SUMMARY OF QUALIFICATIONS

 

 

I am accomplished at providing a high level of customer service; skilled in training and mentoring junior members of staff; adept at communicating technical issues to a non-technical audience, and comfortable interfacing with all levels of management.  I have expertise in multiple information security domains, including digital forensics, eDiscovery, Security Event and Incident Management (SEIM), configuration management and security administration.  I excel at developing documentation, training materials, policies and procedures.  I enjoy diving into a topic and learning as much as possible about it--particularly how each new facet has implications for other areas of security and information systems in general.

 

 

PROFESSIONAL EXPERIENCE

 

  • Forensics/eDiscovery lead for Information Security, and a member of the Computer Incident Response Team.
  • Experienced with Guidance Software’s EnCase Enterprise and eDiscovery, Access Data’s Forensic ToolKit and Open Source tools in over 400 digital forensics/eDiscovery cases.
  • Provided testimony on behalf of PG&E in a jury trial on the eDiscovery work I performed.
  • Experienced with imaging hardware including ImageMasster Solo 3 and Link Masster. Also experienced with the Digital Intelligence FRED forensics server.
  • Served as liaison for Legal, HR and Loss Prevention for investigations and litigation support.  Facilitated data collection from drive images, email, IM, network shares, servers, and many other data sources.
  • Coordinated with Inside and Outside Counsel in litigation cases.
  • Established policies and procedures for investigations function, including evidence lifecycle, chain of custody, forensic acquisition, and various investigative procedures.
  • Developed business case for build out of forensics lab, ultimately designed to allow multiple investigators to work on cases as a team efficiently.
  • Mentored and cross-trained team members to serve as backup resources when caseload demanded additional personnel.
  • Coordinated multiple simultaneous large scale e-discovery projects, leveraging outside consultants as needed.
  • Developed first responder materials for incident handling to help ensure evidence was not compromised in the course of troubleshooting.
  • Worked to configure implementation of case tracking tool to the needs of the cases Information Security handles, including providing requirements, testing implementation and administering the tool for the department.
  • Developed agents for the SEIM and supported the infrastructure (Novell’s Sentinel).  This included developing requirements from business and security/compliance stakeholders to produce meaningful alerts and increase our ability to detect malicious behavior.
  • Developed agents for Configuration Management solution and assisted with remediation efforts (NetIQ Vulnerability Manager).
  • Developed custom host based intrusion detection and file integrity tracking infrastructure.
  • Served as lead security engineer for both Clorox and Peoplesoft Unix groups.
  • Served as Unix Security Officer for the Development organization at Peoplesoft, acting as a liaison between corporate IS and Security groups and the various Development groups.
  • Improved the server build policies and procedures to increase the security posture of the supported servers.
  • Performed project risk assessments and designed mitigating controls.
  • Developed procedures for operating system hardening.
  • Developed business continuity plans for critical systems.
  • Extensive experience in Unix system administration on Solaris, HP-UX, and AIX.
  • Experienced in shell and perl scripting, database administration, Power Builder application development.

EMPLOYERS

 

 

Sr. Consultant-Network & Information Security, Verizon Business, 2012 - present

Sr. Information Security Specialist, Pacific Gas & Electric, 2010 - 2012

Sr. Information Security Analyst, Safeway, 2005 - 2010

Security Focused Unix Engineer, Safeway, 2004 - 2005

Engineer, Peoplesoft Corporation, 2000 - 2003

I.S. Engineer, Clorox, 1998 - 2000

Engineer, GTE Wireless (now Verizon), 1994 - 1998

 

 

EDUCATION

 

 

 

 

B.S. Computer Information Systems, Saint Leo University, 2005

M.S. Information Assurance, Norwich University, 2007 (with honors)

Ph.D. Information Systems, with a concentration in Information Security (currently pursuing)

 

 

 

 

PUBLICATIONS

 

 

The Leaking Vault: Five Years of Data Breaches, Digital Forensics Association, 2010

The Leaking Vault: Five Years of Data Breaches; Breaches and Vectors; Threat Actors and Victims, Network World Security Strategies, 2011 (Series of three articles about the above study).

Business Continuity in Difficult Economic Times, SANS Institute Reading Room (GSEC Gold Paper), 2003.

 

CERTIFICATIONS

 

 

AccessData Certified Examiner (ACE), by AccessData

GIAC Certified Forensic Analyst Silver (GCFA), by SANS

GIAC Security Essentials Certification Gold (GSEC), by SANS

Certified Information Systems Security Professional (CISSP), by ISC2