To all, I am searching for a security/operations management position in the area of Stamford, CT or New York, NY. I am also available for relocation to the following areas:
Boca Raton, FL Washington, DC Northern, VA (Alexandria, McLean, & Arlington) Southern Maryland (Annapolis, Baltimore & Silver Springs) Atlanta, GA (Northern) Raleigh/Durham, NC California (San Diego, Peninsula, San Jose, Santa Clara, & San Francisco) Austin, TX My management experience includes building/securing commercial web sites and maintaining the accreditation of a USAF secure network facility. I am currently responsible for 3 B2B web sites of a fortune 25 company (name withheld). I conduct quarterly information security audits at remote sites. Since November 2000, I have conducted detailed audits of a hosting provider, a secure operations center (SOC) and a corporate data center. I also work with underwriters to: o Assess risks of issuing hacking/cyber extortion insurance policies to potential clients o Evaluate information security firms as strategic partners and/or best practices I have included below a current resume. I am a success-oriented leader and team player, good at problem solving, better at problem avoidance, able to quickly determine value propositions (including my own). I am a "make a difference" person who gets a kick out of success and always returns more value than I am paid. I prefer to have a phone interview before meeting in person. Thanks for your time. I appreciate it. Gideon Rasmussen Gideon T. Rasmussen 4 Morningside Place Norwalk, CT 06854 [EMAIL PROTECTED] (203) 857-4442 OBJECTIVE Obtain a position where my experience in information security and operations will be utilized. SUMMARY OF QUALIFICATIONS Infrastructure Security Manager with 7 years of UNIX experience. Possesses a strong background in operations. Focused on security, monitoring, redundancy and continuity. PROFESSIONAL EXPERIENCE Fortune 25 Company, NYC (Withheld) November 2000 � Present Infrastructure Security Manager (Independent Consultant) Responsible for the security and operations of 3 B2B websites. Supervises system and application administrators on operational and security matters. Ensures redundancy throughout applications, hosts, networks, power, and HVAC systems. Conducts high availability and monitoring testing. Established standby program with 24/7 response team, escalation plan, recall roster, incident reporting and operations guide. Continuity is maintained through operations guides, configuration standards, build documentation, change logs, network diagrams and hardware/software inventories. Effective communication is ensured through weekly reports, task lists, and meetings. Established layered monitoring program. System monitoring includes hosts, networks, environmental, web sites, logs, commercial and custom applications. Security monitoring consists of intrusion detection, vulnerability assessment, anti-virus, web-site and authentication. Conducts periodic security audits of infrastructure, NOCs, SOCs, hosting providers, and corporate data centers using ISO 17799 (formerly BS 7799) as a standard. Evaluates security services and software. Accomplishes security configurations (hardening) of operating systems and applications. Responsibilities also include disaster recovery, traffic statistics, scheduling of activities during maintenance windows, hardware/software purchases, and support contracts. Reviews security audits and assesses risk of issuing hacking/cyber extortion insurance to potential clients. Liaises between security firms and underwriters. Software: Solaris, VCS, Netegrity Site Minder, I-Planet Web Server, I-Planet Application Server, I-Planet Directory Server, Jrun, Oracle, Sybase, Webtrends, BMC Patrol, CA Unicenter TNG, SSH, Axent ITA, Vigilante SecureScan, Tripwire, Freshwater Site Seer Global and Dot-Com Monitor. McGowan Consulting Group, Inc December 1999 � October 2000 UNIX System Administrator (Clients � Sikorsky Aircraft and American Skandia) Responsible for security on the Sun servers. Multi-site support. Centralized Syslog and used Swatch to send notification via email. Created change process. Logged changes. Installed and secured Netscape Enterprise Server. Installed Weblogic Server. Built secondary DNS server. Divided development environments into test and staging. Generated custom web site statistics in html tables. Gave presentations. Drafted purchase justifications. Vendor liaison. Strong influence on purchasing process. Hardware: SunE450 (10), Ultra2 (2), Ultra5, SPARC 2 - 10, Additional Software: Veritas/Sun Volume Manager 2.4 � 3.0, Big Brother, Apache Webserver, SE Toolkit, Crack, Sudo, Samba, NFS and Sendmail. Operating Systems: Solaris 2.5.1 - 2.7 (Supported Oracle) News America Marketing UNIX System Administrator June 1999 � December 1999 Company�s sole UNIX System Administrator. Administered 2 Enterprise and 7 mid range servers. Significantly increased server security. Created all local UNIX documentation. Created standardized program of Sun server configurations, documentation and scripts. Scripts include security and system monitoring with notification via email. Performed Y2K upgrades on all UNIX servers. Centralized Syslog. Supervised numerous consultants. Created standby/response program. Gave presentations. Drafted purchase justifications. Vendor liaison. Strong influence on purchasing process. Hardware: SunE5000, SunE5500, SunE450, Ultra60, Ultra10, Ultra2, Ultra1, Periphonics IVR servers, SPARC 5 � 20, Software: Sun Volume Manager 2.4 � 2.6, Roadrunner, NetBackup, Sendmail, NFS, Epage, Computron, Jetadmin, Network Queuing System, EZ Spooler. Operating Systems: Solaris 2.4 � 2.7 (Supported Oracle) United States Air Force July 1995 � June 1999 UNIX System Administrator August 1996 � June 1999 Installed and configured system software. Isolated faults, determined causes, and recovers from malfunctions due to hardware, software, and communications failures. Developed and maintained system/shop standard operating procedures. Conducted life cycle management. Had a focus on system usability, reliability and the user. Hardware: DEC Alpha 2100 Software: DEC OSF/1 4.0 and Solaris 2.5.1. Information Systems Security Officer (ISSO) August 1996 � June 1999 Performed security testing of U.S.A.F. systems for certification and accreditation. Maintained system accreditation. Provided operators feedback on basic/in-depth INFOSEC tools/concepts; contributed to contingency planning and zero-tolerance security posture. EDUCATION A.A. Information Systems Technology, Community College of the Air Force A.A. Business Administration, Norwalk Community - Technical College TRAINING Solaris TCP/IP Network Administration � Sun Microsystems Sun StorEdge Volume Manager Administration � Sun Microsystems Solaris System Administration II � Sun Microsystems Solaris System Administration I � Sun Microsystems UNIX Systems Administration Certificate - Advantec Institute UNIX Shell Programming Certificate - Advantec Institute UNIX Fundamentals Certificate - Advantec Institute Internetworking with TCP/IP Certificate - Advantec Institute Microsoft Exchange Certificate - Computer Learning Center INFOSEC for ISSOs and ISSMs - Department of Defense INFOSEC Training Facility (DoD ITF) Operational Information Systems Security � DoD ITF Department of Defense Certification & Accreditation Process - DoD ITF USAF Communications - Computer Systems Operator Certificate (Honor Graduate) Automated Message Handling System Administrators Course � Boeing Corporation USAF Trainer Certificate PROFESSIONAL ORGANIZATIONS The System Administrator�s Guild
