JUSTIN M. WRAY
7953 Saint Claire Lane
Baltimore, MD 21222-3532
(410) 477-2396
SUMMARY
I have over ten years of combined, concurrent networking experience
(personal and professional). Additionally, I have extensive experience
in network security implementation and management. I frequently participate
in Penetration Testing and Vulnerability Assessment
- usually as the lead "pen-tester" - and in Instant Response.
Furthermore, I have discovered, researched, and disclosed numerous vulnerabilities
in both networking appliances and operating systems/applications services.
Professionally, I have maintained and developed backend databases, using: mySQL,
SQLite, PostgreSQL, Microsoft SQL Server, and Alchemy
in addition to maintaining and developing front-end web applications using
PHP/HTML. I am experienced in both proprietary and open
source applications - participating in the development of many open
source applications. Likewise, I have provided hardware installation
and support while supervising a PC repair shop. From a managerial
standpoint, it should be noted that I have managed many projects
- including in professional capacities, educational settings, and freelance
operations. Currently, I am leading several technical projects
with my current employer and am assisting with training of new
hires.
I have long-term programming experience
(personal and professional) with multiple high level languages and in addition to holding the Linux+, Security+, Certified Ethical Hacker , and Certified Penetration Tester I am
currently trained for the following certifications: A+,
and Network+ while pursuing an Associates of Applied Sciences
degree in Information Security, Cisco (CCNA), and Red
Hat (RHCE).
My proficiencies include: Windows 98 thru 2003, Linux 2.4 kernel
thru 2.6, and OSX - with some experience using Sun Solaris
systems. In addition, I am advanced in using in Microsoft Word,
as well as Open Office.
WORK
EXPERIENCE
JACOB
& SUNDSTROM, INC
Baltimore, Maryland
October 2007 to Present
Network
Security Engineer and Researcher, (March 2009 - Present)
- Perform Research for New Projects
- Provide Testing
of New Tools and Methodologies
- Involved in Development
of Intrusion Detection Systems, Tools, and Mechanisms
- Plan and Create Security Solutions
- Perform Testing and Auditing for Current and New Products
- Maintain, Update,
and Deploy Large Code Bases
- Integrate Solutions into a Large Production Environment
- Engineer Network
Security Plans and Goals
- Develop Training
Curriculum for New Hires
- Coordinate and Provide
Training for New Hires
Senior Network
Security Analyst, (October 2007 - March 2009)
- Provide Real-Time
Analysis of Network Traffic to Adequately Detect Intrusions and Vulnerabilities
- Coordinate Network
Incident Handling with Sites World-Wide
- Manage and Develop
Intrusion Detection System Signatures and Rulesets
- Maintain, Update,
and Disseminate Daily Vulnerability and Intelligence Reports
- Release Situation
Awareness Reports When Needed
- Involved in Development
of Intrusion Detection Systems, Tools, and Mechanisms
- Provide Testing
of New Tools and Methodologies
- Advise Client of
Security Risks Involved in Specific Tasks
- Engineer Network
Security Plans and Goals
- Develop Training
Curriculum for New Hires
- Coordinate and Provide
Training for New Hires
CONSTELLATION
ENERGY GROUP Baltimore, Maryland
August 2006 to
October 2007
Level II -
IT Support Technician,
- Provide Level II
technical support
- Review large scale
technical issues
- Departmental Lesion
between multiple departments and Support Center
- Develop and maintain
new hire training information/schedule
- Provide training
of new personnel
- Manage a number
of technical projects and supporting teams
- Assist in the creation
of support tools
- Author documentation
for knowledge bases and training materials
- Maintain knowledge
bases used within the Support Center and multiple support units.
- Complete other in-house
projects as assigned
PIRAEUS
INTERNATIONAL Baltimore, Maryland
2006 to 2007
Security Consultant/Network
Administrator,
- Design and implement
security solutions
- Provide consultation
on IT business solutions
- Design, implement,
and maintain infrastructure
- Secure and service
multiple Windows and Linux servers
- Incident response
and security monitoring
HI
- TECH PROCESSING SERVICES, INC Essex, Maryland
August
2005 to August 2006
Network Administrator
/ Tech Supervisor,
- Managed public PC
Repair shop
- Developed processes
for new projects and work
- Services and supported
internal computers, printers, and phones
- Secured internal
computers, printers, and telecoms system.
- Member of New Technologies
Development Group
- Evaluated new technologies
for implementation throughout the organization
- Created and maintained
multiple databases
- Designed and developed
Intranet site for Corporate Communications
- Managed multiple
production and public web servers
- Monitored multiple
production and DMZ servers - as well as Firewall and Network Intrusion
Prevention System
FREELANCE/CONSULTING
Baltimore-Washington Area, Maryland 2002 - Present
- Implementation and
development of security solutions
- Network Design and
Management
- Support computers,
printers, and telecom systems
PERSONAL
EXPERIENCE
- Discovered a Remote
Denial of Service Vulnerability in multiple consumer and SOHO network
perimeter devices [Security Focus Bids: 15870, 15869, 15864, 15861]
- Multiple Undisclosed
Vulnerabilities
- Involved in development
of multiple projects - including OpenPKI, LAk-IPS/snort, BackTrack,
and PBNJ
- Wrote community-college
curriculum in the area of Information Security
- Participation in
improvement of CyberWatch (collaboration between multiple two-and-four
year colleges to standardize information security coursework, degrees,
and certifications)
- Served as Guest
Lecturer in college level Information Security courses
- Develop Information
Security Labs, Lectures, and Curriculum for 2-4 year colleges
- Presented speech
to the NSF (National Science Foundation) on the topic of Progression
of Information Security curriculum
- Participate on both offensive and defensive teams in cyber exercises and competitions
EDUCATION
Community College
of Baltimore County - Essex, Maryland campus and Catonsville, Maryland
campus
ADDITIONAL EDUCATION
| Interesting News