1701-006
1701-012
1701-002
Hired
1701-005
1701-004
1701-008
1701-001
Hired
1701-011
Hired
1701-009
1701-010
1701-007
1701-003
Greetings!
We are pleased to introduce our Winter cohort of talented cybersecurity candidates. 12
technical professionals were chosen from nearly 700 applicants and are currently enrolled in our
training program in Crystal City, Arlington, Virginia. We have also included other strong
candidates that were not able to join us in Arlington for our training operation. Many of these
candidates have active security clearances.
HackEd was created to solve two problems helping employers find top cybersecurity talent, and
helping technical professionals advance in the cybersecurity industry. We are also focused on
bringing more women, minorities, and veterans into the industry.
Our program is a 7 week, hands-on-keyboard cybersecurity training, certification, and job
placement program. It is held four times per year, and it is FREE for participants. There is no
tuition. Our curriculum is gamified and our ‘operatives’ work on teams in a real-world training
situations. We encourage our students to pursue I.T. certifications, such as the Security+, CEH,
GPEN, and the OSCP.
We invite you to recruit from our program as we support you with the sourcing, vetting, training,
and certifications, allowing you to focus on the interviewing and hiring. Our aim is to provide our
hiring partners with job-ready candidates who are trained and ready to defend and secure a
company network from day one. It is FREE to recruit from HackEd. There is only a fee if you
hire from the program.
To set up interviews with a candidate, or to learn more, simply email us at
[email protected]. You can also learn more about the operatives at
http://operatives.hackeducate.com
Thank you for your support!
Jon Ferris, CEO
Peter Kim, Director of Technology
Tyrone Wilson, Director of Learning and Security
Jason Chen, Director of Strategy
Julie Mosallem, Manager, Partnerships and Community
Operative #1701-005
[email protected]
Curious and self-motivated student interested in challenging information security research or a penetration
testing position.
EDUCATION
PhD, Mathematics
2016
Certificate of Advanced Study in Mathematics,
2010
B.A. (ranked 31/241)
2009
OSCP (expected)
Spring 2017
SKILLS
Programming(Fluent):bash, Python,C/C++,Java, x86andAVRasm,Javascript,XSLT
Programming(Familiar):Verilog,Haskell,PHP, Perl
Web(Fluent):HTML/CSS,jQuery, AngularJS,NodeJS, nginx,MongoDB,Flask, Amazon EC2
Linux(Fluent):Shellscripting, system administration,ArchLinux,Debian, emacs,iptables
Hardware(Familiar):ModelSim,XilinxISE,FPGA Development
EXPERIENCE
Software Engineering Intern
Summer 2015
Search Infrastructure
•Worked on a team with 5 engineers on Java/C++codebase to improve the infrastructure underlying
search engine in response to business and technical requirements.
Software Engineering Intern
Summer 2014
Technical Infrastructure
•Worked on a team of 3 engineers on C++ code to enable fast communication between software running on
company’s infrastructure, particularly between pieces of code written in different programming languages.
ResearchAssistant
Active machine-learning platform
Fall 2015–Fall 2016
ResearchAssistant
Discovering CS: Open-source textbook
Springs 2014,2015
ResearchAssistant
Verilog AVR implement
Summer, Fall 2013
PROJECTS
Machine learning platform
Co-lead on a major redesign and refactoring of NEXT—a platform for performing live machine learning experiments
at scale—which enabled its continued and expanded use in active research in the lab.
Skills: Machine Learning, Python, Mongo DB, Sysadmin, AWS
Interactive OSSCS textbook
Authored the text and backend for an online, interactive, open-source textbook which was used to teach the
Fall2015Intro to Computer Engineering course at a university.
Skills: Angular JS, XSLT, Javascript, AVRasm, Python
AVR processor implementation
Research assistant working on the design, synthesis, and testing of an exploratory 8-bit AVR implementation for
FPGA, intended for possible use in the CS curriculum. This included a custom XML hardware descriptor language
that translated to Verilog, bash/C++-based unit testing infrastructure, and an eventual deployment of the design
on a Papilio One FPGA board.
Skills: Verilog, Javascript, bash, XSLT,Python,C++
Mathematics input software
Created a free WYSIWYG mathematics input software intended for integration with other mathematics education
programs. It is currently deployed in Oppia, and planned for use with Ohio State’s Ximera.
Skills: Javascript,XSLT
IPC routing library
This is a project to bring the flexibility of bash pipelines to all programs. It is an RPC library that uses a central server
that can flexibly be told how to route all RPCs between enabled programs on a given machine. This means that
every program has its interface precisely specified, enabling automated fuzzing, testing, and dependency injection.
It also means that all I/O between programs can be logged, filtered, or modified enroute as needed.
Skills: Javascript,C,Python,Compilers, ZeroMQ
Hobby OS project
Created a bootloader and basic kernel for 32-bit x86, written from scratch.
Skills: C, x86assembly, gdb
Various war games/CTFs: x86 and web exploitation challenges
Participant in numerous online and in-person war games. Notable among these was a tech training at Hack in the
Box 2012 in Amsterdam modern Linux exploit techniques including ROP andret2plt.
Skills:bash, x86assembly, gdb, C, Python,crypto, Metasploit
Operative #1709-009
[email protected]
SUMMARY
•
•
•
•
•
•
•
•
Specializations: Tools, Automation, Security, Web/Cloud, Linux
4.5+ years of professional experience, 1+ years of startup/independent experience
1+ years of experience working in Scrum, Partial Remote and Technical Leadership
8 public projects shipped (2 enterprise, 6 games), 7 major internal tools shipped
B.Sc. in Game and Simulation Programming
Currently working towards M.Sc. Computer Science, Expected Graduation 2019
Currently working towards LFCS (Linux Foundation Certified SysAdmin)
OSCP Certification (Offensive Security Certified Professional)
SKILLS
•
•
•
•
•
•
•
•
Languages: C#, F#, JavaScript, Python, Elixir (Erlang/BEAM), C, R, Shell Scripting (Bash, Batch)
Tools: Visual Studio, VS Code, VSTS/VSO, Git, GCC
Frameworks: .NET 4.6, .NET Core, Selenium/WebDriver, ASP.NET
Platforms: Linux (Ubuntu, Kali), Windows, Windows Azure, Embedded (Arduino, Raspberry Pi)
Methodologies: Functional Programing, Penetration Testing, Data Science, Scrum/Agile
Automation: Selenium/WebDriver, Azure Batch, Docker, Ansible
Blue Team: Security Onion, pfSense, Wireshark
Red Team: Kali, Metasploit, nmap, Wireshark, ExploitDB, OWASP Testing, edb/Ollydb
RECENT PROFESSIONAL EXPERIENCE
Software Engineer II — Tools, Automation, Security
•
•
•
•
•
•
•
•
Created and maintained 5+ ongoing automation projects using C#, .NET and Selenium.
Developed and maintained tools using C#, F#, JavaScript, Python, .NET Core and Azure.
Performed data analysis and generated reports using Python, R, Google Analytics and raw data.
On boarded the SIG with virtualized Linux and Docker based software development.
Contributed to an experimental Bluetooth Gateway project, wrote whitepaper on device virtualization.
Mentored and trained junior programmers, defined coding style guides and technology stacks.
Lead application Security effort at Bluetooth, defined security test plans and on boarded test teams.
Performed Security testing for multiple projects, filed and verified Security related bugs.
