Greetings all, I am one of those who got caught up in the rounds of lay-offs in the IT industry, and I hope this mailing list will help me in the pursuit of my next job. Please take a look at my resume (below) and see if you know of any suitable positions. I live in Jersey City, NJ (15 minutes from Manhattan) but relocation (to anywhere !) is not a problem, nor is travel. I am looking for a permanent position, but unfortunately require visa sponsorship. Note however that new H1-B visas can be processed within two weeks these days, see: http://www.ins.usdoj.gov/graphics/services/employerinfo/premprsv.htm Sincerely, Paul Helmich, CISSP Also see my online resume at: http://www.hotjobs.com/cgi-bin/person-show?P__PINDEX=P826298TB OBJECTIVE Gain employment with an organization that challenges my current skills while offering the opportunity to continue career advancement. Obtain a position in the field of security architecture design or security consulting. Use my security expertise to research, design and deploy complicated security solutions for a broad client base. Continue developing knowledge of network and security related products and technologies. PERSONAL DETAILS Name: Paul Helmich, CISSP Contact me at: phelmichat_private / 201-4519509 Currently at: Jersey City, New Jersey. SUMMARY I am a general security practitioner (CISSP certified) with 4 years of experience in the Infosec field. My strengths lay in consulting, communicating about security issues, designing and deploying Security Architectures. I believe that the description below of a security architect's role nicely covers the kind of tasks I have performed in the last couple of years: * Actively participating on project teams from requirements definition phase through production implementation, providing requirements on appropriate security implementation. * Working on technology projects and providing security requirements for implementation of new technologies such as wireless Internet access, B2B exchanges, etc. * Conducting security assessments of various areas and emerging technologies. Working with development teams and lines of businesses to guide the decision making about the secure implementation and use of new technology. * Conducting security consulting, risk & vulnerability assessments, and assisting with application architecture and network architecture design. * Assessing compliance with security policies and sound security practices. * Documenting and reporting security issues to senior management. Ensuring that security issues are addressed. Having the ability to interact with all levels of users/actors. EMPLOYMENT HISTORY Cap Gemini Ernst & Young (1-1-1999 to 4-24-2001) Sector: Finance Business Unit: Technology Consulting CSC Computer Sciences Corporation (August 1997 till 1-1-1999) EDUCATIONAL QUALIFICATIONS Nottingham Trent University (in the UK) BA (Honours) Business Administration,1995-1996 Hogeschool van Utrecht BA International Business, 1994-1997. PROFESSIONAL QUALIFICATIONS * CISSP (Certified Information Systems Security Professional). (See www.isc2.org) * Microsoft Certified Professional (MCP) - Networking Essentials * Microsoft Certified Professional (MCP)- TCP/IP for NT Server 4 * Member of the Computer Security Institute (CSI). METHODS TRAINING: * Consultancy skills Savonije training, December 99, 3 days * Architecture Design - Distributed Secure Environments (AD-DSE) Cap Gemini, March 1999, 3 days * Architecture Design - Technical Infrastructures (AD-TI) Cap Gemini, June 2000, 5 days * Consultancy skills Bronsgeest BV, September 1998, 4 days * Object-Oriented Thinking Cap Gemini, September 1997, 3 days TECHNICAL SKILLS I am well versed in the use, design, and deployment of the following security / network related technologies: TCP/IP, Firewalls, DMZ, VPN and especially PKI / Cryptography. Standard tools I use on a day-to-day basis include the MS Office suite and Visio. PUBLICATIONS * International Internet Marketing - A Theoretical Framework and Practical Analysis - Helmich, 1996 (Bachelor's Thesis, First Honors) * Electronic Commerce - Business-to-business vs. Business-to-consumer. Computable, June 1998 * PKI - Public Key Infrastructures, a Cap Gemini white paper. April 99. * Public Key Infrastructures - Overview. Infosecurity magazine, October 1999. * Public Key Infrastructures - a Panacea solution? Network Security magazine, May 2000 Same - Adapted and reprinted in the Information Security Bulletin, July 2001, Vol. 6 Issue 6. LANGUAGE SKILLS * Dutch: Excellent * Papiamento: Good * English: Excellent * French: Average * Spanish: Very good * German: Minimal (Competence levels: minimal/average/good/very good/excellent) PROFESSIONAL EXPERIENCE (In reverse chronological order. Only major projects are listed). While working for Cap Gemini Ernst & Young : Elemica marketplace November 2000 - April 2001 Elemica is potentially the world's largest B2B marketplace. It was founded by a consortium of the world's 22 largest chemical firms. The aim is to provide a central point through which the members can trade through standardised XML messages. Scope covers orders, invoices, physical delivery offerings (logistics) and financial services. My job was to be the client's security architect, interfacing with many vendors to ensure product interoperability with regards to security issues such as two-way SSL, digital message signing, Single Sign On, PKI, VPN, centralized user management and centralized access control management. Duties included reviewing security policies. ABN Amro bank: Internet banking June-November 2000 This client is creating a complete new virtual bank, for roll-out throughout Europe. It will include all banking services, including retail banking, e-brokerage, savings etc. over various distribution channels like the Internet and mobile phones. I represented the customer towards their vendors on all security aspects. I also had to make sure the solution being designed conforms to the corporate security policy, and as such I interfaced with the internal auditing department. Technical keywords: Trade.com and Fiserv software, security tokens, secure process design. ABN Amro bank: security consulting April -June 2000 My main task consisted of developing guidelines for the secure