' project. * Designed and developed security methodologies via firmware iButton technology (JavaRing). * Won the 'QAD Champion' Award for my work on the ON/Q project. CyberMedia Corp. SENIOR SOFTWARE ENGINEER - 6/96 to 5/97 Reason for leaving: Company sold and merged with new parent Duties * Architecture and development of new commercial software. * Reverse Engineering (disassembly) of Windows. * Designing Security Methodology to foil software piracy. * Architecture and development of new In-House Technical Support/Customer Service Tools. * Design and development of Internet-based Credit Card Billing System. * Design and development of SQL Database solutions for customer tracking. * PC/Workstation/LAN Security Accomplishments * Worked with software security group to design client-server security solutions. * Senior Engineer on the 'OILCHANGE' Project. * Wrote the Internet Communication Modules for OilChange using WinInet/Winsock. * Designed and Developed an in-house anonymous e-mailer for marketing use. * Designed and Developed an in-house, web-based Credit Card Purchase System for OilChange. * Designed and Developed an in-house, web-based Technical Support/Customer Service Tool. Accomplishments * Zero security breaches during my time at Digital Insight * Zero negative security stories in any media during my time at Digital Insight * Fraud level across all Financial Institutions at less than 0.1% during my time at Digital Insight * Members of my team obtained two security patents * Oversaw yearly budget of over 4 million dollars * Oversaw the gathering and correlation of company-wide security logs to create a comprehensive forensic engine * Oversaw the implementation of forensic analysis and event monitoring tools First Data Corp./Cardservice International / Linkpoint International SENIOR SECURITY ADMINISTRATOR - 6/00 to 11/04 Reason for leaving: Company consolidating this department to Denver facility Duties * Responsible for all security issues: Intrusion Detection Anti-Virus etc. * Maintained network security for 50,000 merchants doing real-time credit card processing * Member of the Security Incident Response team * Investigate cyber-fraud and hacking attempts, prepare evidence * Monitor security logs for hacking attempts * Ensure compliance with PCI standards * Participate in and resolve issues with PCI and SAS-70 audits * Performed regular penetration testing and analysis on all internet exposed servers * Responsible for both hardware and software solutions * Architects for Programming/Project Solutions * Gather Project Specifications, Resources and Time Estimates * Insure Schedules are Met * Responsible for creation of the 'LEN' network * Interface Issues between Developers and Customers * Technical Mentor to Junior Staff (Best Practices, Coding/Architectural Questions). Accomplishments * Created /maintained separate security domain for developers / QA staff * Promoted to Network Administrator of the 'LEN' * Promoted to Security Administrator of the Linkpoint Gateway MerchanTrust PROJECT SECURITY/INTEGRATION MANAGER - 10/99 to 4/00 Reason for leaving: Company purchased by East Coast firm, contract changed Duties * Insure All Software Meets Security Requirements * Analyze and Maintain Server - Level Security * Research Methods to Foil Hostile Penetration * Architects for Programming/Project Solutions * Work with Sales and Professional Services to produce 'Statement of Work' * Gather Project Specifications, Resources and Time Estimates * Produce Project Plans, Timelines and Charts * Interface Issues between Developers and Customers * Technical Mentor to Junior Staff (Best Practices, Coding/Architectural Questions Accomplishments * Brought in the 'ECX' Project on-time (A MerchanTrust first) * Handled 5 Major Projects Simultaneously Countrywide Home Loans SENIOR ENGINEER - 10/98 to 10/99 Reason for leaving: Company reorganized 3 levels of management, consolidated departments Duties * Administration and Troubleshooting of 24 Websites * Responsible for Security on all websites * Installed / Maintained SiteMinder Security * Aggressively and Proactively Foil all Hacking Attempts * Perform Penetration Testing to Maintain Security * Provide Demonstration code and Object/Business Models to lower-level software developers * Create Low-Level Tools for Ease of WebSite Administration * Installed / Maintained Netscape Directory Server * Installed / Maintained NetDynamics Servers * Involved with Both Hardware and Software Solutions Accomplishments * Created the 'EASITOOL' to allow Support Personnel to Check Status of, and Redirect Sites * Created the 'NETOOL', a Full-Featured version of EASITOOL for Primary Administrators * Promoted to Lead Engineer of the Enterprise Architecture Services Division. * Provided Mentoring and Best-Practices Resource for Corporate Developers QAD Inc. SENIOR SOFTWARE ENGINEER - 5/97 to 10/98 Reason for leaving: Financial problems, company stock price fell from $20 to $1 Duties * Designing Security Methodology to foil data theft. * Provide Proof of Concept demonstrations and scenarios of new technology. * Analyze and provide feasibility studies of new and emerging technologies. * Find technology solutions for existing and upcoming business needs. * Mentor QAD's New Technology Group. * Provide Demonstration code and Object/Business Models to lower-level software developers. Accomplishments * Created programs to foil reverse engineering our Java classes. * Created ActiveX controls to communicate via CORBA. * Created DHTML / ASP pages that communicate via CORBA. * Designed and developed encryption methodologies for use in JavaBeans. * Designed wireless Windows/CE solution for 'Access Anywhere' project. * Designed and developed security methodologies via firmware iButton technology (JavaRing). * Won the 'QAD Champion' Award for my work on the ON/Q project. CyberMedia Corp. SENIOR SOFTWARE ENGINEER - 6/96 to 5/97 Reason for leaving: Company sold and merged with new parent Duties * Architecture and development of new commercial software. * Reverse Engineering (disassembly) of Windows. * Designing Security Methodology to foil software piracy. * Architecture and development of new In-House Technical Support/Customer Service Tools. * Design and development of Internet-based Credit Card Billing System. * Design and development of SQL Database solutions for customer tracking. * PC/Workstation/LAN Security Accomplishments * Worked with software security group to design client-server security solutions. * Senior Engineer on the 'OILCHANGE' Project. * Wrote the Internet Communication Modules for OilChange using WinInet/Winsock. * Designed and Developed an in-house anonymous e-mailer for marketing use. * Designed and Developed an in-house, web-based Credit Card Purchase System for OilChange. * Designed and Developed an in-house, web-based Technical Support/Customer Service Tool. Accomplishments * Created /maintained separate security domain for developers / QA staff * Promoted to Network Administrator of the 'LEN' * Promoted to Security Administrator of the Linkpoint Gateway MerchanTrust PROJECT SECURITY/INTEGRATION MANAGER - 10/99 to 4/00 Reason for leaving: Company purchased by East Coast firm, contract changed Duties * Insure All Software Meets Security Requirements * Analyze and Maintain Server - Level Security * Research Methods to Foil Hostile Penetration * Architects for Programming/Project Solutions * Work with Sales and Professional Services to produce 'Statement of Work' * Gather Project Specifications, Resources and Time Estimates * Produce Project Plans, Timelines and Charts * Interface Issues between Developers and Customers * Technical Mentor to Junior Staff (Best Practices, Coding/Architectural Questions Accomplishments * Brought in the 'ECX' Project on-time (A MerchanTrust first) * Handled 5 Major Projects Simultaneously Countrywide Home Loans SENIOR ENGINEER - 10/98 to 10/99 Reason for leaving: Company reorganized 3 levels of management, consolidated departments Duties * Administration and Troubleshooting of 24 Websites * Responsible for Security on all websites * Installed / Maintained SiteMinder Security * Aggressively and Proactively Foil all Hacking Attempts * Perform Penetration Testing to Maintain Security * Provide Demonstration code and Object/Business Models to lower-level software developers * Create Low-Level Tools for Ease of WebSite Administration * Installed / Maintained Netscape Directory Server * Installed / Maintained NetDynamics Servers * Involved with Both Hardware and Software Solutions Accomplishments * Created the 'EASITOOL' to allow Support Personnel to Check Status of, and Redirect Sites * Created the 'NETOOL', a Full-Featured version of EASITOOL for Primary Administrators * Promoted to Lead Engineer of the Enterprise Architecture Services Division. * Provided Mentoring and Best-Practices Resource for Corporate Developers QAD Inc. SENIOR SOFTWARE ENGINEER - 5/97 to 10/98 Reason for leaving: Financial problems, company stock price fell from $20 to $1 Duties * Designing Security Methodology to foil data theft. * Provide Proof of Concept demonstrations and scenarios of new technology. * Analyze and provide feasibility studies of new and emerging technologies. * Find technology solutions for existing and upcoming business needs. * Mentor QAD's New Technology Group. * Provide Demonstration