-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello All, I am seeking a challenging position in information security which has remained as a driving interest for me through the years... I have professional experience in Quality Assurance leadership, over projects in C, C++, Java, and Visual Basic on the Windows and Unix platforms for a distributed networking company. Before that I was a Research Analyst who rated consistently highest in quality and quantity in my research. In the security field, primarily, I have been involved in writing custom security applications, security research, and performing security audits on code and networks. I have been involved in the development of major sniffer/IDS projects (SpyNet/Iris, now sold by eeye) and a distributed networking privacy/proxy project. I have written a "tripwire like" windows project, load testing networking projects for QA, vulnerability scanners, and email/news/web security products. I have also written a distributed, encrypted Instant Messenger which piggy backs gnutella. Full disclosure projects of otherwise note: in sept of 99 I released "proof of concept code"/paper detailing the danger of web trojans/worms. I proved that reconstructing a trojan binary from HTML was entirely feasible and stated that the likelihood and impact of a worm was imminent. (TLsecurity, packetstorm). In Jan of 2000, I released "proof of concept code"/paper detailing the imminent danger of timed fuse DDoS attacks through Windows systems. ( TLsecurity, packetstorm). In Jan of 2000 I released a buffer overflow exploit in ICQ and noted that Instant Messengers would be a primary target of hackers in the future. (Bugtraq). Resume is attached. Online, formatted version: http://resumes.dice.com/thepull Willing to relocate, can cover relocation expenses in US or Canada... pay is not as important as a challenging position... preferably one which involves code/network vulnerability analysis or security research. Cheers, Drew -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.2 for non-commercial use <http://www.pgp.com> iQA/AwUBO4eOAZ7TPzNx4o4YEQKb0wCgwDBT0fed6ODAUHOFioogYOHXR/QAn3w3 4N5PX0sCo9JXjEvESIsnTX7u =0/Ac -----END PGP SIGNATURE----- Drew Copley -------------------------------------------------------------------------------- 4305-C Acropolis Court, Austin, TX 78759 (512) 418-9599 DCOPLEYat_private Summary A Computer Security Specialist and Rapid Application Developer who has a strong background in distributed networking, QA Management, and Research Analysis. Work Experience OpenCola Aug 2000 - Aug 2001 Started and managed the QA department which oversaw seven projects in Java, C, C++, and Visual Basic * Created a thriving bugs database for each project * Communicated closely with both developers and sales * Trained and performed black and white box testing * Performed security audits on a code and network level * Created and managed a tasking system for the department which management used an example for the rest of the company * Designed and performed metric tests * Instituted error checking in Visual Basic code. Managed code build and release process * Designed tech support system, and managed it * Wrote testing applications in Delphi pcOrder Mar 1998 - Aug 2000 Researched computers, hardware, and software for large companies * Achieved the top Research Analyst for the longest period of time in both quality and quantity out of over one hundred researchers * Won awards for productivity suggestions * Pioneered special telecommuting program Solectron Mar 1995 - Jul 1997 Soldered and assembled a wide variety of devices including high-end military cards and prototype PC motherboards for Hughes, Dell, Gateway, Compaq, and others Example Projects Pi An encrypted, distributed instant messenger and file sharing application that worked on top of Gnutella, separating Gnutella into "Channels". Partially, this was done to cut down on Gnutella's infamous bandwidth problems. It also implemented a DNS substitute system, so the networks could stay up despite dynamic DNS. It is skinnable. Developed in a month in Visual Basic. SpyNet SpyNet is one of the most popular sniffers ever. It is now called "Iris" and sold through eEye. As the developer's single partner, performed binary level auditing and black box testing. Developed and managed the website. Ran promotions and wrote copy for these promotions. Handled tech support and investigated bug reports. Tracked down binary level problems in the code. FolderGuard FolderGuard is a security application like Tripwire for Unix. It watches directories of the user's choosing, and writes any changes made to any files within that folder in a log. It is fast and requires few resources. Written in Delphi. Special Security Qualifications Presented papers, projects, and bug reports to the international security community throughout years of involvement. Contributions included reports about and demonstrations of security flaws inherent in HTTP, instant messaging, and DDoS attacks and were submitted well before public knowlege of the associated risks was wide spread. (Published at Bugtraq's, PacketStorm Security, TLsecurity, and other major security sites). Demonstrated a level of expertise in the field of computer security to attract the attention of an internationally recognized computer security group. Subsequently I have joined said group in collaborating on a large scale public services project. In this capacity I help to run a committie containing thirty of the world's top security experts. Certifications Testing for the CISSP (Certified Information Systems Security Professional) September 28. Skill Set in Brief - CGI, HTML, DHTML, XML, JavaScript, Perl, WSH/VBS and Python -- Delphi/Kylix (1 year), Visual Basic (2 years), Assembly Language (5 years), C (3 years), C++ (3 years), Java (3 years) - Expert in Binary Forensics, disassembly, and debugging that comes from five years in Assembly, my strong development background, and experience in Quality Analysis - Windows 3.1/95/98 NT 3.5/4.0 2000, Red Hat, Mandrake, FreeBSD, OpenBSD - Experienced in doing network security audits on Windows and Unix systems. - Skilled in usage and creation of a massive array of security products on both Windows and Linux: sniffers, scanners, firewalls, IDS systems, etc - Expert in networking protocols and low level packet forensics that comes from working on a Sniffer and distributed networking projects - Utilized and studied RSA, Diffie-Hellman, Rijndael, Blowfish, SSL, TLS, PKI, etc - Knowledgeable in forensic psychology which comes from years of private study and a consuming interest Willing to relocate, References Available on Request
This archive was generated by hypermail 2b30 : Mon Aug 27 2001 - 13:59:58 PDT