Charles E. Marchman
Objective Information Security Professional seeking to further my experience and skills in a challenging environment that is goal centered.
Summary of Qualifications
Certified Information Systems Security Professional (CISSP) received March 2001
Over twelve years relevant experience in computer and network security related areas
Familiar with ISO17799, HIPAA, Gramm-Leach-Bliley Act, and Sarbanes-Oxley standards
In-depth experience with Intrusion Detection Systems, security auditing toolsets, CheckPoint FW-1, Snort, Nmap, Nessus, Solaris, UNIX, Linux, Windows 3.1/95/98/ME/NT/2000/XP, MS Office Suite, MS Project, Visio, MS Outlook, Lotus Notes, VM-Ware, PCXware, Citrix Server, LDAP, SonicWall Firewall/VPN Solution, Symantec Firewall/VPN, ISS RealSecure, Cisco IDS (previously known as NetRanger), Cisco Secure Wireless solutions, virus detection tools such as MacAfee and Norton(Symantec), Legato NetWorker backup solution as well as other commercial and open-source products
Experienced in Incident Response and Disaster Recovery
Experienced in reviewing, writing, modifying, and implementing security policies and procedures
In-depth knowledge of Digital Forensics Investigative tools (EnCase and FTK), procedures, and regulations (IACIS Standards)
Skilled in Network Operations and Security Operations
Experienced in Security services Pre-sales
Experienced in database coding (MySQL), web development
Experienced Unix/Linux (RH) administration
Experienced Windows (NT/ME/2000/XP) administration
Experienced programming in PERL, Unix shell scripting
Supervised Real-Time Computer Network Defense Operations for 2 years
Conducted high-level briefings on Intrusion Detection Systems and vulnerability assessment toolsets
Experienced in Project Management and managing personnel
Ability to work in a diverse group and as a team member or a team leader
Ability to learn with advanced training
Top Secret and SCI clearance can be re-established
Experience Jan 2005 ? Present CI2 Atlanta, GA
Contractor, Solaris Implementation
Installing the Adara NPX network accelerator solution onto corporate enterprises to augment the speed of the web content download via the use of squid servers
Currently taking expressed course in routing principles to enhance the understanding of the Adara product and conduct educated troubleshooting techniques during deployment phase
Aug 2004 ? Dec 2004 Georgia Technology Authority (GTA) Atlanta, GA
Contractor, Information Security
Conducting vulnerability assessments following the NSA Information Assessment Methodology guidelines for agencies within the State of Georgia
Working with State agencies to develop security policies and procedures to govern the secure operations of State owned and operated networks
Utilized as subject matter expert for implementing a division of Digital Forensics Investigations for the GTA
Programmed tools to conduct the technical assessment reviews in a more efficient manner reducing the time to review the WebInspect and Nessus scans
Nov 2003 ? July 2004 Nova Information Systems Atlanta, GA
Contractor, NT Security
Developed documentation on Patch Management best practices and compared several Patch Management programs for Nova’s review.
Planning, executing, and interpreting results of scans conducted utilizing the Nessus vulnerability scanner to verify compliance with the newly published Visa Cardholder Information Security Program (CISP) standards.
Developed action plan to follow to build the system to use as the network scanner, load the Linux OS, the Nessus scanner software with all associated dependencies.
Configured Nessus server, configured MySQL/Apache server, programmed PERL scripts to retrieve data from MySQL database.
Conduct testing of the Nessus scanner, place results into MySQL database, display results on an internal network Apache web server.
Interpret results compared to the Visa CISP standards.
Make recommendations for hardening Windows servers.
Implement changes to the Windows network servers.
Re-scan servers for verification.
Develop user manuals and checklists for each application and process for network personnel to follow and monitor.
April 2003 ? Sep 2003 eCommSecurity/Satel Atlanta, GA
Contractor, Senior Security Engineer
Planning, designing, configuring, and installation of secured wireless networking solutions.
Accompanied Sales personnel to client site acting as Pre-sales technical advisor
Conducting various levels of penetration testing on the networks of numerous clients to discover presence of vulnerabilities and recommend actions to correct the vulnerability to secure the network environment.
