SUMMARY

I have over ten years of combined, concurrent networking experience (personal and professional). Additionally, I have extensive experience in network security implementation and management. I frequently participate in Penetration Testing and Vulnerability Assessment - usually as the lead "pen-tester" - and in Incident Response. Furthermore, I have discovered, researched, and disclosed numerous vulnerabilities in both networking appliances and operating systems/applications services.

Professionally, I have maintained and developed backend databases, using: MySQL, SQLite, PostgreSQL, Microsoft SQL Server, and Alchemy in addition to maintaining and developing front-end web applications using PHP/HTML. I am experienced in both proprietary and open source applications - participating in the development of many open source applications. Likewise, I have provided hardware installation and support while supervising a PC repair shop. From a managerial standpoint, it should be noted that I have managed many projects - including in professional capacities, educational settings, and freelance operations. Currently, I am leading several technical projects with my current employer and am responsible for the training of new hires.

I have long-term programming experience (personal and professional) with multiple high level languages and in addition to holding the Linux+, Security+, Certified Ethical Hacker , and Certified Penetration Tester I hold an an Associates of Applied Sciences degree in Information Security and am currently trained for the following certifications: A+, Network+, Cisco (CCNA), and Red Hat (RHCE).

My proficiencies include: Windows 98 thru Windows 7, Linux 2.4 kernel thru 2.6, and OSX - with some experience using Sun Solaris systems. In addition, I am advanced in using in Microsoft Word, as well as Open Office.

WORK EXPERIENCE

JACOB & SUNDSTROM, INC Baltimore, Maryland     October 2007 to Present

Network Security Engineer and Researcher (March 2009 - Present)

• Perform Research for New Projects
• Provide Testing of New Tools and Methodologies
• Involved in Development of Intrusion Detection Systems, Tools, and Mechanisms
• Plan and Create Security Solutions
• Perform Testing and Auditing for Current and New Products
• Maintain, Update, and Deploy Large Code Bases
• Integrate Solutions into a Large Production Environment
• Engineer Network Security Plans and Goals
• Develop Training Curriculum for New Hires
• Coordinate and Provide Training for New Hires

Senior Network Security Analyst (October 2007 - March 2009)

• Provide Real-Time Analysis of Network Traffic to Adequately Detect Intrusions and Vulnerabilities
• Coordinate Network Incident Handling with Sites World-Wide
• Manage and Develop Intrusion Detection System Signatures and Rulesets
• Maintain, Update, and Disseminate Daily Vulnerability and Intelligence Reports
• Release Situation Awareness Reports When Needed
• Involved in Development of Intrusion Detection Systems, Tools, and Mechanisms
• Provide Testing of New Tools and Methodologies
• Advise Client of Security Risks Involved in Specific Tasks
• Engineer Network Security Plans and Goals
• Develop Training Curriculum for New Hires
• Coordinate and Provide Training for New Hires

COMMUNITY COLLEGE OF BALTIMORE COUNTY Baltimore, Maryland     August 2010 to Present

Adjunct Professor, School of Applied and Information Technology, Network Technology

• Teach multiple Security and Network classes
• Develop Lesson Plans, Quizzes, Tests, and Exams
• Deliver Class Lectures and Administer Class Laboratory Exercises
• Design Semester Projects which provide real world application of taught skills
• Provide Students with Support, Motivation, and Assistance

CONSTELLATION ENERGY GROUP Baltimore, Maryland     August 2006 to October 2007

Level II - IT Support Technician

• Provide Level II technical support
• Review large scale technical issues
• Departmental Lesion between multiple departments and Support Center
• Develop and maintain new hire training information/schedule
• Provide training of new personnel
• Manage a number of technical projects and supporting teams
• Assist in the creation of support tools
• Author documentation for knowledge bases and training materials
• Maintain knowledge bases used within the Support Center and multiple support units.
• Complete other in-house projects as assigned

PIRAEUS INTERNATIONAL Baltimore, Maryland     September 2006 to December 2007

Security Consultant/Network Administrator

• Design and implement security solutions
• Provide consultation on IT business solutions
• Design, implement, and maintain infrastructure
• Secure and service multiple Windows and Linux servers
• Incident response and security monitoring

HI - TECH PROCESSING SERVICES, INC Essex, Maryland     August 2005 to August 2006

Network Administrator / Tech Supervisor

• Managed public PC Repair shop
• Developed processes for new projects and work
• Services and supported internal computers, printers, and phones
• Secured internal computers, printers, and telecoms system.
• Member of New Technologies Development Group
• Evaluated new technologies for implementation throughout the organization
• Created and maintained multiple databases
• Designed and developed Intranet site for Corporate Communications
• Managed multiple production and public web servers
• Monitored multiple production and DMZ servers - as well as Firewall and Network Intrusion Prevention System

FREELANCE/CONSULTING Baltimore-Washington Area, Maryland     2002 - Present

• Implementation and development of security solutions
• Network Design and Management
• Support computers, printers, and telecommunication systems

PERSONAL EXPERIENCE

• Discovered a Remote Denial of Service Vulnerability in multiple consumer and SOHO network perimeter devices [Security Focus Bids: 15870, 15869, 15864, 15861]
• Multiple Undisclosed Vulnerabilities
• Involved in development of multiple projects - including OpenPKI, LAk-IPS/snort, BackTrack, and PBNJ
• Wrote community-college curriculum in the area of Information Security
• Participation in improvement of CyberWatch (collaboration between multiple two-and-four year colleges to standardize information security coursework, degrees, and certifications)
• Served as Guest Lecturer in college level Information Security courses
• Develop Information Security Labs, Lectures, and Curriculum for 2-4 year colleges
• Presented speech to the NSF (National Science Foundation) on the topic of Progression of Information Security curriculum
• Participate on both offensive and defensive teams in cyber exercises and competitions

EDUCATION

Associates of Applied Sciences - Community College of Baltimore County

ADDITIONAL EDUCATION

Data Communications	LAN Advanced
Cisco (CCNA)	Network Security
Network Defense/Counter-Measures	PC Repair
PC Troubleshooting	Linux
Intro to Programming	C/C++
Object-Oriented Programming	Independent Project (Security Engineering)

ACTIVITIES

• Red-Cell Member, Mid-Atlantic Collegiate Cyber Defense Competition - 2009-Present
• Silver Medal Red-Cell winner: Cyber Dawn Exercise 2009 (Haymarket Virgina)
• Captain, Collegiate Cyber Defense Team - Community College of Baltimore County, 2005-2008
• Gold Medal winner: 2008 Mid-Atlantic Collegiate Cyber Defense Qualifier-January 2008 (Lancaster Pennsylvania)
• Silver Medal winner: 2007 Mid-Atlantic Collegiate Cyber Defense Competition-March 2007 (Hunt Valley, Maryland)
• Bronze Medal winner: 2006 Mid-Atlantic Collegiate Cyber Defense Competition-March 2006 (Lancaster, Pennsylvania)