JUSTIN
M. WRAY
185
Jonathan Way North
York,
PA 17356
(717)
916-5066

SUMMARY
I
have over ten years of combined, concurrent networking experience
(personal and professional). Additionally, I have extensive
experience in network security implementation and management. I
frequently participate in Penetration Testing and
Vulnerability Assessment - usually as the lead "pen-tester"
- and in Incident Response. Furthermore, I have discovered,
researched, and disclosed numerous vulnerabilities in both networking
appliances and operating systems/applications services.
Professionally, I have
maintained and developed backend databases, using: MySQL,
SQLite, PostgreSQL, Microsoft SQL Server, and
Alchemy in addition to maintaining and developing front-end
web applications using PHP/HTML. I am experienced in both
proprietary and open source applications -
participating in the development of many open source applications.
Likewise, I have provided hardware installation and support
while supervising a PC repair shop. From a managerial
standpoint, it should be noted that I have managed many
projects - including in professional capacities, educational
settings, and freelance operations. Currently, I am leading several
technical projects with my current employer and am responsible
for the training of new hires.
I have long-term
programming experience (personal and professional) with
multiple high level languages and in addition to holding the Linux+,
Security+, Certified Ethical Hacker , and Certified
Penetration Tester I hold an an Associates of Applied Sciences
degree in Information Security and
am currently trained for the following certifications: A+,
Network+, Cisco (CCNA), and Red Hat (RHCE).
My proficiencies
include: Windows 98 thru Windows 7, Linux 2.4 kernel thru
2.6, and OSX - with some experience using Sun Solaris
systems. In addition, I am advanced in using in Microsoft Word,
as well as Open Office.
WORK
EXPERIENCE
JACOB
& SUNDSTROM, INC Baltimore, Maryland
October 2007 to Present
Network
Security Engineer and Researcher (March 2009 - Present)
- Perform
Research for New Projects
- Provide
Testing of New Tools and Methodologies
- Involved
in Development of Intrusion Detection Systems, Tools, and Mechanisms
- Plan
and Create Security Solutions
- Perform
Testing and Auditing for Current and New Products
- Maintain,
Update, and Deploy Large Code Bases
- Integrate
Solutions into a Large Production Environment
- Engineer
Network Security Plans and Goals
- Develop
Training Curriculum for New Hires
- Coordinate
and Provide Training for New Hires
Senior
Network Security Analyst (October 2007 - March 2009)
- Provide
Real-Time Analysis of Network Traffic to Adequately Detect
Intrusions and Vulnerabilities
- Coordinate
Network Incident Handling with Sites World-Wide
- Manage
and Develop Intrusion Detection System Signatures and Rulesets
- Maintain,
Update, and Disseminate Daily Vulnerability and Intelligence Reports
- Release
Situation Awareness Reports When Needed
- Involved
in Development of Intrusion Detection Systems, Tools, and Mechanisms
- Provide
Testing of New Tools and Methodologies
- Advise
Client of Security Risks Involved in Specific Tasks
- Engineer
Network Security Plans and Goals
- Develop
Training Curriculum for New Hires
- Coordinate
and Provide Training for New Hires
COMMUNITY
COLLEGE OF BALTIMORE COUNTY Baltimore, Maryland
August 2010 to Present
Adjunct
Professor, School of Applied and Information Technology, Network
Technology
- Teach
multiple Security and Network classes
- Develop
Lesson Plans, Quizzes, Tests, and Exams
- Deliver
Class Lectures and Administer Class Laboratory Exercises
- Design
Semester Projects which provide real world application of taught
skills
- Provide
Students with Support, Motivation, and Assistance
CONSTELLATION
ENERGY GROUP Baltimore, Maryland August
2006 to October 2007
Level
II - IT Support Technician
- Provide
Level II technical support
- Review
large scale technical issues
- Departmental
Lesion between multiple departments and Support Center
- Develop
and maintain new hire training information/schedule
- Provide
training of new personnel
- Manage
a number of technical projects and supporting teams
- Assist
in the creation of support tools
- Author
documentation for knowledge bases and training materials
- Maintain
knowledge bases used within the Support Center and multiple support
units.
- Complete
other in-house projects as assigned
PIRAEUS
INTERNATIONAL Baltimore, Maryland September
2006 to December 2007
Security
Consultant/Network Administrator
- Design
and implement security solutions
- Provide
consultation on IT business solutions
- Design,
implement, and maintain infrastructure
- Secure
and service multiple Windows and Linux servers
- Incident
response and security monitoring
HI
- TECH PROCESSING SERVICES, INC Essex, Maryland August
2005 to August 2006
Network
Administrator / Tech Supervisor
- Managed
public PC Repair shop
- Developed
processes for new projects and work
- Services
and supported internal computers, printers, and phones
- Secured
internal computers, printers, and telecoms system.
- Member
of New Technologies Development Group
- Evaluated
new technologies for implementation throughout the organization
- Created
and maintained multiple databases
- Designed
and developed Intranet site for Corporate Communications
- Managed
multiple production and public web servers
- Monitored
multiple production and DMZ servers - as well as Firewall and
Network Intrusion Prevention System
FREELANCE/CONSULTING
Baltimore-Washington Area, Maryland 2002
- Present
- Implementation
and development of security solutions
- Network
Design and Management
- Support
computers, printers, and telecommunication systems
PERSONAL
EXPERIENCE
- Discovered
a Remote Denial of Service Vulnerability in multiple consumer and
SOHO network perimeter devices [Security Focus Bids: 15870, 15869,
15864, 15861]
- Multiple
Undisclosed Vulnerabilities
- Involved
in development of multiple projects - including OpenPKI,
LAk-IPS/snort, BackTrack, and PBNJ
- Wrote
community-college curriculum in the area of Information Security
- Participation
in improvement of CyberWatch (collaboration between multiple
two-and-four year colleges to standardize information security
coursework, degrees, and certifications)
- Served
as Guest Lecturer in college level Information Security courses
- Develop
Information Security Labs, Lectures, and Curriculum for 2-4 year
colleges
- Presented
speech to the NSF (National Science Foundation) on the topic of
Progression of Information Security curriculum
- Participate
on both offensive and defensive teams in cyber exercises and
competitions
EDUCATION
Associates
of Applied Sciences - Community College of Baltimore
County
ADDITIONAL
EDUCATION
-
|
|
|
|
|
|
- Network
Defense/Counter-Measures
|
|
|
|
|
|
|
|
- Object-Oriented
Programming
|
- Independent
Project (Security Engineering)
|
ACTIVITIES
- Red-Cell
Member, Mid-Atlantic Collegiate Cyber Defense Competition -
2009-Present
- Silver
Medal Red-Cell winner: Cyber Dawn Exercise 2009 (Haymarket Virgina)
- Captain,
Collegiate Cyber Defense Team - Community College of Baltimore
County, 2005-2008
- Gold
Medal winner: 2008 Mid-Atlantic Collegiate Cyber Defense
Qualifier-January 2008 (Lancaster Pennsylvania)
- Silver
Medal winner: 2007 Mid-Atlantic Collegiate Cyber Defense
Competition-March 2007 (Hunt Valley, Maryland)
- Bronze
Medal winner: 2006 Mid-Atlantic Collegiate Cyber Defense
Competition-March 2006 (Lancaster, Pennsylvania)
Download Resume