Cloud Network Engineer — SDE/SDET Hybrid
•
•
•
•
•
Apr 2015 – Jan 2017
Dec 2013 – Jan 2017
Created load testing suite to perform client emulation load testing for three titles.
Created and maintained Azure logging and health testing tools for all Cat Daddy titles.
Created and maintained browser based CRM tools for the Cat Daddy support team.
Maintained and added functionality and gameplay features to Azure based game servers.
Performed data analysis on various sources, including test results and customer data using R.
Test Associate II — SDE/SDET Hybrid
Apr 2012 – Apr 2013
• Developed test automation and testing tools using C#, WPF, and the XDK.
• Designed and implemented UI, data transfer services, reporting tools and unit tests.
• Performed multiplayer tests on Halo 4, Forza Horizon and Gears Judgment.
Operative #1701-003
[email protected]
Passionate Computer Science professional with 10+ years of experience in programming.
Competencies in: Python/C/C++, Linux, cybersecurity, machine learning, and data analysis. Looking to
obtain a rewarding position in cybersecurity.
EDUCATION - PROFESSIONAL EXPERTISE
Education:
B.S. Computer Science
Certifications:
OSCP (in progress)
CRLA International Tutoring Certificate, Level 1&2
Programming Skills:
C/C++, Python, SQL, Java, C# & .NET, VBA, PHP, HTML & CSS,
Javascript& jQuery, XML
Expertise:
Linux System Administration, Web Development, Cryptography, Cyber
Security, Reverse Engineering, Software Design Patterns, Agile
Methodologies, Neural Networks & Deep Learning, Data Analysis
Languages:
Russian (fluent), Uzbek (fluent)
RELATED EXPERIENCE
Industry Competitions
• Inter-Collegiate PenTesting Competition (CPTC) by RIT
• CTF hacking competition by RC3@RIT
• AlexCTF catch the flag competition
•
•
RESEARCH - PROJECTS
Facial Recognition using Deep Convolutional Neural Networks on LFW and LookalikePeople
datasets with 95.56% accuracy rate.
Bank Password Policies security research exposing weak policies on 5 banks with case
insensitive passwords.
PROFESSIONAL EXPERIENCE
Senior System Administrator
June 2014 - Present
Responsible for technology, computer lab administration, security, and availability of software for
students.
• Proposed and developed a new academic management system to optimize administrative tasks
within the department and use data analysis methods for statistical reports. Built in
Python+Django.
• Developed individually customized student email outreach software in VBA and MS SQL
• Tutored Computer Science and Math courses.
Operative #1701-003 |[email protected]
Lead Software Developer
•
•
•
•
May 2012 – January 2013
Lead Developer for iOS Mobile Banking App Project.
Managed the “MDnevnik” project - new school assignment management system for the
country. Developed in PHP+CodeIgniter.
Developed daemon based GSM - SMS outreach program for the School System in Python.
Mentored new employees and interns.
Operative #1701-008
[email protected]
Cybersecurity professional passionate about information security, programming, networking & operating systems.
Highly familiar with wide range of information security tools and concepts. Possesses a bachelor’s degree in
engineering and master’s degree in information systems security.
EDUCATION – PROFESSIONAL EXPERTISE
Education:
Masters, Information Systems Security
Dec 2016
B.Tech. Electronics and Communication Engineering
Jun 2012
Skills & Certifications:
Certifications: CEH
Technical Skills: Linux administration, Penetration Testing (both web and thick client), Remote Desktop
Services, Web / Database Platforms (Apache, MS-SQL, MySQL), Vulnerability scanners (OpenVAS &Nessus),
IDS/IPS (Snort, Suricata), Scripting (Python, PHP, PowerShell and shell/bash), Open Systems Interconnection
(OSI) model and TCP/IP protocol architecture.
Policies: Familiar with ISO/IEC, COBIT & PCI-DSS security frameworks.
PROFESSIONAL EXPERIENCE
Teaching Assistant
May 2015 – Jan 2017
Teaching Assistant to High Performance Computing Specialist
Assist, coordinate and monitor students during hands-on sessions in training classes such as Linux,
Python, C, Matlab, R, FORTRAN & Cluster computing
• Help administer / maintain High Performance Computing clusters and supervise user accounts.
• Developed and help administer / maintain an online interactive web education platform to host courses
conducted at the department.
Software Quality Assurance
June 2014 – Dec 2014
• Worked on Multiple applications in wide range of Platforms (Android, Windows, iOS).
• Performed black-box and ad-hoc testing in order to find crashes, de-syncs and other high severity issues
within the application code.
• Developed and implemented multiple test cases and test suites using EA's test case management systems
for multiple applications.
• Coordinated with domain experts (development and production teams) and provide constructive
feedback to address challenges that come up during the project.
• Gained extensive hands-on experience with test and defect management tools (e.g. DevTest, JIRA,
BugZilla).
Analyst-Content Engineering
Jan 2013 - Nov 2013
• Completed multiple projects onsite for Google, Hyderabad.
•
•
•
Primary focus was to manage, update and authenticate the content on a Google application using
backend tools and to have an accurate data on front end.
•
Worked on projects related to Google Maps.
Operative #1701-001
[email protected]
Well-rounded IT professional with over eight years of experience in network administration, systems
security, and mobile device management in complex multi-functional environments. Implemented
vulnerability management, information assurance, and system hardening programs alongside heavy
system administration and support workloads. Currently seeking a challenging cyber security role.
SKILLS & CERTIFICATION & EDUCATION
Awards:
Cisco Global Scholarship CyberOps Finalist (Begins June 2017)
Certifications:
Linux Foundation Certified System Administrator (Expected June 2017)
Offensive Certified Security Professional (Expected March 2017)
GIAC Penetration Tester (GPEN)
GIAC Enterprise Defender (GCED)
Casper JAMF Certified Technician
Dell KACE Boot Kamp K1000 & K2000 Certification
ITIL Foundation v3
Cybersecurity Tools:
apktool, BeEF, Burp Proxy, Capstone, Cuckoo, gdb-peda, ipv6-toolkit,
john, Lynis, Maltego, mimikatz, Nessus, Nikto, nmap, Ophcrack, p0f3,
pdf-parser, PowerSploit, radare2, Reaver, recon-ng, Responder, SET,
sslstrip, snort, sqlmap, THC-Hydra, theHarvester, Volatility, yara, ZAP
System Administration:
Dell KACE K1000, K2000, ManageEngine ADManager, Cisco
FireAMP, Meraki MDM, Sourcefire, Sysinterals Suite, Apple
Configurator, JAMF, MobileIron MDM, Symantec Endpoint Protection,
Microsoft Application Compatibility Toolkit, Deployment Toolkit,
Desktop Optimization Pack, Enhanced Mitigation Experience Toolkit,
Windows Automated Installation Kit, Windows SDK, SCCM 2007,
Apple Deployment Studio, Acronis SnapDeploy, Symantec Altiris
Operating Systems:
Windows (7; 8; 10; 2008; 2012; 2016), Linux (Arch; Debian; Kali; Red
Hat; SecurityOnion; SIFT; QubesOS; NixOS), OS X, ESXi, FreeBSD
Productivity:
Access, Excel, PowerPoint, Word, Project, Visio, LaTeX
Other:
Virtualization (KVM; VMWare; VirtualBox; Xen), Atlassian Confluence
Wiki, JIRA, Duo Two Factor Authentication Administration
Policies:
CIS Security Controls, IOS, and Windows Benchmarks, NIST SCAP
Programming:
VBScript, Windows Batch, PowerShell, Bash, Python, Java, SQL
Foreign Languages:
Modern Standard Arabic, Egyptian Colloquial Arabic
Education:
B.A. Arabic Language Literature and Linguistics
Operative #1701-001 – [email protected]
2 of 2
PROFESSIONAL EXPERIENCE
User Support Specialist
Apr 2011 – Jan 2017
Triaged all end-user issues for 500 faculty, staff, and students as an integral member of a small IT
support engineering staff overseeing green-field projects, system assessment, and policy enforcement.