code and Object/Business Models to lower-level software developers. Accomplishments * Created programs to foil reverse engineering our Java classes. * Created ActiveX controls to communicate via CORBA. * Created DHTML / ASP pages that communicate via CORBA. * Designed and developed encryption methodologies for use in JavaBeans. * Designed wireless Windows/CE solution for 'Access Anywhere' project. * Designed and developed security methodologies via firmware iButton technology (JavaRing). * Won the 'QAD Champion' Award for my work on the ON/Q project. CyberMedia Corp. SENIOR SOFTWARE ENGINEER - 6/96 to 5/97 Reason for leaving: Company sold and merged with new parent Duties * Architecture and development of new commercial software. * Reverse Engineering (disassembly) of Windows. * Designing Security Methodology to foil software piracy. * Architecture and development of new In-House Technical Support/Customer Service Tools. * Design and development of Internet-based Credit Card Billing System. * Design and development of SQL Database solutions for customer tracking. * PC/Workstation/LAN Security Accomplishments * Worked with software security group to design client-server security solutions. * Senior Engineer on the 'OILCHANGE' Project. * Wrote the Internet Communication Modules for OilChange using WinInet/Winsock. * Designed and Developed an in-house anonymous e-mailer for marketing use. * Designed and Developed an in-house, web-based Credit Card Purchase System for OilChange. * Designed and Developed an in-house, web-based Technical Support/Customer Service Tool. Accomplishments * Brought in the 'ECX' Project on-time (A MerchanTrust first) * Handled 5 Major Projects Simultaneously Countrywide Home Loans SENIOR ENGINEER - 10/98 to 10/99 Reason for leaving: Company reorganized 3 levels of management, consolidated departments Duties * Administration and Troubleshooting of 24 Websites * Responsible for Security on all websites * Installed / Maintained SiteMinder Security * Aggressively and Proactively Foil all Hacking Attempts * Perform Penetration Testing to Maintain Security * Provide Demonstration code and Object/Business Models to lower-level software developers * Create Low-Level Tools for Ease of WebSite Administration * Installed / Maintained Netscape Directory Server * Installed / Maintained NetDynamics Servers * Involved with Both Hardware and Software Solutions Accomplishments * Created the 'EASITOOL' to allow Support Personnel to Check Status of, and Redirect Sites * Created the 'NETOOL', a Full-Featured version of EASITOOL for Primary Administrators * Promoted to Lead Engineer of the Enterprise Architecture Services Division. * Provided Mentoring and Best-Practices Resource for Corporate Developers QAD Inc. SENIOR SOFTWARE ENGINEER - 5/97 to 10/98 Reason for leaving: Financial problems, company stock price fell from $20 to $1 Duties * Designing Security Methodology to foil data theft. * Provide Proof of Concept demonstrations and scenarios of new technology. * Analyze and provide feasibility studies of new and emerging technologies. * Find technology solutions for existing and upcoming business needs. * Mentor QAD's New Technology Group. * Provide Demonstration code and Object/Business Models to lower-level software developers. Accomplishments * Created programs to foil reverse engineering our Java classes. * Created ActiveX controls to communicate via CORBA. * Created DHTML / ASP pages that communicate via CORBA. * Designed and developed encryption methodologies for use in JavaBeans. * Designed wireless Windows/CE solution for 'Access Anywhere' project. * Designed and developed security methodologies via firmware iButton technology (JavaRing). * Won the 'QAD Champion' Award for my work on the ON/Q project. CyberMedia Corp. SENIOR SOFTWARE ENGINEER - 6/96 to 5/97 Reason for leaving: Company sold and merged with new parent Duties * Architecture and development of new commercial software. * Reverse Engineering (disassembly) of Windows. * Designing Security Methodology to foil software piracy. * Architecture and development of new In-House Technical Support/Customer Service Tools. * Design and development of Internet-based Credit Card Billing System. * Design and development of SQL Database solutions for customer tracking. * PC/Workstation/LAN Security Accomplishments * Worked with software security group to design client-server security solutions. * Senior Engineer on the 'OILCHANGE' Project. * Wrote the Internet Communication Modules for OilChange using WinInet/Winsock. * Designed and Developed an in-house anonymous e-mailer for marketing use. * Designed and Developed an in-house, web-based Credit Card