Work History

Work History
Aug 2009 - Present

Principal Security Consultant

SAIC

Actively pursuing/engaged in security projects (up and down the stack) including (but not limited to) control systems, SCADA, AMI, and other critical infrastructure applications & networks. Manage & administer Smart Grid Security Solutions Lab consisting of AMI, Direct Load Control, wireless, and variety of network infrastructure & security devices.

Mar 2008 - Aug 2009

Manager, Product Training

http://www.tenablesecurity.com

Led Tenable training program. Created, taught, and updated course materials on vulnerability scanning, security monitoring, log analysis, and compliance/configuration auditing Nessus, Passive Vulnerability Scanner, Security Center, and Log Correlation Engine. Principal architect of Tenable's eLearning solution consisting of on demand, virtual technical training. Completely redeveloped Tenable courseware in 2008, implementing modular curriculum. Developed Enterprise and Nessus certification exams in 2009. Delivered custom onsite training for large commercial and government customers. Prototyped Python/PHP webapps and managed ITS development projects to support training initiatives.

Nov 2006 - Mar 2008

Senior Network Security Engineer

Hewitt Associates, LLC

Developed, maintained, and supported Hewitt firewall platform across multiple UNIX flavors on a variety of server platforms. Led the effort to replace proprietary UNIX firewall platforms with low cost Intel hardware. Developed systems management, network monitoring, and firewall capacity management tools in Ruby. Conducted firewall performance testing to evaluate hardware/OS selection. Provided on-call support to network security operations team and other internal customers. Evaluated, defined, tested and worked with vendor to deploy next generation firewall management application. Provided consulting to internal Hewitt and external client teams on security architecture and implementation and deployment of new firewalls

Sep 2005 - Nov 2006

Senior Security Consultant/Researcher

Digital Bond, Inc

Perform network and application security assessments for Digital Bond clients, focusing primarily on SCADA and other control system technology used by Electricity and Gas sectors. Developed a comprehensive set of SCADA vulnerability checks for Nessus in NASL3. Wrote Snort ICCP signatures. Discovered multiple implementation flaws in ICCP servers that resulted in the first US-CERT advisory for a SCADA vulnerability. Served on Electricity Cell and contributed significant scenario elements relating to SCADA vulnerabilities for DHS CyberStorm 2005 exercise. Project lead for OPC/DCOM Security Best Practices projected jointly conducted with British Columbia Institute of Technology (BCIT). Designed, implemented, and monitored SCADA Field device honeynet using VMware/Roo Honeywall. Wrote a variety of custom vulnerability assessment tools in Python and Java.

Education

Education

Skills

Skills

Virtualization

Commercial and Open Source virtualization has been part of my toolbox since I first used VMWare workstation in 1999. I have experience with various Linux virtualization tools including User Mode Linux, Xen, OpenVZ, KVM, VirtualBox  as well as commercial enterpise products such as VMWare Server, ESXi, ec

Various things Cisco

While working at Cisco I developed a love for all things IOS and got exposed to a wide range of technologies. I currently maintain proficiency in IOS routing & switching, ASA, etc.

Open Source Network Security

Linux and *BSD Administration

I first started using Slackware Linux in 1995 and spend 75% of my computing experience currently on Ubuntu/Debian Linux. I have broad and deep experience with a variety of Linux distributions and applications including SuSE, Fedora, RHEL/CentOS.

Ruby Development

Python Development

Summary

Senior information and critical infrastructure security professional with over a decade of network and application security experience in engineering, R&D, consulting, operations, and training. Consistent track record of impact and innovation inside diverse organizations ranging from security & infrastructure vendors to business and technology service providers, boutique consulting firms, and the military. Solid technical background in security architecture, administration, and device/protocol/application/network vulnerability assessment. Committed Open Source advocate, conflicted coder, and and master of knowledge management tools. Expert technical trainer and down-to-earth conference speaker. Technical advisor to senior management, mentor to junior engineers, and project manager.

Interest

Open Source UNIX (especially Linux and *BSD) and security tools. IDS signature & vulnerability check development. Protocol analysis, threat modeling, and protocol fuzzing. Test automation and vulnerability assessment. SCADA, Control System, and Smart Grid. Embedded Linux. SDLC. HP/Dell server hardware and assorted Cisco gear. Vulnerability disclosure policy and best practices. Course design and development. Defining, developing, and bringing new services to market.

Certifications

Certifications
Aug 2005 - Present

CISSP

ISC2

Top Secret/SCI

DoD