• Supervised team of two contract technicians and student employees in daily operations.
• Managed Duo two-factor authentication security system roll-out for the campus, successfully
targeting core finance and administrative personnel and securing all high-risk staff.
• Deployed next generation FireAMP anti-virus client and automated consistent configuration of
Symantec antivirus software with improved SIEM logging, enabling same-day response time.
• Administered Active Directory and set authentication and Group Policy system configurations,
patched and audited with Dell KACE solutions, establishing weekly SLA for critical patches.
• Audited daily EMC Avamar backup for 150 staff and 400+ terabytes of staff data.
• Maintained inventory database and facilitated annual disposal of $1,000,000 equipment.
• Completed rollout and daily management of KACE remote management and patching systems.
Reduced standardized and custom computer builds from multiple work days to 1 hour.
Migrated, documented and trained team during IT staff reduction and increased workloads.
• Established iPad pedagogy pilot program with instructional technologist using Volume
Purchase Program and Apple Configurator as an early adopter, leading to regional panel talks to
discuss best practices and issues.
Network Administrator
Nov 2008 – Apr 2011
Transformed aging computer infrastructure into high reliability computer labs.
• Appointed to emergency cleanup team for root cause analysis of system driver error halting
boot on computers throughout campus. Replaced VIP computers while conducting analysis over
5 days, averting emergency hardware replacement in excess of $50,000.
• Selected for core assessment team of the pilot SCCM 2007 roll-out, the first centralized full lifecycle management solution for 1,000+ staff and public computers.
• Maintained custom software solutions, including a custom Windows shell and utility to secure
administrative credentials during reinstalls, ensuring 24 hour availability for lab computers.
• Standardized imaging procedure with official methodologies, ending erratic system behavior
requiring weeks of troubleshooting and debugging for 100+ spread over the campus.
• Repaired 3M RFID library workstation for 3M technician site visit in lieu of hardware
replacement in 2 hours, precluding $10,000 device replacement and one week of downtime.
Media Analyst
Jul 2007 – Nov 2008
Performed open source intelligence research, analysis, and reporting of international and regionally
relevant media for avionics companies and strategic military leadership throughout the world.
• Initiated Arabic-only media reporting system for Arab political and military clients as sole
Arabic language media analyst.
• Manned integrated 24/7 media reporting team pivotal to successful PR campaign to win
government avionics bid and counter primary international competitor’s targeted media
campaign.
• Presented media analysis reports on various geo-political topics to strategic combat units to
align their combat operations with desired media image and public diplomacy goals.
Operative #1701-002
[email protected]
EDUCATION – PROFESSIONAL EXPERTISE
High School:
High School Diploma (2010)
Certifications:
Offensive Security Certified Professional (OSCP)
Development Skills: Bash, Python, PHP, Javascript, Drupal, WordPress, Joomla, OwnCloud, HTML,
CSS, SQL, Apache, Postfix, Dovecot, Google Webmaster Tools, PlatesPHP,
FastRoute
Pentest Skills:
Kali Linux, Client attacks (Both with and without BeEF), Metasploit
Framework, MSF Venom, Nmap, Netcat, Burp Suite, Binary Exploitation,
TCPDump, Wireshark, OWASP Top 10
Languages:
Fluent in English and Farsi
PROFESSIONAL EXPERIENCE
Office 365 IT Admin
Feb 2016 - Present
Office 365 SharePoint and account management as well as WordPress administration.
• Handling all day-to-day office 365 administrator tasks including but not limited to: adjusting
permissions on SharePoint sites; adding, deleting and general user and group management;
securing and analyzing malicious network traffic; and creating simplified user tutorials.
Freelance Web Developer
•
•
•
Jul 2016 –Present
Developing websites to fit customers’ wants and business needs.
Developing both e-commerce and static sites as well as uploading all products for clients.
Perform secure website installs to prevent hacking attempts.
Business Analyst
Jun 2015 – Jul 2016
Global Government RFP Drafting as well as web administration and IT Support.
• Managed website with updates and development as required.
• Secured and cleaned WordPress install when exploited.
• Handled IT support as well as set up computers with Office 365 suite for new employees and
set up new e-mail accounts for new hires.
• Searched for Government’s RFP’s across several bid sites and drafted proposals for submission.
Student/Copywriter
Jan – May 2015
Advertising course providing advertising material to non-profit agencies.
• Designed and created several advertisements for Non-Profit business.
• Developed headlines and body copy for websites and ads.
Operative #1701-006
[email protected]
Linux Administrator with experience in modern Dev Ops practices. Extensive
experience administering Amazon Web Services environments.
EDUCATION -- CLEARANCE LEVEL
M.A. Political Science
B.A. International Relations (Cum Laude)
Top Secret/Sensitive Compartmented Information (TS/SCI) Counter Intelligence Polygraph (98-04)
PROFESSIONAL EXPERIENCE
Systems Administrator
June 2013 – Jan 2017
Infrastructure engineer and systems administrator supporting 150+servers and a small team of
application and web developers
• Extensive Amazon AWS administration via GUI and Command Line Interface
• Infrastructure automation with AWS Cloud formation and Ansible
• Web and app server admin in Apache, Nginx. CDN admin with Akamaiand Fastly(VCL)
• Launching and troubleshooting Docker containers. Container hosting with Docker Cloud
• Monitoring with Nagiosand NewRelic, including customplugin creation
• Administration of utility servers such as Jenkins CI server, Jira issue tracker, self-hosted
Splunk, and Graphite-Grafana metrics server
• Bash and Python scripting
• Familiar with DevOps/Agileprinciples. Experience working in a Scrumshop
JuniorSystems Administrator
Feb 2009 – June2013
Junior Systems Administrator supporting physical and virtual infrastructure in a Redhat environment
• General maintenance and support for a Java-based web application on an Apache
Tomcat/MySQL/RHELstack
• MySQL administration including querying and updates, setting up new client databases,
building and enabling slaves, and restoring databases frombackupsusing Xtrabackup
• User administration and support using OpenLDAP, Zimbra Emailserver, Google apps for
business, and Apple Remote Desktop
• Data center operations including racking and cabling servers and bootstrapping RHELhosts
Intake Specialist
Administrative services assisting Veterans with disability claims
• Interviewed injured veterans to determine appropriate services
• Compiled dossiers on each client for screening lawyers
• Managed client database including custom reports
• Subject matter expert on DOD Disability Evaluation System
Nov 2008 – Feb2009
2
Research Associate
Jan2008 – May 2008
• Conducted eviction impact survey at Dale Farm, UK for High Court case
• Acted as liaison between the Irish Traveler/Gypsy community and Advocacy Project offices,
local NGOs and media. Produced reports and press releases.
