FL CISSP Seeking a Position

To all,

I am searching for a position in Orlando, Miami, West Palm Beach, Fort Lauderdale or Tampa. My management experience includes security throughout an organization, IT operations of a New York site and 3 B2B web sites. I have established security programs, policies and procedures and operating system hardening standards. I have a strong UNIX system administration background as well. I am a Certified Information Systems Security Professional (CISSP).

I have a particular affinity for security audits. I have audited IT departments, large corporate data centers, hosting providers and secure facilities. I have also been exposed to numerous methodologies (DoD certification and accreditation (DITSCAP), ISO 17799 and the Common Criteria). I work against audit findings with prioritized issues lists, followed by new policies, procedures and standards.

If you have any questions or comments, please do not hesitate to contact me. Thank you.

Gideon

Gideon Rasmussen, CISSP
Celebration, FL
gideon@infostruct.net
321-939-1526

SUMMARY OF QUALIFICATIONS CISSP with 8 years of experience in fortune 500 and military organizations. Background consists primarily of security, infrastructure and operations focus. A history of rapid promotions led to a Director level position with full responsibility for implementation and support of mission critical systems.

Possesses a solid auditing background, with experience in both commercial and military organizations. Has audited IT departments, large corporate data centers, hosting providers and secure facilities. Methodologies include ISO 17799, the Common Criteria, and DoD certification and accreditation (DITSCAP).

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Utilizes an effective combination of management expertise and hands-on technical skills. Conducts thorough on-site information security audits and manages resolution of the findings. Has proven problem solving, analytical, project management, interpersonal, multi-tasking and communication skills. A proven security advocate, effects cultural change. Focused on security, high availability, monitoring, and continuity.

PROFESSIONAL EXPERIENCE International Creative Management, Inc., New York City February 2002 - August 2002
Director, Technical Operations

Responsible for the operations of the New York office and information security throughout the organization. Conducted information security audits of the New York IT department and a hosting provider.

Established security awareness program. Executed external vulnerability scans. Managed resolution of findings through prioritized issues lists. Specified network and router configurations (subnet, ingress, egress and point to point ACLs). Established Solaris and Win2K configuration/hardening standards. Ensured operating systems and applications were routinely upgraded and patched. Managed outsourced firewalls. Replaced firewall hardware throughout the enterprise. Specified best practices configurations of firewalls, switches and routers. Drafted security policies. Conducted business continuity exercise with emergency action plans. Distributed INFOSEC advisories and ensured the vulnerabilities were addressed.

Trained personnel in operations procedures and documentation. Established standby program with 24/7 response team, recall roster, and incident reporting. Established layered monitoring program with URL monitoring service, custom scripts, centralized syslog (Sun, Cisco, AIX and Red Hat), log monitoring software and notification to e-mail/pagers via Exchange distribution lists with public folders. Stored and distributed passwords securely. Maintained continuity through operations guides, build documentation, change logs, network diagrams and hardware-software inventories. Ensured effective communication through weekly reports, task lists, and meetings. Specified the migration and consolidation of systems. Established host naming convention. Specified enterprise backup solution and Sun development and production infrastructure.
Software: Cisco Works, Whats Up Gold, Compaq Insight Manager, MRTG, Ecora Configuration Auditor, ISS Real Secure, Websense, LogSentry, SSH, eWallet, SANS SNMPing, MS Baseline Security Analyzer, CIS Router, Win2K and Solaris benchmarking tools.
Services: Vigilante SecureScan and Dot-Com Monitor.

American International Group, New York City November 2000 - February 2002
Infrastructure Security Manager
(Independent Consultant)

Responsible for the security and operations of 3 B2B websites. Stabilized and transitioned externally hosted web site. Created new DEV, UAT and production web environments in the New York office and corporate data center. Conducted on-site security assessments of a SOC, a hosting provider, and the corporate data center using ISO 17799 as a standard
(formerly BS 7799).