Conducting Digital Forensic investigations for clients in a variety of instances to include searching hard drives for deleted emails, files, and/or any other information that the client needs.
Planning, designing, configuring, and installation of network backup technology to ensure clients have the disaster recovery requirement for the network implemented.
Responded to customers who have had incidents occur on their systems and helped bring the customer back up to operational capabilities in a timely manner.
Project Management on all projects involved in.
Oct 2002 ? April 2003 Foundation Technologies Atlanta, GA
Contractor, HIPAA Security Expert
Utilized as a subject matter expert for a project to readdress the process of getting data inputted into the Georgia Dept. of Human Resources (DHR) Mental Health mainframe database system. This is to ensure that all proposed solutions, hardware, software, or process, meets with the requirements within the HIPAA standards for secure transmission of personal information of patients.
Oct 2002 ? Oct 2002 Lend Lease Corporation Atlanta, GA
Contractor, Information Security
Researched and created the documentation on the policies and procedures for monitoring the various networks utilized by the company. This encompassed Novell NetWare, Windows NT, Windows 2000, and Unix platforms.
Created the policy and procedure for installation of servers onto the corporate Demilitarized Zone (DMZ).
Contract was for a two-week period and ended successfully with the satisfaction of the Global Corporate Security Manager of Lend Lease Corporation.
Mar 2000 ? Jun 2002 Predictive Systems, Inc Roswell, GA
Information Security Consultant
Conducted HIPAA security assessment for a large medical organization for compliance of standards set forth by HIPAA regulations. This entailed a review of all security related documentation of authorization and authentication of employees onto the network. Conducting vulnerability assessments of the various networks, i.e. Unix, Windows NT, and Novell Netware. Along with assessing the equipment, social engineering skills were employed in order to gain valid access to the network. Once all information had been gathered a gap analysis report was done to inform the client of the holes that existed and suggestions on how to implement changes to secure the network.
Conducted Security Vulnerability Assessments following the regulations put forth by the Gramm-Leach-Bliley Act of 1999 on several locations of a financial banking institution. This was an assessment on the security of the customer loan input web system. Various aspects of the servers were tested to ensure attempts such as buffer overflows were not allowed in the system. The production environment was also verified that access was not granted to outside sources.
Attended meetings with client as support role of Pre-sales for Sales staff
Performed consulting duties to set up a Security Operations Center, advising on procedures and processes to respond to customer calls and best practices for handling incidents.
Responded to customers who have had incidents occur on their systems and helped bring the customer back up to operational capabilities in a timely manner.
Performed technical training sessions for customers on incident response procedures using mock scenarios and designing checklists for them to follow.
Configured the Nessus vulnerability scanner to run from a command line so that it could conduct scans on a large customer equipment database via a cronjob from a Linux host on a weekly basis.
Configured and maintained active Intrusion Detection Systems using Snort on a Linux platform and updated the rules to handle any newly discovered attacks.
Jul 1999 ? Mar 2000 Base Network Security Shaw AFB, SC
Network Security Specialist
Served as administrator of the base firewall system incorporating 2 Sidewinder firewalls on Solaris 2.5.1 platform and a Web proxy server running on a Compaq Proliant.
Used the Internet Security Scanner (ISS) software to assess the network utilized by over 5000 users.
During wartime exercises kept the command section appraised of all activity occurring on the base network to ensure traffic that was coming in and leaving were secure.
Reviewed the logs of the Automated Security Incident Measurement (ASIM) intrusion detection system for unauthorized access into the base network. This system was run on the Solaris environment and was designed as an Air Force internal program.
Conducted Digital Forensic Investigations on systems used inappropriately by personnel. The investigations were on Windows NT and Unix systems. This was accomplished by painstakingly reviewing the data on the hard drives on the systems for hidden files such as JPEG’s that had been renamed in an attempt to mask their true form.
Constantly reviewed the Information Protection media for the newest vulnerabilities and network security issues to keep abreast of the latest information available.