Research Associate
May 2007 – Jan 2008
• Researched Government contract opportunities
• Coordinated action on RFP’s, bidding opportunities, and capabilities briefings
U.S. Air Force
April1998 – April2004
Cryptologic Linguist(Chinese)
• Translated military intelligence from Chinese and produced reports
• Operated UNIX-based mission guidance workstation for live U2 and Predator missions
• Acted as primary trainer and supervisor for groups of 5 to 10 junior analysts
• Specific course training in Leadership and Management, Managerial Communications, and
TotalQuality Management
Training and Certification
•
•
•
•
Redhat Certified Systems Administrator (RHCSA #111-169-264) Dec2011 – Dec 2014
AWS 101 Course
QualysWeb Application Scanning Course
WhitehatAcademy Workshops (http://whitehat.academy/):Web App Security, Offensive
Python, CTF
• Chosen for HackEd’s Winter 2017 cohort
Operative #1701-010
[email protected]
Objective: to obtain a Cybersecurity position in Forensics or Penetration Testing
EDUCATION - CERTIFICATIONS - SKILLS
(Graduated 2010)
Bachelor of Arts in Journalism
with a Japanese Studies Minor
Associates of Applied Science in Cybersecurity
(Graduated 2010)
Certifications
Security+ CE
Microsoft Tools
Microsoft Office (Word, Outlook, Powerpoint, Excel, Access, Visio, Macros)
Operating Systems
Linux (Debian, Ubuntu, CentOs), Windows (Windows XP, Windows Vista, Windows 7, 8, 8.1, 10)
Applications/Tools
Kali Linux, Open/Libre Office, VirtualBox, VMWare (Workstation Pro, Player), Open Source
Information Tools (The Harvester, Discover, Recon-ng, Google Hacking Database, Bing Hack,
Shodan, Maltego) EnCase, ThreatConnect, DHS's Automated Indicator Sharing Platform, Social
Engineering Toolkit, Metasploit, Nexspose, Nessus, Open-Vas, Sparta, Masscan, Dirbuster, John the
Ripper, Burp Suite, Wireshark, Snort, Nmap, Putty, Mimikatz
Other
Wikis, Blogs, Social Media (Facebook, Twitter, Snapchat, Tumblr, chat/messaging tools)
PROFESSIONAL EXPERIENCE
Special Assistant for the Internet of Things Cybersecurity
Nov 2015 - Present
Responsible for the coordination and management of club activities focused on CTF competitions, all
IoT activities, and local meetups in the chapter
● Train newcomers on offensive and defensive cybersecurity tools and participate in red team and
blue team challenges within the group
○ Kali Linux
○ National Cyber League (NCL)
○ Cyber Collegiate Cyber Defense Competition (CCDC)
● Provide lectures on a variety of topics in cybersecurity for DMV area regular meetings
● Perform server maintenance and serve as internal SME for helping club members with
configuration and installation of items for participation in club lab activities
● Collaborate in teams via regional and statewide Capture The Flag CTF competitions
Recruiter Consultant
Dec 2016 – Jan 2017
Provided support to the recruitment team for the technical review and vetting of applications for
cybersecurity positions
● Provided technical expertise to recruiters on using search databases and techniques for
identifying qualified candidates for open positions.
● Provided new methods for vetting the technical expertise of potential candidates.
Certified Pharmacy Technician
Jul 2014 - Present
Fill and supply medicine to patients and oversee the billing of medications
● State certified as a pharmacy technician in the Virginia area
● Adept in the dealing of claims and insurances regarding prescriptions
● Skilled in multitasking in a fast-paced environment to provide prompt and professional service
to customers
Student Volunteer Initiative Intern
Jul 2016 – Nov 2016
Supported the Assessment and Authorization (RMF) of DHS and helped with the upkeep of
vulnerabilities that are addressed to DHS.
● Worked with the control implementations and collaborated with Northrop Grumman contractors
to ensure NIST guidelines were followed. Improved the language in DHS’s controls with new
language to to ensure each control is properly addressed.
● Helped give companies access to DHS’s Automated Indicator Sharing/Trusted Automated
Exchange Indicator.
● Communicated with private and public companies to troubleshoot issues and vulnerabilities.
● Streamlined the existing SharePoint website portal and collaborated with two of DHS’s SOPs.
● Provided a government lead weekly analytics from NCCIC’s AIS software.
● Participated in a contingency planning test and helped write a follow-up report concerning it to
help improve the process of the ISA governance.
Startup Apprentice Cohort
May 2013 – Jun 2013
Collaborated within groups designing a website with front-end and back-end website functionality
● Worked with HTML/CSS to produce a job portal website within a group
● Created a group charter for a group of five people and brainstormed to envision a wire-frame
mock-up for an updated look of an existing website
Graduate Assistantship
Sep 2012 – Jul 2013
Teaching assistant and tutor for undergraduate computer science students.
● Supported teachers in their computer science undergraduate level classes.
● Helped with basic tutoring for undergraduate computer science students.
● Supervised computer classes on the weekends and assisted students when needed.
Operative #1701-007
[email protected]
Successful Information Technology leader with 15+ years of experience with emerging technologies
and the federal government. Technology field experience with several multi-million dollar federal
programs ranges from: aviation design, robotics, large software development efforts, IT hardware
research and accreditation processes, software integration, analysis, evaluation, and federal
government policy development. Strong experience with program evaluation and development for
metrics of success for software development (social media, geo-spatial, data visualization, and others
applications), COTS and GOTS integration, and enterprise architecture activities with several federal
government agencies.
EDUCATION – SKILLS – AWARDS
Education: BS-Mechanical Engineering, Spring 2002
Certification: Scaled Agile Framework (SAFe) Agilist
Microsoft Applications (Word, Excel, PowerPoint, Visio, Project, Publisher, Access,
Sharepoint)
Other Programs (Adobe Acrobat, Photoshop, Illustrator, Macromedia Dreamweaver, Lotus Notes,
Lotus Notes Databases, Domino, SameTime, Stellent, Various Web Based media players, Castanet,
Wiki programs, Blog programs, Intelink tools, xLink, Traction, ArcGIS)
CAD Programs (AutoCAD, SolidWorks, Unigraphix), Xacta, Continuum
HW Equipment (Servers—Linux, Servers-Windows, Backup and Storage Equipment, Virtual System
(vmWare VSphere, vMotion), Cisco Routers, ASA Switches)
Cyber Penetration Testing Tools Tenable Nessus, Tenable Security Center,
WebInspect, AppDetective, KaliLinux, Accunetix, Burp, Nmap, SQLMap
Policies: NIST (800-37, 800-53, 800-115, 800-137), ICD (501, 502, 503, 500-27, 704, 900),
FedRAMP, FISMA, E.O. 12333, HSPD, FIPS
Awards: ISG Kudos and Accomplishments (2013), EASD Appreciation Luncheon Recognition (2013),
ANSER Spot Award, CACI Spot Award (2007 (2), 2008 (3)), Iran Mission Manager Award 08, NG
Fusion Outstanding Contractor Award, CACI Achievement Award (2007 (3), 2008 (3)), DNI CIO
Awards (07, 08, 09, 10), Recognition by North Korea Mission Manager, Official Recognition Memo
from Director of National Counter-proliferation Center (NCPC)- 2010, CIA Apps Capabilities Showcase
Team (IC3E)-2010, ISG Kudos Award (2013(2), 2014 (1), ManTech Recognition Bonus (2014),
Vencore Hot Shot Award (2015 (2)), Vencore Team Recognition Award (2015)
PROFESSIONAL EXPERIENCE
Information Assurance/Security Engineer Principal Technical Specialist
Resource Center Support
6/15-10/16
5/2016 – 10/2016
Serve as key personnel with supporting company proposal efforts and internal process organization.
Work with a team of individuals to help develop and implement: cybersecurity certification training
opportunities, hands-on cybersecurity skill development, new employee on-boarding activities,
research for different technical expertise, developing internal processes and procedure for company
activities. Additional provide commercial research, documentation review and editing, partnerships,
and proposal support for new business opportunities for the company with different government
customers.
Deputy, Security Engineering Support Team
6/15-4/16
Served as key personnel as the deputy of the Security Engineering Support Team on the contract.
Additionally, served as site technical team lead for the security penetration test team for cyber COTS
and GOTS systems for government customer. Responsible for the development and integration of
commercial and government best practices for security testing procedures and assessments and
implementation for ITIL standards for the IT enterprise. Team was responsible for using a variety of
security assessment tools to determine security vulnerabilities and risks with hardware, software, and
network configurations with new products and/or projects. Managed and evaluated technical
strategies, tools, and techniques to improve accuracy and precision for security situational awareness
and security assessment testing strategy. Reviewed and evaluated different cyber security test tools
for effectiveness with different IT system components. Tools used include: WebInspect,
AppDetective, Nessus, Burp, Kali Linux, Accunetix, Fortify, Nmap, SQLmap, various IDEs, and others.
Ensured that procedures for assessing the quality and accuracy of different commercial security tools
followed best practices and met customer’s expectations. Provided analysis in formal reports
delivered to the customer’s clients. Provided oversight of the Information System Security Officers to
ensure that the customer is adhering to the Risk Management Framework for Authorization and
Accreditation (A&A) processes.
Senior Cybersecurity Subject Matter Expert (SME)
Technical Team Lead
4/14-4/15
4/14-3/15
Served as the site technical lead for continuous monitoring analysis and analytic techniques for
government customer. Responsible for the development of the technical strategy and direction for all
analytic activities inclusive of: integration of technical tools for continuous monitoring analysis,
integration of different analytic techniques, integration of federal and agency policy and practices, and
development and production of reports. Participated in the development of configuration management
and other ITIL related processes for the customer. Evaluated vulnerability IT tools (Security Center
and Nessus, AppDetective, WebInspect, and MVM) for security control compliance, asset
management, and performance management as it pertains to operational systems for the customer.
Analysis team is responsible for integration and reporting of all security IT engineering activities for the
continuous monitoring utilizing the Risk Management Framework as identified in NIST and other
federal documentation. Reviewed systems scans and developed procedures to accurately define and
develop process for security monitoring for virtual systems. Provided analysis and review of FISMA
and FISCAM systems to provide input to customer’s reporting procedures. Also, included research of
incident response activities and reports to help improve overall cyber strategy for security.
Senior Systems Engineer
2/13-4/14
Responsible for engineering internal quality control review of internal and external engineering
development projects. Internal quality control duties to include: strong emphasis on reviewing project
and technical concept documentation for accuracy, testing baseline procedures in customer lab,
providing input to aligning of internal business procedures to ensure that customer can deliver
engineering projects on schedule. Also, worked with various contractors and government personnel
on analysis and evaluation of procedures to determine process improvement and coordination
between different organization branches. Worked with Virtual Engineers to improve accuracy and
testing of all customized processes for using VM technology. Coordination included addressing all
aspects of the technical/engineering support to include tier1, tier 2, and tier 3 support, configuration
management, ITIL procedure development, project managers, system integrators, and government
branch chiefs.
Senior Systems Engineer
10/11-2/13
On-site contract technical team member and lead for Technical Insertion group, focused on
engineering research internal and external to the federal government for solving analysis and
integration issues for mission activities. Served as lead contractor for managing customer’s strategic
advisory board for mission needs within the IT management office for the customer. Additional duties
include: help coordinate customer’s involvement with IC-wide projects providing technical reviews,
technical assessments, briefings, and vendor reviews to the customer for meeting organization’s
strategic goals.
Senior Systems Engineer
5/06- 9/11
On-site contract technical lead (only sub-contractor in branch as a division lead) for the DNI’s
Office of the Chief Information Officer, in the IC Information Assurance’s Secure Information
Sharing Division. Provide oversight, direction for overall contract deliverables and capabilities
to a mixed company team and serve as liaison to government leadership. Perform as the
contract technical lead for a secure information sharing project to include the following
responsibilities: mission and customer outreach, business procedures, technical integration,
agile development with executive agent, and overall project strategic management. Led efforts
to review and develop design implementation strategy for software applications (social media,
data entity resolution, geo-spatial, and other commonly used collaborative software) within the
secure information sharing environment enclave.
Contract Team Lead-Mission Manager
6/09-2/10
Developed integration plans for on-going CIO business and technical transformation programs
and executing DNI Mission Managers’ needs. Developed IC CIO mission manager portfolio
and integration processes for more effective and efficient management of IC wide information
to assist senior leadership in making timely decisions for policy makers. Led requirements
analysis and collection efforts to ensure the IC CIO directorates could effectively coordinate
actions to complete DNI mission manager assigned tasks. Collaborated with other contractors
to develop process to update and integrate common mission collaboration software
applications into enterprise architecture designs.
Mission Manager Liaison
2/07 – 6/09
Develop processes, procedures and techniques to develop efficient information sharing across
IC for DNI Mission Managers to provide enterprise IC-wide sharing capabilities. The
responsibilities included: Meeting participation with DNI Mission Managers regarding
information sharing related issues, assisted with executing assigned actions for Mission
Managers, developed requirements for DNI CIO Transformation programs. Collaborated with
mission managers on inclusion of social media tools (wiki, blogs, chat, and collaborative
spaces) into overall collaborative and knowledge managements strategies across the IC.
Participated in IC-wide enterprise architecture environments to ensure the commonly used
mission software applications requirements can be integrated into service oriented
architectures (SOA) and IT processes.
Assist with the development of requirements for the Foreign Intelligence Relationship
Enterprise System by coordinating and reviewing existing processes for sharing information for
over 6 different federal agencies. Reported and updated senior-level decision making group
on project status. Branch liaison for office bi-monthly vendor review meetings on new potential
technology solutions for enterprise IT development.
NSG Opportunity Office Action Officer
5/06 – 10/06
Developed business process and strategies for improving contract wins and more efficient
processes for creating quality and competitive proposal packages with limited staff for IDIQ
contracts in the National Solutions Group Opportunity Office.
• Assisted staffing specialist and managers with searching and identifying quality external and
internal candidates for technical related positions
• Developed a streamlined process for communication with partners and sub-contractors
• Researched software solutions store relevant information for contracts, candidates, and other
pertinent information for different IDIQ vehicles. Served as subject matter expert for
determining “best athlete” candidates
• Lead and participated in proposal efforts that resulted in an additional $10 million dollars of
new business wins for the business group
Scientist/Engineer
3/04 – 5/06
Developed Homeland Security policy and technical integration strategies for multi-million dollar federal
departments and agencies focusing on the Intelligence Community (IC). Provided support for internal
and external government agencies to utilize each agency’s capabilities to support the Department of
Homeland Security’s mission.
• Drafted reports on multiple wireless interoperability issues that were provided to the
customers
• Researched and developed support and integration plans for customer involvement
with Homeland Security Information Network (HSIN)
• Researched and provided customer with reports for understanding Homeland Security
networking and enterprise architecture issues
• Designed and maintained customer website
• Authored Standard Operational Procedures Manual for customer operations focusing
on the Homeland Security Operations Center (HSOC)
• Provided policy and operational analysis of new agency security plans including:
Interagency Security Plans (ISP), National Response Plan (NRP), Joint Field Office
(JFO) Standard Operating Procedures (SOP), National Incident Management System
(NIMS) and Special Event Integrated Federal Support Plans
• Developed “Lessons Learned” documents for federal response to Hurricane Katrina
which was integrated into the final White House report
Cost Analyst
11/02 – 3/04
Developed life cycle cost estimates in support of the National Security Agency (NSA) for multimillion dollar projects.
