• Contact
• Resume

As the technical Engineer and Security liason for the Filmed Entertainment group, advised, planned and managed information security standards and practices for both television and motion picture productions and internal development teams.

• Performed penetration tests and vulnerability assessments on potential and existing business partners using multiple tools including WebInspect, Nessus, and Nmap. Produced reports of findings and worked with clients to bring their applications in line with Fox Information Security Standards.
• Provided on-site security audits for film productions in remote global locations and helped coordinate secure content transfers to and from those locations.
• Oversaw implementation of RSA Adaptive Authentication for Fox B2B portal.
• Partnered with development teams to integrate security best-practices early in the SDLC focusing on prevention of common security issues like cross-site scripting and SQL Injection vulnerabilities.
• Implemented and managed CodeSecure, a source code analysis application, which allowed development teams to validate code prior to go-live thereby greatly reducing common security vulnerabilities in deployed code.
• Installed and maintained multiple Linux servers for use by the Information Security team to house testing applications and internally-facing client websites for hosting test results, Information Security request forms, and documentation.

As part of the Engineering group, focused on two main functions; interfacing with business clients, and development of Engineering processes. Used my expertise with scripting, security, and Linux to build solutions with a focus on security, configuration, and capacity management. Responsible for Identity Management and Directory Services as part of the Messaging team. In all groups provided security, Linux, and general Unix support for both AIX and Solaris.

• Engineered the migration of Unix authentication to Active Directory using Centrify Direct Control. The project required server and account standardization across hundreds of unique Unix installations and resulted in centralized account management by the Account Administration group.
• Planned and implemented an LDAP-based Sudo solution to move away from direct root access by Unix administrators. Later planned the migration from the Solaris-based LDAP solution to an Active Directory-based solution for centralized management and retirement of end-of-life hardware.
• Designed several cross-platform, fault tolerant, load balanced, and multi-tiered architectures for projects, based on technical and financial requirements.
• Responsible for security baseline scanning of Unix systems for SOX and InfoSec compliance using the Symantec Control Compliance Suite.
• As a member of the Extended Information Security team, identified major InfoSec threats and formulated policies and procedures to mitigate those threats.
• Acted as an Open Source Software advocate and provided open, cost-effective alternatives to proprietary solutions in order to meet MIS and client goals.
• Created, maintained, and primary contributor to a wiki-based document repository for process and procedure storage and retrieval. This allowed administrators from across the organization access to the latest procedure documentation and created a collaborative environment that allowed everyone to provide updates.
• Created the Linux corporate baseline configuration to be deployed using Tivoli Provisioning Manager machines both physical and virtual.
• Wrote technical documents for audiences as diverse as senior management and entry level administrators covering topics such as encryption technology and standards; Linux installation and management; and architectural reviews and diagrams.

• Installed and configured Tivoli Identity Manager, as part of the Tivoli suite of security products, to manage Active Directory, AIX, NDS, Solaris, and Enterprise Directory Services.
• Worked closely with client define workflow processes and to identify product deficiencies. Also interfaced with the vendor to remediate problems and implement solutions to client issues.
• Managed the corporate LDAP directory used for Enterprise Directory services including WebSphere authentication and supporting authentication of other custom applications.

Worked on several special projects including:

• Used my security background to serve as a liaison between the InfoSec and Unix teams on issues related to system security and SOX compliance and remediation.
• Planned and deployed a migration from Tivoli Access Manager to an LDAP-based Sudo solution for Unix root access.
• Engineered a solution to provide first-level spam filtering and to interface with our Exchange infrastructure using Postfix, DNSRBLs, and custom scripts.
• Wrote special purpose scripts in preparation for the Unix server remediation required for the Centrify Direct Control deployment. Also wrote scripts to analyze SMTP logs and perform repetitive tasks for the email team.

• Responsible for the deployment of Rational ClearCase and Rational MultiSite.
• Supported the enterprise Business Objects implementation.
• Wrote scripts to collect and display, on a web site, current and historical performance of servers. Also wrote scripts to automate administration and monitoring.

Responsible for Unix systems in an FDA regulated environment. Installed and maintained centralized monitoring for Unix systems. Provided expertise in system integration and migration away from Novel. Provided solutions for internet access security and reviewed firewall configurations. Helped troubleshoot SMTP issues for Messaging team.

• Planned and implemented migration from BorderManager to Squid proxy-cache.
• Reviewed Novell BorderManager rule sets for completeness and security.
• Planned and executed migration from a Novell DNS to Solaris DNS system.
• Provided subject matter expertise for mail routing issues.
• Installed and maintained monitoring software including Big Brother and MRTG.
• Created web site to maintain all documentation for my projects.
• Wrote Perl scripts to graph system performance data for access on web site.

Principally involved in setting up the new company and integrating multiple technologies including Unix, Windows, internet, and information security. Developed company email and web services along with coding browser independent JavaScript web site.

• Assisted with penetration testing for both internal and external clients.
• Migrated Solaris-based pop accounts to Exchange-based mail services and migrated from Sendmail to Qmail for internet mail relay service.
• Managed internal and external DNS including a split DNS configuration.
• Wrote browser independent JavaScript interfaces for internal and external web sites.
• Wrote documentation for use by other system administrators and presentations to executive staff.

As a consultant at Fox, prepared systems for Y2K cutover. Migrated internal DNS to Solaris platform. Created intranet site to collect, display, and troubleshoot performance problems and provide trending. Designed new backup architecture. For other clients, provided extensive email and DNS integration support.

For 20th Century Fox:

• Planned and implemented a migration of internal DNS to a Solaris platform.
• Wrote scripts to collect and graph performance data of machines which was used for troubleshooting performance related problems.
• Set up a web server as a repository for all performance data including previously unavailable historical data. Additionally, it served as a repository for documentation I wrote during the engagement.
• Worked with system administrators to design the enterprise backup architecture.

For other clients:

• Installed and configured a Sendmail server in a DMZ to operate as a secure relay.
• Planned and documented migration of outsourced POP mailboxes to an internally hosted Exchange server, with minimum user impact.
• Installed and configured a split DNS system.

Responsible for security including internal audit and remediation. Planned and deployed a multi-site, multi-domain Windows NT and Exchange architecture. Supported all email platforms including Unix and Exchange systems. Planned, deployed, and provided training for a corporate-wide migration from Mac to Windows as a desktop platform.

• Responsible for internal security audit and implementing recommendations.
• Maintained all network services for the corporation and served as corporate postmaster.
• Planned, installed and maintained a multi-site Microsoft Exchange implementation.
• Maintained a nationwide multi-domain Windows NT network.
• Helped plan and implement a corporate-wide migration from a Macintosh-based to Windows-based desktop computing platform.