Purchase System for OilChange. * Designed and Developed an in-house, web-based Technical Support/Customer Service Tool. Accomplishments * Created the 'EASITOOL' to allow Support Personnel to Check Status of, and Redirect Sites * Created the 'NETOOL', a Full-Featured version of EASITOOL for Primary Administrators * Promoted to Lead Engineer of the Enterprise Architecture Services Division. * Provided Mentoring and Best-Practices Resource for Corporate Developers QAD Inc. SENIOR SOFTWARE ENGINEER - 5/97 to 10/98 Reason for leaving: Financial problems, company stock price fell from $20 to $1 Duties * Designing Security Methodology to foil data theft. * Provide Proof of Concept demonstrations and scenarios of new technology. * Analyze and provide feasibility studies of new and emerging technologies. * Find technology solutions for existing and upcoming business needs. * Mentor QAD's New Technology Group. * Provide Demonstration code and Object/Business Models to lower-level software developers. Accomplishments * Created programs to foil reverse engineering our Java classes. * Created ActiveX controls to communicate via CORBA. * Created DHTML / ASP pages that communicate via CORBA. * Designed and developed encryption methodologies for use in JavaBeans. * Designed wireless Windows/CE solution for 'Access Anywhere' project. * Designed and developed security methodologies via firmware iButton technology (JavaRing). * Won the 'QAD Champion' Award for my work on the ON/Q project. CyberMedia Corp. SENIOR SOFTWARE ENGINEER - 6/96 to 5/97 Reason for leaving: Company sold and merged with new parent Duties * Architecture and development of new commercial software. * Reverse Engineering (disassembly) of Windows. * Designing Security Methodology to foil software piracy. * Architecture and development of new In-House Technical Support/Customer Service Tools. * Design and development of Internet-based Credit Card Billing System. * Design and development of SQL Database solutions for customer tracking. * PC/Workstation/LAN Security Accomplishments * Worked with software security group to design client-server security solutions. * Senior Engineer on the 'OILCHANGE' Project. * Wrote the Internet Communication Modules for OilChange using WinInet/Winsock. * Designed and Developed an in-house anonymous e-mailer for marketing use. * Designed and Developed an in-house, web-based Credit Card Purchase System for OilChange. * Designed and Developed an in-house, web-based Technical Support/Customer Service Tool. Accomplishments * Created programs to foil reverse engineering our Java classes. * Created ActiveX controls to communicate via CORBA. * Created DHTML / ASP pages that communicate via CORBA. * Designed and developed encryption methodologies for use in JavaBeans. * Designed wireless Windows/CE solution for 'Access Anywhere' project. * Designed and developed security methodologies via firmware iButton technology (JavaRing). * Won the 'QAD Champion' Award for my work on the ON/Q project. CyberMedia Corp. SENIOR SOFTWARE ENGINEER - 6/96 to 5/97 Reason for leaving: Company sold and merged with new parent Duties * Architecture and development of new commercial software. * Reverse Engineering (disassembly) of Windows. * Designing Security Methodology to foil software piracy. * Architecture and development of new In-House Technical Support/Customer Service Tools. * Design and development of Internet-based Credit Card Billing System. * Design and development of SQL Database solutions for customer tracking. * PC/Workstation/LAN Security Accomplishments * Worked with software security group to design client-server security solutions. * Senior Engineer on the 'OILCHANGE' Project. * Wrote the Internet Communication Modules for OilChange using WinInet/Winsock. * Designed and Developed an in-house anonymous e-mailer for marketing use. * Designed and Developed an in-house, web-based Credit Card Purchase System for OilChange. * Designed and Developed an in-house, web-based Technical Support/Customer Service Tool. Accomplishments * Worked with software security group to design client-server security solutions. * Senior Engineer on the 'OILCHANGE' Project. * Wrote the Internet Communication Modules for OilChange using WinInet/Winsock. * Designed and Developed an in-house anonymous e-mailer for marketing use. * Designed and Developed an in-house, web-based Credit Card Purchase System for OilChange. * Designed and Developed an in-house, web-based Technical Support/Customer Service Tool.

Highlights:

• Computer Forensics
• Arcsight
• Splunk
• Programming
• Microsoft Windows
• Networking
• Personal Computer
• Reverse-Engineer Malware
• Linux
• EnCase
• FireEye