• Developed documentation aimed to improve the data collection methods for identifying,
utilizing, and transforming legacy systems
• Led and participated in different cost research efforts to improve cost estimating
methods.
• Automated input and calculation processes for cost models.
• Participated in Vendor Reviews of COTS equipment for network projects
Operative #1701-012
[email protected]
Information Security professional experienced in secure administration of IT enterprises; utilizing both
physical and virtual environments during the Systems Engineering Lifecycle. Successfully, proven
team collaborator operating in demanding environments with the ability to implement cybersecurity
best practices to minimize risk. I am seeking an incident response or penetration testing opportunity.
CLEARANCE LEVEL – EDUCATION – SKILLS – TRAINING
Department of Defense - Secret Clearance
Bachelor of Science, Information Technology / Security, expected 2019
Certifications:
Certified Information Systems Security Professional (CISSP)
CompTIA Security+ CE
AccessData Certified Examiner (ACE)
Offensive Security Certified Professional (OSCP), expected Spring 2017
Technology/Skills:
Security Onion, pfSense, Wireshark, Splunk, Linux (Kali, Ubuntu), Social
Engineering, Active Directory, Remedy Ticket Management System, Nmap,
Metasploit, Snort, Suricata, AppAssure, PBX, WhatsUp Gold, VMware,
Windows Server 2012, Office 365, HP c7000 BladeSystem, Microsoft Exchange
Training:
United States Army Information Systems Operator – Analyst Training Course,
United States Army Airborne School, Gryphon Group (Mobile Force Protection)
Tactical Local Area Network (TACLAN) Course
PROFESSIONAL EXPERIENCE
System Administrator
May 2014- May 2016
Managed all facets of corporate IT to include server and network architecture, management,
maintenance, network monitoring, and policy creation. Directly supported C-level executives.
• Drastically improved infrastructure reliability by migrating 80% of physical servers to a virtual
environment with High Availability and implementing a comprehensive backup solution.
• Implemented a local privileged account management system which utilized autorotation of local
admin passwords to effectively mitigate pass the hash attacks as well as provide manageability.
• Coordinated the move of corporate IT infrastructure to new headquarters, which was completed
and tested within a 12-hour window, providing minimal disruption to business operations.
• Assisted in authoring company IT Cybersecurity policies regarding Acceptable Use Policy,
Remote Access Policy, Server Security Policy and Incident Response Policy/Plan completed in
accordance with NIST guidance (800-12, 800-46, 800-123, 800-61).
System Administrator
Oct 2013- May 2014
Responsible for secure administration of multiple clients. Activities included but were not limited to:
Security Patching, maintenance and hardening of Windows environments. Provided additional analysis
of vulnerability assessment results to mitigate vulnerabilities for Microsoft products.
• Deployed packages for MS and 3rd party software patching of desktops and servers via SCCM.
• Authored SOP documents for maintenance of key client resources and training end users.
Senior Computer Technician Support Analyst
Aug 2011- Sep 2013
Tier 3 support deputy team lead. Responsible for Security Asset Management and guiding the
Break/Fix team. Other leadership responsibilities include queue management and point of escalation.
• Resolved complex desktop issues for over 4000 users with a team of 8 technicians.
• Utilized Remedy for all aspects of user request management to include but not limited to: ticket
submission, ticket tracking, workflow management, and overall system quality assurance for
ticketing; not only for the Break/Fix queue but the overall help desk.
• Utilized Remedy, ticket management system, to submit, track, transfer, and provide Quality
Assurance for ticketing in the Break/Fix queue as well as the Help Desk Queue.
• Assigned as liaison for notoriously disgruntled customers; conveying policy in a polite manner.
• Managed Life Cycle Replace (LCR) projects for three external sites.
Battalion Information Assurance Officer
Jan 2009 - Aug 2011
Responsible for regular Security Assessments and inspections, orchestrating the Battalion Certification
and Accreditation (C&A) process and facilitating teamwork among cross-disciplinary teams.
• Managed a team of two, conducting security assessments on special forces team rooms;
identifying shortfalls and implementing safeguards to ensure compliance to DISA regulations.
• Completed regular asset management processes to track and maintain asset accountability.
• Maintained 100% accountability of unit communications equipment valued at 2 Million dollars.
• Conducted Security Assessments every 6 months to ensure that all unit publications, policies
and procedures were completed in accordance to DoD standards as well as regular spot
inspections to prevent security violations.
Senior LAN Manager
Aug 2005- Jan 2009
Rotated between Battalion S-6 (Communications) and Signal Detachment providing support for
Battalion Staff and training soldiers on the Tactical Local Area Network (TACLAN) suite.
• Trained a dozen signal soldiers on the deployment and operation of the TACLAN suite.
• Managed the lifecycle replacement and growth plan for over 400 classified systems.
• Managed the team responsible for installing, and maintaining network infrastructure on both
unclassified and classified networks.
o 20 Servers, 300 Laptops, 40 VOIP Phones, 15 digital senders
Tactical Local Area Network Supervisor
2007, 2009-2010
My first deployment I was attached to the Operations Center as their signal liaison. My second and
third deployments were spent in the Signal Center and providing traveling support to external teams.
• Managed the Security and Operational aspects of a Windows Server 2003/2008 network
o Over 600 users, 400 laptops, 50 VOIP phones, 20 servers, 20 switches and 6 routers
were maintained throughout the deployments.
• Served as “acting” lead for escalation of security and operational issues related to Windows
Server 2003, Windows Server 2008, and satellite communications.
• Traveled between 12 external sites providing all facets of communications support to special
forces teams spread across the southern half of Iraq.
Operative #1701-004
[email protected]
Cybersecurity researcher and investigator who
brings a rare combination of investigative, legal and
cybersecurity skills to his engagements. In 2016,
he worked with a mobile device social engineering
start up. Prior, he worked in Tokyo for Deloitte on
defense and cyber projects. In DC, he led a crossfunctional research team at Deloitte that
investigated subjects of interest to Department of
Defense clients. Supported Special Forces GWOT
activities in Iraq and Africa. He joined the
Securities & Exchange Commission Office of
Internet Enforcement at its inception, developing
some of the investigative methods they use today.
He reads and speaks Japanese and is an
experienced translator.
Experience Highlights
•
•
•
•
•
•
•
•
•
•
•
•
DoD GWOT Mission Support
SEC Enforcement Attorney
Sanctions Investigations
Internet Crime Investigations
GCIH Incident Handler
Certified Private Investigator
DoD Superior Service Award
Defense of Freedom Medal
Fluent in Japanese
Experienced Team Lead
Former Law Clerk
Expired TS/SCI with CI Poly.
Work Experience
Non-resident Fellow for Cyber Security – January 2016 - present
Joined former DNI and PACOM CDR, ADM Dennis Blair’s DC-based think tank this
year. He is responsible for seminars and white papers on Cyber Security as it
pertains to US – Japan affairs.
• Set up ADM Blair’s Security Track at the GoJ-sponsored C3 Cyber Conference
in Okinawa late last year
• Organized Cyber Conference in May with US Embassy at Keio U.
