SUMMARY OF QUALIFICATIONS

 

 

Four years of forensics, incident response, e-discovery/litigation support and workplace investigation experience. Ten years Unix security administration, including policy development, operating system hardening, auditing, intrusion detection, risk assessment, and business continuity planning. Eleven years Unix system administration supporting both development and production environments in a 24/7 data center. Accomplished at providing a high level of customer service. Skilled at training and mentoring junior members of staff. Adept at communicating technical issues to a non-technical audience, and interfacing with all levels of management.

 

 

PROFESSIONAL EXPERIENCE

 

  • Performed workplace investigations, e-discovery/litigation support and digital forensics using Access Data’s Forensic ToolKit and Open Source tools on over 300 cases.
  • Experienced with imaging hardware including ImageMasster Solo 3 and Link Masster.  Also experienced with the Digital Intelligence FRED forensics server.
  • Served as liaison for Legal, HR and Loss Prevention for investigations and litigation support.  Facilitated data collection from drive images, email, IM, and many other data sources.  
  • Coordinated with Outside counsel in litigation cases.  
  • Forensics lead for Information Security, and member of the Computer Incident Response Team.
  • Established policies and procedures for investigations function, including evidence lifecycle, chain of custody, forensic acquisition, and various investigative procedures.
  • Developed business case for build out of forensics lab, ultimately designed to allow multiple investigators to work on cases as a team efficiently.  
  • Mentored and cross-trained team members to serve as backup resources when caseload demanded additional personnel.
  • Coordinated multiple simultaneous large scale e-discovery projects using outside consultants.
  • Developed first responder materials for incident handling to help ensure evidence was not compromised in the course of troubleshooting.
  • Worked to configure implementation of case tracking tool to the needs of the cases Information Security handles, including providing requirements, testing implementation and administering the tool for the department.
  • Developed agents for Security Information Management infrastructure and supported the infrastructure (Novell’s Sentinel).  This included developing requirements from business and security/compliance stakeholders to produce meaningful alerts and increase our ability to detect malicious behavior.
  • Developed agents for Configuration Management solution and assisted with remediation efforts (NetIQ Vulnerability Manager).
  • Developed custom host based intrusion detection and file integrity tracking infrastructure.
  • Served as lead security engineer for both Clorox and Peoplesoft Unix groups.
  • Served as Unix Security Officer for the Development organization at Peoplesoft, acting as a liaison between corporate IS and Security groups and the various Development groups.
  • Improved the server build policies and procedures to increase the security posture of the supported servers.
  • Performed project risk assessments and designed mitigating controls.
  • Developed procedures for operating system hardening.
  • Designed and implemented PowerBroker infrastructure for root delegation to other groups as needed, reducing the need for after hours support from the system administration group under very limited and specific circumstances.
  • Implemented PGP encryption server software infrastructure. 
  • Developed business continuity plans for critical systems.
  • Extensive experience in Unix system administration on Solaris, HP-UX, and AIX.
  • Experienced in shell and perl scripting, database administration, Power Builder application development.

 

 

 

 

 

 

EMPLOYERS

 

 

 

Senior Information Security Analyst, Safeway, 2005 - present

Security Focused Unix Engineer, Safeway 2004 - 2005

Engineer, Peoplesoft Corporation, 2000 – 2003

I.S. Engineer, Clorox 1998 – 2000

Engineer, GTE Wireless (now Verizon) 1994 – 1998

 

 

EDUCATION

 

 

 

B.S. Computer Information Systems, Saint Leo University, 2005

M.S. Information Assurance, Norwich University, 2007 (with honors)

Ph.D. Information Systems, with a concentration in Information Security (currently pursuing)

 

 

 

 

 

 

CERTIFICATIONS

 

 

 

AccessData Certified Examiner (ACE), by AccessData

GIAC Certified Forensic Analyst Silver (GCFA), by SANS

GIAC Security Essentials Certification Gold (GSEC), by SANS

Certified Information Systems Security Professional (CISSP), by ISC2