| Objective |
To work in a cutting edge computing environment utilizing both
open source
and proprietary software to create improved network security for
an organization. I like wearing many hats including team lead,
system administrator and software developer.
|
|
| Work Experience |
May 2003 - May 2006 |
AT&T WorldNet |
Morrisville, NC |
|
Sr. Network Security Engineer/Software Developer/System Administrator/Network Security Administrator |
|
- Team lead for the Network Security Team in the AT&T Internet Investigations and Security Services Group
- Set up web hosting, routed fake phishing e-mails, created detailed reports, and worked with the CISO of New York State on a campaign to educate almost 10,000 New York State employees about the dangers of phishing. Link to news article: http://online.wsj.com/public/article/SB112424042313615131-z_8jLB2WkfcVtgdAWf6LRh733sg_20060817.html
- Created Dark IP address space to automatically identify indiscriminate scanning by virus infected/trojan infected/compromised customers. This has led to a decrease in time that AT&T customers are infected with viruses/worms before they are notified.
- Created tool to test a customer's email server to see if it allowed e-mail viruses to be relayed as an NDR (non-delivery report)
- Created Dark IP report to illustrate trends in which customers and non-customers were attacking AT&T's address space
- Used as a Subject Matter Expert (SME) by other AT&T developers/employees on anti-phishing strategies as well as real-time blackhole lists (RBLs) and other network security issues
- Migrated Linux machines from Red Hat Linux to Gentoo Linux
- Kept up to date on all new security vulnerabilities and patched appropriate systems
- Continued to configure and maintain firewalls, internal/external DNS servers/caches, Samba server, internal LAN, external services, Web servers, SSH servers and MySQL database servers
- Administrator of the abuse-att.net domain
- Contacted customers via e-mail and phone about why Internet service had been terminated, and what needs to be done to rectify the situation
- Wrote programs/scripts and implemented various features on demand to help other agents and teams with their work
- Created and maintained all AT&T IISS Team databases
- Received and responded to pages 24/7
- Used as a resource by members of my team/other teams for help with programming, PC troubleshooting, and new tool ideas
|
|
|
April 2001 - January 2003 |
AT&T WorldNet |
Morrisville, NC |
|
Sr. Network Security Engineer/Software Developer/System Administrator/Network Security Administrator |
|
- Promoted to team lead of Network Security Team that currently consists of 5 members total
- Learned Borland C++ to aid in GUI development of front end programs that are used by IISS agents
- Migrated data from old SGI machines to new IBM/Dell servers
- Continued to configure and maintain firewalls, internal/external DNS servers/caches, Samba server, internal LAN, external services, Web servers, SSH servers and MySQL database servers
- Wrote and maintained programs to check for e-mail relaying and open proxies. The programs are used by the MIS team to verify that a customer does not have an insecure server on their site
- Administrator of the abuse-att.net domain. Worked with the e-mail team in NJ to forward e-mails to our domain
- Wrote programs/scripts and implemented various features on demand to help other agents and teams with their work
- Wrote DSL lookup tool which combines 3 tools into one easy to use interface that reduces lookup time for an agent to about 20 seconds. Before this tool was written, agents had to contact a member of the DSL team to receive this information
- Available 24/7 to troubleshoot server problems and remotely administer machines
- Called on by members of my team/other teams for help with programming, PC troubleshooting, and new tool ideas
- Created off-site backup solution to comply with disaster recovery policies
- Set up new IBM/Dell servers to split up workload and thus improve agent efficiency
- Confirmed that all external servers were hardened with paranoid firewalls
- Set up servers to handle Insight Broadband customer complaints
- Tracked and reported Code Red infections on the internal network
- Attended Code Red meeting at IBM
|
|
|
January 2000 - April 2001 |
AT&T WorldNet |
Morrisville, NC |
|
Software Developer/System Administrator/Network Security Administrator/Network Security Engineer |
|
- Developed and implemented an e-mail system to filter e-mail, track statistics, archive e-mail and track tickets
- Developed several CGI programs to interface with e-mail filtering system
- Configured and maintained firewalls, DNS servers, Samba servers, Web, SSH, e-mail servers and databases on machines running Linux
- Performed system maintenance and automated backup procedures
|
|
|
July 1999 - January 2000 |
Lucent Technologies |
Cary, NC |
|
Service Tester/Developer |
|
- Tested several services (Televoting, Advanced Toll Free, Flexible Network Routing, etc.)
for the Service Management System
- Wrote programs in Perl to assist with data migration and testing
|
|
|
September 1998 - January 1999 |
UW-Madison - Social Science Computing Cooperative |
Madison, WI |
|
Unix Administrator Assistant
|
|
- Reviewed current internet security on several UNIX systems and proposed solutions to make systems more secure
- Researched, installed and maintained internet security tools on systems
- Wrote programs to assist system administrator in providing better user and internet security
|
|
|
Summers 1997, 1998 |
AT&T Labs |
Lincroft, NJ |
|
Software Developer -
WorldNet
Network Management Group |
|
- Created Perl 5/JavaScript/Java web-based front ends for
setup/management/configuration of network server complexes
- Performed tests on network management software
- Helped other interns in learning languages, operating systems and debugging
- Attended 2 day course in Java programming presented by
Sun Microsystems
|
|
| Education |
1995 - 1999 |
University of Wisconsin - Madison |
Madison, WI |
|
B.S. / Computer Sciences
- Major Classes:
Computer Architecture, Computer Networks, Operating Systems, Data Structures, Digital Systems, Machine Organization, Linear Algebra, Algorithms, Artificial Intelligence, Database Management Systems, Linear Programming Methods, Computer Graphics, Computational Neuroscience
|
|
Computer Experience |
- Operating systems: Linux, UNIX, Windows 2000/NT/98/95
- Programming languages: Perl, C++, Borland C++, HTML
- Networking: TCP/IP, Internet protocols, IPSec, Public/Private Key Encryption, Scanning software (nmap, Nessus), Firewalls, Routing, Ethernet, DNS, E-Mail, HTTP, Wireless Security, SSL
|
|
| Activities |
- Certified Information Systems Security Professional (CISSP)
- American Red Cross Blood Donor
- Admitted to the College of Letters and Science Honors Program at UW-Madison
- Attended 5th HOPE Conference, SANS New Orleans 2001, NetSec San Francisco 2000 and DefCon 8
|