• Coordinated DC Cyber experts’ input into Japan’s Cyber agenda for May G-7
Summit
Director of Business Operations – July 2016 – December 2016
Responsible for establishing and running business operations in three areas:
pentesting, mobile pentesting, and training. Key goal is to introduce our DARPAfunded mobile pentesting tool to the hacker community.
Senior Manager, Global Deployment, Tokyo Public Sector Team – May 2012
- Dec 2015
Started supporting consulting company’s newly-formed Public Sector consulting
practice in May 2012 and was selected for a 2.5-year global deployment to Tokyo
starting February 2013. Major efforts include
• Led research and writing of 50-page report on state-of-the art cyber
investigative skills provided to a Japanese law enforcement client
• Briefed 110 investigators and forensic specialists on the role of expert
witnesses and forensic evidence in US court rooms, delivering in Japanese
• Joint presentation to 2014 Pacific Rim law enforcement symposium on using
RAM forensic tools in criminal investigations
Senior Manager/Manager, Department of Defense -- April 2009 - May 2012
Leads a cross-functional research team composed of former military and intelligence
officers, forensic analysts, and commercial due diligence experts. The team has
conducted a number of well-received research into matters of federal client interest:
Operative #1701-004
[email protected]
•
•
Briefed Deputy Commander, CENTCOM three times on final products
Products briefed to Director, DIA and Treasury
Project Manager -- June, 2008 - March, 2009
As a GS-14, managed acquisition projects for Navy SEALS
Project Manager -- March, 2004 - June, 2009
As a GS-14, was involved in a number of efforts in the US and overseas:
•
Awarded Defense of Freedom Medal (civilian Purple Heart) and Superior
Civilian Service Award by Secretary of Army for 2004-05 activities in Iraq
•
Chief of special projects team for 4-month deployment
•
Senior Civilian Adviser to unit commander (O-5)
•
6 months in Iraq (in combat environment) and 4 in Horn of Africa
•
Drafted special administrative plan signed by DepSecDef in aftermath of 9/11
Contractor - July, 2002 - March, 2004
participated in counter-terrorism and coalition government support roles:
•
Two months with Coalition Provisional Authority
•
Worked as advisor to Iraqi Minister of Telecommunications
•
Handled regulatory issues setting up GSM networks in Iraq
Staff Attorney, Office of Internet Enforcement – Sept., 1999 – June, 2002
As an original member of OIE, he was involved in a number of cutting-edge Internet
investigations that helped shape the SEC’s Internet enforcement policies. The
Department of Justice ran parallel investigations into four of his investigations,
bringing criminal actions against the defendants. Wrote a program that collected
online evidence used to arrest Anthony “Tony” Elgindy and the FBI Special Agent
who had been passing Elgindy information from the NCIC database for the purpose
of manipulating stock prices.
Law Clerk, Chancellor Chandler & Vice Chancellor Steele – Feb. 1998 - July,
1999
Submitted draft legal opinions on complex shareholder litigation and business
disputes for the presiding judge.
Education
•
•
•
JD, Law, June 1998
MA, International Development, March 1994
BA, English Literature, June 1990
Operative #1701-004
[email protected]
Certifications
•
•
•
•
•
•
•
FBI, Advanced Unix Intrusions, 2001
GIAC, GIAC Certified Incident Handler, January 2016
SANS 504 Hacker Techniques, Exploits & Incident Handling, December 2015
Offensive Security, OS Certified Professional – currently enrolled (coursework
completed)
Active Member, District of Columbia Bar Association
Private Investigator, Commonwealth of Virginia
Black belt (second degree), Judo, earned at Nagoya University, Nagoya, Japan
Computer Skills
•
•
•
•
Comfortable w/ Kali Linux (Metasploit, Burp, Nikto, Nmap, Wireshark, Msfvenom,
rev. shells)
Solid scripting and programming skills (Python, Go Lang, Bash, Perl)
Experienced Linux administrator, including SSH, Apache, Postfix, Mysql, VMware,
etc.
Comfortable setting up and running cloud instances
Volunteering
•
Election Monitor (out-of-state attorney) for Republican Party in Philadelphia for
2016 presidential elections, Nov. 2016
•
V.P. of Operations, Northern Virginia Information Systems Security Assoc.
(NOVA-ISSA), 400-plus chapter of ISSA, international association of INFOSEC
specialists, Nov. 2016 - present
•
Judo Instructor, 2006-2010
CANDIDATE #1701-300
[email protected]
Security Clearance: DHS (TS/SCI) and DoD (TS).
CAREER SUMMARY
• Education: Ph.D. in Industrial Engineering, M.S. and doctoral candidate in Telecommunications, Computer
Networking, and Computer Science, MBA, and B. Law with minor in Education.
• Experience: 30 years Software Engineer/System Engineer/ / Sr. PM. 7+ years Graduate Adjunct Faculty. 4 years
Graduate Research Assistant.
• Technical Areas: SME on Cyber Security, Information Assurance, Network Security, Computer Forensics
Analysis, Cellular Network, Mobile Applications Security, Enterprise Computer Networking,
Telecommunications, Cloud Computing, Video and Voice Digital Signaling Processing (DSP), Network
Management, Email Forensics, MySQL, and Performance Enhancement.
• Leadership: Led teams of 12 - 40 developers. Coordinated with many internal architects and companies to
introduce new Computer Telephony products.
• System Engineering: Developed network architecture, standards, requirements, technical specifications, trade
study, use cases, and test plans and involved in acquisition process for DISA, AF, Army, DHS, DoJ/IC, Federal
Courts, FDA, and WH.
• Software Engineering: Strongest in C/C++, Python, JAVA, and Linux/Unix OS. Proficient in REST API, STIX
XML, xdocreport template API, JACKSON template API, SQL, and Assembly. Mostly in applications, voice &
video DSP, layers 2/3/4, and drivers.
• Proposal Grants: Received $100K MITRE Innovation Research grant on mobile security and $75K HLSC grant
to lead a team on mobility security study. Wrote 8 proposals for new product direction R&D at Nortel Networks.
6 of the 8 proposals resulted in multimillion-dollar funding grants.
• Standard Forum: DoD UCR, DHS NCS, ITU-T SG8, PacketCable, IETF MEGACO, and OSI.
• Teaching: Was promoted to Adjunct Associated Professor at UMUC in 2014. Taught graduate classes at
UMUC, JHU, UMD, and GMU, 2009-present, on Network Security, Computer Forensics, Network
Communications, Computer Hardware and Software, Wireless Network, Network Management, and VoIP
security. Taught courses to MITRE, NSA, DISA, CIA, and DHS in VoIP Security, Network Security, Network
Management, and VoIP.
• Training: 8 cyber security courses and many 1-3 day workshops at MITRE (2013), 2 weeks courses from
Juniper on Juniper switches, routers, and security (2012), SIP, TI DSP, VoWLAN at Texas Instruments (2003),
and many telecom and data network protocols courses at Nortel Networks (1991 - 2000).
• Patents: 9 patents from multiple regions (US, World, Europe, Canada, and Australia).
• Publications: Textbook Interworking with OSI, 1992, Network Security (WIP), 75 conference papers, and 450+
technical papers.
• Personal Notes: Passionate on technologies, learning, sharing, and education. Strong on analytical analysis.
Team-oriented.
