Hello, all.
So, I first posted my resume to this board almost exactly a year ago. Since then,
the project I moved to has had some financial/contractual trouble, so I'm having to
look again. Hence this posting.
A bit about me: I work in security not because it's a "hot" field, but because
it's fun. I love learning new things, and being challenged to learn constantly (which
would explain the 3 Bachelors degrees I have). The security world forces this on me,
which I love.
I also enjoy playing with technology, and have a fair stable of gear of my own to
play with. I have been running my own domain out of my house for the last 2 1/2 years
(on a linux running on Mac hardware, for the extra difficulty factor), and have 2
Cisco routers and a 2924 switch in my house, just for fun. (I'm still working on
running cat-5e through the house...one more project for later...)
While I'm not a huge fan of "crash-and-burn" type ops situations, I can handle
them well, since I used to work at NPR running the sound console for All Things
Considered. (Having any mistake of yours instantly heard by hundreds of thousands of
listeners is pressure that has yet to be matched by anything in security.)
Personally, I would like to think that a good security person should be able to avoid
many of the "crash-and-burn" scenarios I've seen (planning and prevention are
wonderful things), but I know that some are unavoidable, and I can deal with them as
needed.
Anyway, I'm looking for a job that would be in security (seems obvious, I know,
but it's good to be clear), in the Washington DC metro area. I'm presently mostly
technical, but I've been moving more into process/procedural security recently, and
would be happy to perform either role.
Feel free to contact me if you have any questions, or if you want a version of my
resume other than text.
Thanks.
Aaron Gee-Clough
------------------------------------------
Aaron Gee-Clough
102 Parkside Rd
Silver Spring, MD, 20910
(301)589-7894
[EMAIL PROTECTED]
Professional Experience:
Network Security Engineer, Iowa Foundation for Medical Care.
October 2001 - present
Advised and implemented Network security for DoD Health Care project (DoD W-TIC).
� Wrote policy and procedure covering all aspects of Network Security, including
Incident Response and Perimeter Security.
� Audited public web site for security and privacy issues, considered in light
of current and upcoming HIPAA guidelines.
� Managed firewall configurations for desktop and public-facing networks (using
both Raptor and PIX firewalls).
� Advised IFMC on several security issues: IDS design, Web server configuration,
and network design. Also performed penetration testing for IFMC.
� Evaluated risk to project network due to various vulnerabilities. Designed and
implemented security patch/response tracking system.
� Designed and implemented network auditing and configuration tracking. Tools
used: Rancid, MRTG, HFNetChk, syslog.
� Led design and implementation of new network, including migration to dynamic
routing protocol (EIGRP).
Supervisor: NT/Network/Unix security, Digex Inc.
September 1999 - October 2001
Addressed a wide range of information security topics, including intrusion detection,
network design, patch implementation, and establishing security policies for customer
and infrastructure networks.
� Supervised four Security Analysts (Unix and NT)
� Evaluated proposed customer configurations for possible security threats to
Digex network
� Designed and implemented network and host-based IDS systems. Determined
intrusion response policies.
� Evaluated security risks for published vulnerabilities. Coordinated and
executed security incident response.
� Implemented patches and work-arounds across a 3000-server farm.
� Worked with Sales organization to answer security-related queries from
potential clients.
� Promoted to NT/Network/Unix Security Supervisor February, 2001. Promoted to NT
Security Supervisor July, 2000
Consultant, Mindbank Consulting
May 1999 - September 1999
� Consulted to Digex Security group as Windows NT security specialist, July
1999; assisted with Windows NT security issues, tested new security products
� Consulted to Digex Server Operations Center as monitoring analyst. Monitored
internet servers and performed first-tier troubleshooting.
Broadcast Technician, National Public Radio
June 1994 - August 1995, Summers 1993, 1996, 1998
� Responsible for Audio quality and broadcast of nationally heard news programs
such as Morning Edition and All Things Considered.
Technical Experience:
Administration:
UNIX: Solaris (6, 7, 8), Linux (RedHat, Gentoo)
Windows: NT 4.0, 2000
Programming: Perl, C, Fortran
Certifications:
Checkpoint Certified Security Engineer
Cisco Certified Network Associate
Other: Running web/SMTP/DNS server on home DSL line, serving four independent domains.
Education:
Graduate Fellow - Physics Department University of Maryland, College Park. Received
full scholarship.
B.S. Physics - University College London.
B.M. Recording Arts and Sciences, B.M. Saxophone Performance - Peabody Conservatory of
the Johns Hopkins University
Personal Information:
Finalist, Daily Telegraph national science writing competition, Britain.
Founding member, Physics society of UCL. Organized lecture series on research topics
of UCL professors.
Participated in NSF-sponsored research program at Bucknell University, 1997. Presented
poster on results to the American Physical Society meeting, July 1998.