Webmaster for the Intranet Server utilizing Microsoft FrontPage for software downloads and security patches for all base level users enabling downloads from the internal network freeing bandwidth utilization to off-base internet connections.
Jun 1997 ? Jul 1999 609th Information Warfare Sq Shaw AFB, SC
Crew Chief, Computer Network Defense Operations
Certified as an Information Warfare Technician utilizing the Cisco owned NetRanger Intrusion Detection System.
Monitored 18 remote locations on a real-time basis for network intrusion attempts and evaluated the traffic for any suspicious activity.
Managed a crew of four operators in monitoring the remote locations.
Modified the filters used in the program to enhance the capabilities of the detection system.
Setup the VPN used by the NetRanger system to communicate with the BorderGuard routers, NSR sensors, and the Command module.
Incident information was relayed to DISA to coordinate with other government agencies.
Conducted high-level briefings on the squadron’s capabilities.
Programmed enhancement utilities using PERL.
May 1994 ? Jun 1997 AFCERT Kelly AFB, TX
Network/Computer Security Analyst
Reviewed the ASIM logs for 8 remote locations on a daily basis.
Conducted vulnerability assessments on remote sites utilizing the On-Line Survey (OLS) Toolset designed by AFCERT personnel.
Evaluated reported intrusions and vulnerabilities for Incident Response. This was done by gathering data from the individual reporting the incident and researching the alleged attack for validity and instructing the base level security personnel on the steps required to correct the problem. During some severe incidents, personnel were sent along with Air Force OSI to conduct interrogations of suspected attackers.
Conducted high-level briefings on the ASIM and OLS capabilities.
Trained other DoD entities to establish sister Computer Emergency Response Teams. This was with the Navy and Army.
Supervised a 5-person flight to handle Incident Response, On-Line Surveys and Intrusion Detection.
Programmed numerous toolsets using UNIX shell scripting.
Jan 1994 ? May 1994 USAF Training Keesler AFB, MS
Computer Programming Student
Studied computer programming with concentration on programming in ADA and converting COBOL, Fortran, and Pascal into ADA format.
Apr 1991 ? Jan 1994 Maintenance Operations Center Shaw AFB, SC
Project Manager
Administrator of the Local Area Network (LAN) for the Maintenance Operations Center (MOC). This was a network of eight computers linked to share data on the maintenance activity of the fighter aircraft on the base and all were linked to the Core Automated Maintenance System (CAMS) database mainframe.
Maintained links to vital information for the commanding officers during wartime exercises for C2 (Command and Control) functions.
Responsible for all acquisitions of equipment, computer, radio, and telecommunications. The flight line utilized approximately 1300 hand-held and truck mounted radios to coordinate the activities that are associated with launching, recovering, and maintaining modern fighter aircraft.
Planned, coordinated, and designed the move of the entire office from one location to another building on the base. Managing this project was one of tracking the progress of numerous vendors as they worked in conjunction with and separately from the others. The planning had this project slated for three months; however the new facility was completed and manned within a six-week time frame. I received a Medal of Commendation for my work on this project.
Developed the standard by which all high-level slide show presentations were to follow using Harvard Graphics and Corel Draw.
Education
Twenty years military training
Non-Commissioned Officer Training School (Management training)
Non-Commissioned Officer Academy (Management training)
McDonalds Management Training
Computer Programming School
Information Warfare Training
Completed Coursework for Certified Computer Examiner (CCE)
Symantec Firewall and VPN Technologies
Introduction to CheckPoint 4.0
CheckPoint 4.0 and Nokia
Hands-On Internetworking Bridges, Routers, & Switches
Understanding Network Fundamentals
Essentials of WANS/Telecommunications
Internetworking with TCP/IP
Introduction to Unix Level 1 & 2
Unix Programming Shell scripting
Introduction to PERL Programming
Advanced PERL Programming with CGI
Windows NT 4.0 Workstation & Server
Web Security
Introduction to JavaScript
Building a Web Site
用了很多专业词汇, 希望对大家有所帮助
--------------------next---------------------