sobyx
United States
currently: Here to network
|
Answers from sobyx
What's your ideal role within an organization?
Information security has always been an area of technology which excites me. Early in college, I volunteered my time to help the school by becoming the unofficial security administrator for the campus, a position which soon occupied far more of my time than my classes.
Since then, I've held positions designing and implementing firewall/VPN security perimeters for large enterprises (up to 400,000 users), troubleshooting networks, conducting forensics investigations, and the occasional software project. Throughout the years and as needed by various roles, I've held a number of certifications including CISSP, NetScreen Certified Security Associate (NCSA), Cisco Certified Network Associate (CCNA), and Microsoft Certified Professional (MCP).
I am currently one of the leading penetration testers in the Air Force with a penchant for discovering and leveraging previously-unknown vulnerabilities in commercial and custom software, a hobby that I've had since college.
I've also worked hard to develop the broad technical and non-technical skill sets necessary to become an effective leader in the security field. With experience in software, policies and procedures, networking, and other technology areas common in large enterprises, I've become adept at working with teams of individuals from a variety of backgrounds to help enterprises grow by ensuring that new business and product ventures are supported by a robust and effective security program.
In a field where many use security to create barriers, I see it as a way to enable new possibilities. I think anything can be accomplished with enough thought and creativity and I focus 100% on making it happen.... 
Posted @ 06:29PM, February 07, 2008
by sobyx | Permalink
Answer this question | See all answers for this question
|
Work history
MITRE
June 2004 to the present
Lead Information Security Engineer
tags:
forensics "penetration testing"
How would you describe your time at MITRE?
*Led physical and electronic penetration testing of the MITRE corporate systems at the direction of the Senior Vice President, briefing directly to corporate officers.
*Led ???Red Team??? penetration testing of multiple military programs to demonstrate risks and create mitigate strategies for presentation to general officers and program staff.
*Identified several critical vulnerabilities in popular commercial software products which are widely deployed within commercial and US Government networks.
*Consulted to the Missile Defense Agency (MDA) to provide an assessment of the information security risks for the global Ballistic Missile Defense System (BMDS).
*Led design of two major prototype security products which addressed critical needs in emerging DoD technologies.
*Briefed the Air Force Scientific Advisory Board on the impact of information security in tactical weapons systems.
*Executed forensic investigations of high-profile security incidents, coordinating across multiple organizations.
*Created and deployed an automated vulnerability monitoring and notification system for the MITRE network, replacing a previously manual process.
*Designed and managed the outsourcing of a custom software system to automate a key business process, resulting in a fifty percent cost savings over in-house estimates....
Network Security Engineer
tags:
firewall ids vpn netscreen vo...
How would you describe your time at raytheon?
*Worked to develop and deploy the 400,000-user Navy and Marine Corps Intranet (NMCI). Team leader with the joint responsibility for the evaluation, architecture design, implementation, and maintenance of multiple internal and external security perimeters consisting of firewalls, IDS, VPNs, mail/web content scanners, load balancing, and other security technologies.
*Provided Tier 3 support to Network Operations Centers and for high profile customer problems.
*Led customer briefings and presentations as subject matter expert in a number of security areas.
*Performed comprehensive trade studies for multiple security products and technologies to address customer requirements.
*Created environment for load stress testing of new security products for use within NMCI under highly accelerated rollout schedule.
*Developed installation and configuration documentation for numerous security systems.
*Provided security designs and recommendations for multi-million dollar contract proposals.
*Developed custom Voice Over IP (VOIP) application which integrated Public Key Infrastructure (PKI) technology into an H.323-based application for use in high security military communications....
Education
Information Assurance
tags:
"risk management" "business c...
How would you describe your time at Northeastern University?
Master of Science, Information Assurance
Similar People
|
|
Security Engineer
f5 networks
|
|
Co-founder/Senior...
STA Group
|
|
System Engineer
ServerVault
|
|
|
|
|
|
|