Established and enforced policies and procedures to maintain secure, highly available operations. Supervised system and application administrators. Contributed heavily to the corporate Solaris hardening standard. Managed firewalls of external hosting provider. Addressed production issues with the hosting provider, data center, vendors, consultants, and development team. Ensured redundancy throughout applications, hosts, networks, power, and HVAC systems. Conducted high availability and monitoring testing. Established standby program with 24/7 response team, escalation plan, recall roster and incident reporting. Maintained continuity through operations guides, configuration standards, build documentation, change logs, network diagrams and hardware/software inventories. Ensured effective communication through weekly reports, task lists, and meetings. Established layered monitoring program. System monitoring included URLs, commercial and custom applications, logs, hosts, networks, and HVAC. Security monitoring consisted of intrusion detection and vulnerability assessment. Responsibilities also included disaster recovery, traffic statistics, scheduling of activities during maintenance windows, hardware/software purchases, and support contracts. Accomplished hardening of operating systems and applications.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Liaised between security firms and underwriters. Evaluated security services and software. Reviewed security audits and assesses risk of issuing hacking/cyber extortion insurance to potential clients. Software: Solaris, VCS, Netegrity Site Minder, I-Planet Web Server, I-Planet Application Server, I-Planet Directory Server, Jrun Application Server, Oracle, Sybase, Maxamine Process Analyst, Webtrends, BMC Patrol, CA Unicenter TNG, LogCheck, Password Safe, SSH, Axent ITA, Tripwire, CIS Solaris Benchmarking Tool and Sun Jass Toolkit. Services: Vigilante SecureScan, Freshwater Site Seer and Dot-Com Monitor.

McGowan Consulting Group, Inc                           December 1999 -
October 2000
UNIX System Administrator                                       

Responsible for security on the Sun servers. Multi-site support. Centralized Syslog and used Swatch to send notification via e-mail. Created change process. Logged changes. Installed and secured Netscape Enterprise Server. Installed Weblogic Server. Built secondary DNS server. Divided development environments into test and staging. Generated custom web site statistics in html tables. Gave presentations. Drafted purchase justifications. Vendor liaison. Strong influence on purchasing process. Hardware: SunE450 (10), Ultra2 (2), Ultra5, SPARC 2 - 10, Additional Software: Veritas/Sun Volume Manager 2.4 - 3.0, Big Brother, Apache Webserver, SE Toolkit, Crack, Sudo, Samba, NFS and Sendmail. Operating Systems: Solaris 2.5.1 - 2.7 (Supported Oracle)

News America Marketing                          June 1999 - December
1999
UNIX System Administrator                                        

Company's sole UNIX System Administrator. Administered 2 Enterprise and 7 mid range servers. Significantly increased server security. Created all local UNIX documentation. Created standardized program of Sun server configurations, documentation and scripts. Scripts include security and system monitoring with notification via e-mail. Performed Y2K upgrades on all UNIX servers. Centralized Syslog. Supervised numerous consultants. Created standby/response program. Gave presentations. Drafted purchase justifications. Vendor liaison. Strong influence on purchasing process. Hardware: SunE5000, SunE5500, SunE450, Ultra60, Ultra10, Ultra2, Ultra1, Periphonics IVR servers, SPARC 5 - 20, Software: Sun Volume Manager 2.4 - 2.6, Roadrunner, NetBackup, Sendmail, NFS, Epage, Computron, Jetadmin, Network Queuing System, EZ Spooler. Operating Systems: Solaris 2.4 - 2.7 (Supported Oracle)

United States Air Force                                 July 1995 - June
1999
Information Systems Security Officer (ISSO)                     August

Conducted self assessment audits of the facility and systems. Performed certification and accreditation testing. Provided operators feedback on basic/in-depth INFOSEC tools/concepts; contributed to contingency planning and zero-tolerance security posture.

UNIX System Administrator                               August 1996 -

Installed and configured system software. Isolated faults, determined causes, and recovers from malfunctions due to hardware, software, and communications failures. Developed and maintained system/shop standard operating procedures. Conducted life cycle management. Had a focus on system usability, reliability and the user. Hardware: DEC Alpha 2100 Software: DEC OSF/1 4.0 and Solaris 2.5.1.  

EDUCATION A.A. Information Systems Technology, Community College of the Air Force A.A. Business Administration, Norwalk Community - Technical College

CERTIFICATION Certified Information Systems Security Professional [CISSP] - (ISC)2

TRAINING Solaris TCP/IP Network Administration - Sun Microsystems Sun StorEdge Volume Manager Administration - Sun Microsystems Solaris System Administration II - Sun Microsystems Solaris System Administration I - Sun Microsystems UNIX Systems Administration Certificate - Advantec Institute UNIX Shell Programming Certificate - Advantec Institute UNIX Fundamentals Certificate - Advantec Institute Internetworking with TCP/IP Certificate - Advantec Institute Microsoft Exchange Certificate - Computer Learning Center INFOSEC for ISSOs and ISSMs - Department of Defense INFOSEC Training Facility (DoD ITF)
Operational Information Systems Security - DoD ITF Department of Defense Certification & Accreditation Process - DoD ITF USAF Communications - Computer Systems Operator Certificate (Honor Graduate)
Automated Message Handling System Administrators Course - Boeing Corporation
USAF Trainer Certificate Received on Mon Apr 7 12:34:26 2003

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek