Greetings,
I'm looking for an employer in the San Francisco bay area or an employer
willing to allow me to work remotely. I will consider a variety of
positions but would prefer a position in research and/or development.
A resume follows below.
Regards,
-Jeff
Jeffrey L. Nathan [EMAIL PROTECTED]
Objective
---------
To research and develop new security technologies, improve
existing security technologies and bring an objective open mind
to a challenging and technical work environment developing
practical and tenable solutions.
Experience
----------
9/2001 - 5/2002
McKesson Corporation
San Francisco, CA
Enterprise Security Architect
* Developed and lead the deployment of a distributed enterprise
Network Intrusion Detection architecture (including a low-
cost, re-usable appliance platform).
* Designed centralized, enterprise logging architecture to
aggregate system logs, facilitate minimal real time event
detection and correlate events in post processing.
* Forensic analysis of possibly compromised production systems.
* Acted as a top-level internal security architect researching
and developing new security technologies.
10/2000 - 9/2001
@stake, Inc.
San Francisco, CA
Senior Security Architect
* Performed penetration tests, vulnerability assessments,
network assessments and application assessments.
* Designed Network and Host-based Intrusion Detection, secure
logging and firewall/VPN architectures.
* Researched new network-based vulnerabilities and attacks
against layer 2 network protocols.
* Firewall performance research.
* Forensic research and analysis of security vulnerabilities,
exploit tools and compromised systems.
* Authored custom internal tools to facilitate research and
penetration testing
1/2000 - 9/2000
Hiverworld, Inc.
Berkeley, CA
Senior Research Engineer
* Authored hardware and operating system specification for
security appliances and implemented beta version of appliance
platform.
* Aided in the design of a target based Network Intrusion
Detection System.
* Forensic research and analysis of security vulnerabilities
and exploit tools. Researched and authored attack signatures
and vulnerability signatures to Hiverworld's intrusion
detection system and vulnerability scanner.
* Performed penetration tests of customer networks and systems.
* Ported numerous security exploits and tools from one Unix
platform to another.
5/1998 - 12/1999
TEKsystems
Phoenix, AZ and Chicago, IL
System Administrator (contractor)
Motorola, Inc.
* Wrote custom installation tools and reporting tools to patch
over 1500 Unix systems for Y2K.
* Authored automated tools to ensure consistency across all
Unix platforms with regards to vendor patches, security
policies (host-auditing) and general system health
monitoring.
Encyclopedia Britannica, Online Network Operations
* Aided in planning and implementation of BPG. Modified
overall network design to improve integrity and security.
Replaced legacy Novell network services with Solaris and
Windows NT utilizing NIS and NT print services.
* Recommended system and network security policies.
8/1997 - 12/1999
Arizona State University, Systems & Network Management
Tempe, AZ
Computer Programming Specialist
* Partially developed a web-based DHCP management system.
* Developed and coordinated the implementation of web-based
problem management and change control systems.
8/1996 - 8/1997
Open Port Technology, Inc.
Chicago, IL
System Administrator
* Performed all aspects of system, network and security
administration and engineering.
* Implemented tools to monitor and verify system and network
integrity and consistency.
7/1995 - 8/1996
Open Port Technology, Inc.
Chicago, IL
Quality Assurance Analyst
* Tested Unix, Windows and Macintosh client/server software.
* Designed test plans to ensure functionality of products and
summarize their performance.
Technical Skills and Expertise
------------------------------
* Research: Forensic analysis of security vulnerabilities,
exploit tools, network traffic and compromised systems post-
mortem. Exploration of new insertion and evasion attacks and
defenses for NIDS systems. Analysis of security and
networking products to discover vulnerabilities in
network/application protocol implementations, IP stacks
and state implementations.
* Networking: Intricate knowledge of TCP/IP and link layer
protocols. Cursory knowledge of routing protocols.
Expertise in intrusion detection systems (NIDS), firewalls
and vulnerability scanners.
* Programming: C, Perl, Unix shells, SQL, debugging and
revision control.
* Sockets, general Unix system programming, network
protocol normalization and decoding
* Network Intrusion Detection development (discrete
protocol anomaly detection, stream reassembly, IP
defragmentation, data mining and data management)
* Penetration Testing: Knowledge of local and remote
penetrations across Unix and Windows systems.
* Operating Systems: Solaris, SunOS, AIX, HP-UX, OSF/1, SCO,
*BSD, Linux, Windows, and MacOS.
* Hardware: Extensive knowledge of computer hardware platforms
and network hardware platforms.
Open Source Software Development
--------------------------------
* snort network intrusion detection system
(http://www.snort.org): Core development team member.
* nemesis packet generation tool suite
(http://jeff.wwti.com/nemesis): Lead developer.
* cryptcat network utility
(http://farm9.com/content/Free_Tools/Cryptcat): Contributing
developer.
Public Speaking
---------------
* Co-presenter "Large Scale IDS - Network Intrusion Detection
deployment, data mining and management on a large scale"
CanSecWest Vancouver, BC May 2002.
* Co-presenter "Layer 2 @ your service" BlackHat briefings Las
Vegas, NV July 2001.
Professional Affiliations
-------------------------
* Member of the Honeynet Project (http://project.honeynet.org),
a project dedicated to studying the behavior and techniques
of the blackhat hacker community.
* Member of Usenix: The Advanced Computing Systems Association.
Education
---------
8/1997 - 12/1999
Arizona State University
Computer Systems Engineering
7/1994 - 12/1995
DePaul University
Computer Science
References
----------
Available upon request.
--
http://jeff.wwti.com (pgp key available)
"Common sense is the collection of prejudices acquired by age eighteen."
- Albert Einstein