development of Intranet / Internet applications. This meant translating the corporate security policy to something more tangible for developers to work with. A second task was to help in the creation of a policy document on WAP technology, where I took care of the security aspects. Course development: Cap Gemini (internal) R&D. January to April 2000 Together with a colleague I developed one-day training courses on the topics of PKI and of E-security. These are now part of the standard portfolio of Cap Gemini's Educational Division. I have subsequently facilitated several of these training courses, in various European countries. PKI Task Force: Cap Gemini (internal) R&D. October 99 to January 00 I operated as a team leader for our PKI team, consisting of six people. Our main deliverables were a number of white papers on PKI and on security components, and a demo which includes certificates on smart cards with biometric readers. I regularly give presentations on PKI technology. Rabo Bank: System Security Architecture for Payments July to December 99 The Rabo Bank has a collection of systems (mainframes, databases, etc) which process all the payments of the bank with all stakeholders (consumers, other banks, etc.). Due to new business requirements they were in the process of redesigning their system architecture for the next five years. Cap Gemini had been brought in to help them with Security and Governance aspects of architecture design, using methodologies Cap Gemini has developed for this. My role was to design the security architecture using the AD-DSE methodology. One deliverable they used extensively was a flowchart with all external dataflows classified per security sensitivity. Cap Gemini (internal): Security R&D April to October 99 I coordinated the research efforts into security infrastructures. This research area focuses on infrastructural components such as PKI, firewalls, proxy servers, VPN's, authentication and authorization mechanisms, and hardware tokens (e.g. smart cards). The deliverables consist of a presentation and a white paper on the roles of these components and how they interrelate. Another deliverable is a working demo of an integrated secure environment. Mr. Helmich has also published a white paper on the role of PKI in Electronic Commerce. ABN Amro Bank - Risk Analysis March 99 A department of the ABN Amro Bank wanted to implement a software package, but had to conform their project plan to the corporate security policy. I carried out a risk analysis with regard to the implementation plans for the software package. The largest risk lay in the fact that a data-communication connection had to be made to a third party, outside the corporate network. I designed two alternative networking architectures, which allowed the customer to eliminate this risk without a loss of functionality. While working for CSC Computer Sciences Corporation : PTT Post - Security Audit 15 October till 31 December '98 Under the leadership of a senior Security Consultant an internal security audit was carried out on the Internet related services that our customer provides. Together with him I wrote a Statement of Work and a Project Plan for bringing the security in this environment to a higher level. The audit focused not only on Network /Computer Security, but also on Physical, Organizational and Procedural security. Several dozen tasks have been identified and subsequently addressed. Some of these were done by me, for example tightening the firewall filtering rules and setting up a Change Management procedure for the security infrastructure. PTT Post - KeyMail service 3 months This customer wants to become the major TTP (Trusted Third Party) for the Netherlands, offering digital certificates to the Dutch population. A project to accomplish this has been carried out, and the resulting Certification Service has been launched as "KeyMail" (www.keymail.nl) in October 98. I was a member of the group of three persons responsible for the IT infrastructure for this project. I also participated in weekly meetings of the overall project group and reviewed project documentation to keep up to date with the larger picture, gaining an understanding of all applicable TTP processes. On the IT side, I have been responsible for evaluating the products from CA vendors, and have implemented a web gateway between the UniCert CA system (from Baltimore Technologies) and the Internet. This included some website development work. LDAP Servers and Oracle databases are often a component of CA systems and thus I have gained some basic knowledge of these components. Technical Keywords: PKI (Public Key Infrastructure), Netscape Enterprise Server 3, SSL, certificates, encryption, Firewalls, network architecture, TCP/IP, X.500, UniCert package. PTT Post - Secure Electronic Messaging on X.400 3.5 months I operated as an independent project leader for this project. This involved coordinating the efforts of testing a software application for bugs. Furthermore the application and its manuals had to be localized (this involves translation to Dutch, among other things). This project has been my first experience with project management and taught me much about the various administrative tasks a project manager must fulfill. The deliverable of the project was an X.400 based E-Mail client, capable of sending encrypted E-mail. X.509 v3 certificates were used. The project has given me good insights into the workings of CA software and processes, especially the underlying techniques involving public/private keys. PTT Post - Secure Network Architecture 6 weeks During this project, in the role of junior consultant, I assisted in the design and implementation of a secure network environment within the Print & Mail department of PTT Post Netherlands. The goal of the project was to create an infrastructure that was robust, safe, and scalable, so that in the future other PTT networks can also make use of it. This network forms the only connection between the PTT Post backbone and the outside world (i.e. Internet). After the design was completed I oversaw the RFP, judged the proposals received from vendors, and ordered the necessary equipment.
This archive was generated by hypermail 2b30 : Thu Jul 26 2001 - 13:34:29 PDT