Greetings, I'm looking for an employer in the San Francisco bay area or an employer willing to allow me to work remotely. I will consider a variety of positions but would prefer a position in research and/or development. A resume follows below. Regards, -Jeff Jeffrey L. Nathan jeffat_private Objective --------- To research and develop new security technologies, improve existing security technologies and bring an objective open mind to a challenging and technical work environment developing practical and tenable solutions. Experience ---------- 9/2001 - 5/2002 McKesson Corporation San Francisco, CA Enterprise Security Architect * Developed and lead the deployment of a distributed enterprise Network Intrusion Detection architecture (including a low- cost, re-usable appliance platform). * Designed centralized, enterprise logging architecture to aggregate system logs, facilitate minimal real time event detection and correlate events in post processing. * Forensic analysis of possibly compromised production systems. * Acted as a top-level internal security architect researching and developing new security technologies. 10/2000 - 9/2001 @stake, Inc. San Francisco, CA Senior Security Architect * Performed penetration tests, vulnerability assessments, network assessments and application assessments. * Designed Network and Host-based Intrusion Detection, secure logging and firewall/VPN architectures. * Researched new network-based vulnerabilities and attacks against layer 2 network protocols. * Firewall performance research. * Forensic research and analysis of security vulnerabilities, exploit tools and compromised systems. * Authored custom internal tools to facilitate research and penetration testing 1/2000 - 9/2000 Hiverworld, Inc. Berkeley, CA Senior Research Engineer * Authored hardware and operating system specification for security appliances and implemented beta version of appliance platform. * Aided in the design of a target based Network Intrusion Detection System. * Forensic research and analysis of security vulnerabilities and exploit tools. Researched and authored attack signatures and vulnerability signatures to Hiverworld's intrusion detection system and vulnerability scanner. * Performed penetration tests of customer networks and systems. * Ported numerous security exploits and tools from one Unix platform to another. 5/1998 - 12/1999 TEKsystems Phoenix, AZ and Chicago, IL System Administrator (contractor) Motorola, Inc. * Wrote custom installation tools and reporting tools to patch over 1500 Unix systems for Y2K. * Authored automated tools to ensure consistency across all Unix platforms with regards to vendor patches, security policies (host-auditing) and general system health monitoring. Encyclopedia Britannica, Online Network Operations * Aided in planning and implementation of BPG. Modified overall network design to improve integrity and security. Replaced legacy Novell network services with Solaris and Windows NT utilizing NIS and NT print services. * Recommended system and network security policies. 8/1997 - 12/1999 Arizona State University, Systems & Network Management Tempe, AZ Computer Programming Specialist * Partially developed a web-based DHCP management system. * Developed and coordinated the implementation of web-based problem management and change control systems. 8/1996 - 8/1997 Open Port Technology, Inc. Chicago, IL System Administrator * Performed all aspects of system, network and security administration and engineering. * Implemented tools to monitor and verify system and network integrity and consistency. 7/1995 - 8/1996 Open Port Technology, Inc. Chicago, IL Quality Assurance Analyst * Tested Unix, Windows and Macintosh client/server software. * Designed test plans to ensure functionality of products and summarize their performance. Technical Skills and Expertise ------------------------------ * Research: Forensic analysis of security vulnerabilities, exploit tools, network traffic and compromised systems post- mortem. Exploration of new insertion and evasion attacks and defenses for NIDS systems. Analysis of security and networking products to discover vulnerabilities in network/application protocol implementations, IP stacks and state implementations. * Networking: Intricate knowledge of TCP/IP and link layer protocols. Cursory knowledge of routing protocols. Expertise in intrusion detection systems (NIDS), firewalls and vulnerability scanners. * Programming: C, Perl, Unix shells, SQL, debugging and revision control. * Sockets, general Unix system programming, network protocol normalization and decoding * Network Intrusion Detection development (discrete protocol anomaly detection, stream reassembly, IP defragmentation, data mining and data management) * Penetration Testing: Knowledge of local and remote penetrations across Unix and Windows systems. * Operating Systems: Solaris, SunOS, AIX, HP-UX, OSF/1, SCO, *BSD, Linux, Windows, and MacOS. * Hardware: Extensive knowledge of computer hardware platforms and network hardware platforms. Open Source Software Development -------------------------------- * snort network intrusion detection system (http://www.snort.org): Core development team member. * nemesis packet generation tool suite (http://jeff.wwti.com/nemesis): Lead developer. * cryptcat network utility (http://farm9.com/content/Free_Tools/Cryptcat): Contributing developer. Public Speaking --------------- * Co-presenter "Large Scale IDS - Network Intrusion Detection deployment, data mining and management on a large scale" CanSecWest Vancouver, BC May 2002. * Co-presenter "Layer 2 @ your service" BlackHat briefings Las Vegas, NV July 2001. Professional Affiliations ------------------------- * Member of the Honeynet Project (http://project.honeynet.org), a project dedicated to studying the behavior and techniques of the blackhat hacker community. * Member of Usenix: The Advanced Computing Systems Association. Education --------- 8/1997 - 12/1999 Arizona State University Computer Systems Engineering 7/1994 - 12/1995 DePaul University Computer Science References ---------- Available upon request. -- http://jeff.wwti.com (pgp key available) "Common sense is the collection of prejudices acquired by age eighteen." - Albert Einstein
This archive was generated by hypermail 2b30 : Mon Aug 26 2002 - 11:41:52 PDT