I am looking for information security work in the Washington DC area now that my contract is approaching its end. My main areas of expertise are Checkpoint Firewall-1, Nokia IPSO and the Snort Intrusion Detection System. Please view my resume below. Text, HTML and DOC versions are available at: http://www.bragger.net/resume Sincerely, Eric J. Bragger infosecat_private ____________________________________________________________________________ Eric John Bragger (CCSA/CCSE) infosecat_private ____________________________________________________________________________ 167 Crossbow Ln. Phone: (301) 963-3525 Gaithersburg, MD 20878 Fax: (301) 924-9337 ____________________________________________________________________________ OBJECTIVE To support excellence in the field of information security by combining broad technical ability and continuous research with initiative, creativity, strong verbal/written communication skills and business proficiency. ____________________________________________________________________________ POSITIONS HELD Network Security Analyst Sr. Engineer III, IP Security Engineer II, IP Security Systems Security Analyst I ____________________________________________________________________________ INFORMATION TECHNOLOGY --- - INFORMATION SECURITY --- GENERAL SKILLS Assessment - Intrusion Detection - Penetration Enterprise Anti-Virus - Network Mapping Functional Testing - Hardening - War Dialing Technical Writing ENCRYPTION SSH - PKI (PGP) - RSA Keys - DES/3DES - ISAKMP IPsec - FWZ - SKIP --- - NETWORKING --- GENERAL SKILLS Security Analysis - Segmentation - Architecture Routing - Switching - Testing TROUBLESHOOTING Packet Sniffing/Decode (tcpdump, Snort, Ethereal) Session Analysis - Route Verification PROTOCOLS IP - TCP - UDP - ICMP - ESP - VRRP - GRE - NetBIOS --- - CHECKPOINT FIREWALL-1 --- ADMINISTRATION Provider-1 - Standalone - Field Firewalls High Availability - Gateway Clusters VPNs ISAKMP (IKE) - IPSEC - FWZ - SKIP - GRE Tunneling SECURECLIENT IKE - FWZ - UDP Encapsulation - IKE over TCP Single / Multiple Entry Points NAT Internal-to-Internal (Dual Hide NAT) - IP Pooling Multi-Interface - Inbound VPNs/SecureClient Users AUTHENTICATION User/Client/Session - RADIUS - LDAP - S/Key - IKE RESOURCES/PROXIES Kernel URL Logging - Connect Control HTTP, SMTP, FTP Security Servers - URI Filtering CRASH FORENSICS "ELG"/Core Analysis - Daemon Stats - Module Debug AUDITING Rulebase Security Audits - Log Audits Integration - Performance Tuning REVERSE ENGINEERING Rulebases (compiled/uncompiled) - Objects File --- - NOKIA IP APPLIANCE / IPSO OPERATING SYSTEM --- ADMINISTRATION Voyager Configuration - High-Availability (VRRP) ADVANCED ADMIN. "iclid" - "ipsctl" - "ipsofwd" Firewall Flows - Performance Tuning CRASH FORENSICS Core Analysis - Log Analysis - Module Memory Usage Subsystem Health (CPU/Disk/Memory) REVERSE ENGINEERING IPSO Database --- - TICKETING SYSTEMS --- FUNCTIONAL DESIGN Interface - Logic - Field Elements Relational Structure - Metrics --- - SOFTWARE --- OPERATING SYSTEMS Nokia IPSO - Solaris - Linux - BSD - SunOS - Unix Windows 2k/NT/98/95/3.1 - X-Windows - OS/2 - DOS FIREWALLS Checkpoint FW-1 v4.0-4.1 - Axent Raptor 5-6.0 Cisco PIX - NAI Gauntlet 4.2-5 SCRIPTING sh / bash (Bourne Shell) - Parsing - Quoting Regular Expressions - HTML SECURITY TOOLS ISS Internet Scanner 5-6.x - NAI CyberCop Scanner Snort / ACID - ISS RealSecure - Sara - Tripwire Nmap - Nessus - ToneLOC - THCscan - TCP Wrappers McAfee : EPO - VirusScan Enterprise 4.51 NetShield 4.5 - Alert Manager PRODUCTIVITY Microsoft Office 95-2000: Word - Excel - Outlook Project - Powerpoint Webtrends - Visio 4.0-2000 - Wordperfect 4.2-8.0 E-MAIL Outlook - Evolution - Pine - Lotus Notes 4.x Eudora Pro - Netscape Messenger ____________________________________________________________________________ SCRIPTING HIGHLIGHTS snortcheck Monitors the activity and stability of a Snort IDS. Supports MySQL databases. Planned for open-source release with the goal of inclusion in the Snort distribution. smcobjects Displays the Checkpoint objects and NATs that match an IP address segment, in addition to the groups those objects are in. Handles infinitely nested groups. smcrules Converts complex Checkpoint rulebases to HTML. Additionally outputs Static Routes and ARPs decoded from the Nokia IPSO database. smcfailops Automatically diagnoses discrepancies between Checkpoint firewalls in a high-availability configuration and verifies proper settings for failover operation. smcinfo Modular scripting system which logs into and runs commands on a list of firewalls. Each module can contain settings that offer complex and highly customized execution. smcbackup Automates incremental backups of files each time they are modified. ____________________________________________________________________________ WORK EXPERIENCE 2002-Present NETWORK SECURITY ANALYST Comsys Inc. Contracted to Fortrex Technologies · Conducted a comprehensive review of Fortrex managed security operations, providing recommendations for dramatically increased efficiency and scalability. · Reduced the number of false alerts from a Fortrex client's Snort intrusion detection system by a factor of ten with no compromises in security. · Designed and built an intrusion detection system for a Fortrex client, consisting of Internal-to-Internal, External-to-Internal and DMZ sensors. Each was individually tuned and monitored via ACID software on a MySQL backend database. · Installed and field-tested McAfee enterprise anti-virus products, both standalone and centrally managed via the McAfee EPO (Enterprise Policy Orchestrator) software. ___________________________________________ 2001-2002 SR. ENGINEER III, IP SECURITY Allegiance Telecom / Intermedia Business Internet Security Management Center · Served as lead engineer for managed firewalls in the field. On-call escalation point for 2nd and 3rd tier engineers. Principal coordinator of vendor support. Daily contact with domestic and international customers, to include government agencies. · Designed the structure, interface and article templates for a flexible, enterprise-class knowledgebase. Authored the majority of its articles. · Developed requirements for ticketing system migration from Cold Fusion to Remedy. Revised and re-organized ticket categories in support of data mining and metrics. ___________________________________________ 2000-2001 SR. ENGINEER III, IP SECURITY Intermedia Business Internet Security Management Center · Served as 3rd tier engineer for managed firewalls in the field. On-call escalation point for 2nd tier engineers. Daily contact with domestic and international customers, to include government agencies. · Reverse-engineered significant portions of the Checkpoint rulebase files, Checkpoint objects file and Nokia IPSO database. Applied this knowledge to automated scripts and day-to-day operations. · Designed a major overhaul to the structure and interface of a Cold Fusion-based ticketing system in support of efficiency and metrics. This included HTML prototypes of schemas and a complex logical diagram created in Visio 2000. · Authored official procedures for topics such as crash forensics and troubleshooting. · Informed Checkpoint of a deficiency with their workaround to the high-profile RDP tunneling vulnerability and escalated within Checkpoint until a proper patch was released. · Maintained a list of documented and undocumented bugs in Checkpoint Firewall-1 and the Nokia IPSO operating system. ___________________________________________ 1999-2000 ENGINEER II, IP SECURITY Intermedia Business Internet / Digex Security Management Center · Served as 2nd-Tier engineer for managed firewalls in Digex server farms and in the field. Escalation point for 1st-Tier engineers. Daily contact with domestic and international customers, to include government agencies. · Principal contributor in executive-level meetings with the Director of Product Management, the Manager of Security Products Sales and the VP of Business Process Solutions. · One of three employees selected to participate in a revision of internal processes and job requirements. Designed changes to the internal ticketing system in support of these revisions. · Maintained individual monthly firewall licenses on approximately 300 firewalls. Negotiated with Checkpoint for a global 6-month license. ___________________________________________ 1998-1999 SYSTEMS SECURITY ANALYST I CACI Inc. Information Assurance Dept. · Created the department's benchmark technical proposal for security assessment contracts. · Responsible for project timeline creation, client interaction, strategic planning, technical analysis and documentation for a long-term Navy network reconfiguration. · Conducted a comprehensive assessment of the features and technical aspects of thirtee major Intrusion Detection Systems. · Composed a document combining load analysis, network simulation and firewall implementation procedures for a Navy client. This document received commendation from the client. · Responsible for the installation, configuration and accreditation of a mission-critical firewall. · Created comprehensive configuration documents for conversion from a Checkpoint firewall to a proxy-based Raptor firewall, to include hardening the Solaris operating system. · Technical lead for a quarterly County network assessment that included external/internal vulnerability analyses, analog phone scanning, threat monitoring and custom reporting. · Evaluated the security and utility of a distributed networking infrastructure for a mission-critical, international deployment of satellite communications. · Performed a comprehensive sector analysis of a foreign government's technology incubator program. ____________________________________________________________________________ CERTIFICATIONS / TRAINING 2002 Passed the Symantec "Intrusion Detection in the Enterprise" Exam 2001 Checkpoint Certified Security Administrator (CCSA) Checkpoint Certified Security Expert (CCSE) 2000 Nokia IP Security and High-Availability Training Checkpoint CP2000 Training Axent NetProwler IDS Training 1999 ISS Certified for Internet Scanner and SafeSuite Products CACI Inc. Certified in Project Management ____________________________________________________________________________ EDUCATION 1994-1998 University of Florida Gainesville, FL BBA in Management, Warrington College of Business Administration
This archive was generated by hypermail 2b30 : Fri Jul 05 2002 - 14:15:37 PDT