TECHNICAL EXPERIENCE
• Government Networks: DoD UC (VoIP), UCD (Big Data), JIE, DISN, 3GPP/IMS mobility security, NIE15.1
CP CE, Army and AF networks, DHS AA (C-AITS/Triad, NCPS), 3GPP/IMS NSPS, ST&E, DoJ/FBI, FCC
TRS, DoS cloud, RF (SINCGAR, SRW, UHF), SATCOM, and WHCA.
• Security: Mobile application security, network security, VoIP security, NSA Secure VoIP pilots, web security,
cloud computing & security, Information/Computer Forensics, Transport Layer Security (TLS), IPSec, IPv4/v6
security, VPN, Communications Assistance for Law Enforcement Act (CALEA), and NIST Security and Federal
Information Security Management Act (FISMA).
• Telecommunications and Networking: cellular (3GPP/IMS LTE, UMTS, EV-DO) architecture, VoIP (SIP,
MEGACO/H.248, MGCP, H.323, Sigtran, Packet Cable v2.0/v1.0), switches (Nortel DMS100, X.25, PBX
Meridian 1, ISDN, SS7, GR303, Q.931, Q.921, and DSL), Voice over ATM, transport (TCP, UDP, ST, RTSP,
SAP, SCTP), IPv4, IPv6, OSI architecture, LAN/WLAN, and performance measurement
• Voice & Video Digital Signal Processing (DSP): TI reference circuit boards DaVinci, Titan, and DSP.
Audiocodec VoIP and VoDSL IAD. Coppercom Voice GW, Mobilygen video board, Phillips video board,
Prodys video board with MPEG2, MPEG4, and H.264. Cornet video board. Video performance enhancement.
• Operating Systems & Processors: Linux, UNIX, MAC, Motorola 68020, Intel 8086, and VAX VMS.
• Languages: C/C++, JAVA, XML, Python, Scripts, Fortran, and Assembly.
• Software Development Environments: JAVA Spring Framework, Eclipse, IntelliJ, Tomcat, Maven, VM,
Linux, MAC, Windows, SysML/MagicDraw, TI DSP Code Composer Studio and Digital Spectrum Emulator,
WindRiver VisonClick and Emulator, and Tornado VxWorks.
• Web Development: REST API, xdocreport, STIX
• Database: Oracle DB, MySQL, Netezza, and Postgresql.
EXPERIENCE
Sr. Network Cyber Security Engineer
2015-Present
• DHS: Developed software for Automated Incident Triage Services (C-AITS) and Cyber Weather Map, using
hibernated JAVA Spring Framework, REST API, STIX XML, xdocreport template API, JACKSON template
API, Python, OracleSQL, mySQL, Neteza SQL, Silk, Netflow Analysis, Drools (Rule Engine), Centos, Eclipse,
IntelliJ, Marven, Tomcat, SourceTree and Stash/Github. Wrote many proposals on cyber, cloud, & mobile
security. (Others are not for disclosure).
Lead Communications Engineer
2007-2015
• DoD: Led for DISA/Army Network Integrated Evaluation (NIE) cloud analysis. Led in Joint Information
Environment (JIE) Mobility Gateway. Participated in the DoD UCR Core WG. Made significant influence on
UCR. Compared 6 military VoIP implementations. Defined use cases and gaps in call signaling protocols, call
features, dial plans, audio codecs, QoS, and security. Wrote VoIP services description and DSN-to-VoIP dial
plan trade study. Wrote tactical Radio Frequencies (RF) networks interworking gateway functional specifications
to DoD UC VoIP. Wrote the Army VoIP Strategic Roadmap. Participated in modernizing NATO Joint Data
Services led by Pentagon. Supported Army PEO C3T CE on NIE 15.x-16.x CP CE V3 cloud analytic analysis in
architecture, services, non-relational database (Red Disk), software and hardware cost.
• DHS: Wrote Market Survey of Open Source Business Intelligence, Mobile Application Security for Healthcare
and Banking, Next Generation Network National Security and Priority Services Security Master Plan, Packet
Cable Access Network Requirements, and Video Services Requirements. Provided inputs to DHS R&D funding
to contractors. Reviewed 4 carrier’s security plans. Contributed to DHS Industry Requirements on 3GPP/IMS
Core Network Services and Access Network (including UMTS, EV-DO, LTE, satellite, WiMax, optical, packet
cable, and DSL). Participated in acquisition process.
• DoJ/FBI: Developed software for email and information forensics and surveillance, using Python, MySQL, and
other tools (not for disclosure).
• Sr. Leaders (DISA, WH, and IC) Secure VoIP: Not for disclosure.
• Innovation Grants for Secure VoIP: Received $100K Innovation grant and $75K HLSC Core grant. Led a
team to investigate VoIP/SIP/TLS/IPSec calls over 3G & 4G cellular networks. Built an IPSec tunnel and
Kamaillio SIP/TLS connection to test secure VoIP calls over cellular network into an enterprise network or a
residential network. Used several protocol analyzers to diagnose the root causes. Wrote a MIP proposal “HighLevel of Reliability and Persistence for secure VoIP connections” as solutions. Compared Apple, Samsung,
Motorola, and Blackberry smartphones security features. The secure VoIP solution is to replace government
secure phones SCIP, STE, and SMEPAD. Developed cost analysis.
• FDA Web Portal: Developed web portal architecture and host analysis and solutions. Compared vendors’
product features. Analyzed Federal Information Security Management Act (FISMA) security compliance.
Compared 9 FedRamp certified Infrastructure as a Service (IaaS) offerings. Participated in acquisition process.
• FCC: Wrote Test Plan for H.323 and SIP interoperability of Telecom Relay Services (TRS), including video and
text services, for hearing impaired person.
• Air Force: Wrote Technical Description and compared vendors’ products to improved process to shorten the
lifecycle of replacing switches and routers for all AF bases for 4 years. Participated in acquisition process.
• US Courts: Wrote Network Management document. Assisted in transition to VoIP. Conducted traffic analysis.
• DoS: Migration Plan on Cloud Computing.
Page
2
• Teaching: Taught Network Security and VoIP Essential classes to NCS, DHS, and company. Taught VoIP
Security to NSA.
JHU, UMUC, UMD, GMU, Maryland, Virginia
Adjunct Associated/Assistant Professor
2009-Present
• Information Technologies and Systems (2009-2013), Network Communications (2013-2015), Computer
Hardware and Software Architecture (2009–present), Computer Forensics Analysis (2015-present), Network
Security (2013-present), and Project Management Professional (PMP) & Certification (2013).
• Network Security (2009 – 2012), Network Management (2009 – 2011), and Advanced Wireless Network (2010).
• Network & Protocols (2012), Network and System Security (2010), and VoIP (2010).
• Computer Communications and Networking (2009).
Sr. Software Systems Engineer
2003-2007
• Video Performance Enhancement: Conducted video performance study fro DaVinci EVM and VMWare.
Added several display resolutions, frame rate, bit rate, and other performance data to display. Developed in C on
Linux & VMware. Benchmark Wintech Video IP phone performance. Used DSP development platform CCS3.2
and Emulator. Developed a H.264 Quad surveillance box, host interface streaming with Mobilygen CODEC,
including H.264 element stream and Mobilygen QBOX stream. Interworked H.264 RTP and RTSP connections
with servers VLCPlayer, Elecard NWPlayer, and Cornet iVdoViewer. Significantly enhanced video performance
for Prodys MPEG2/MPEG4 transport stream, TI DMS642, and Phillips SAA6752 encoder. Developed in C on
DSP development platform CCS 3.0, DigitalSpectrum Emulator, and Nucleus.
• Voice and Video-over Internet (VVoIP) and DSP: Developed VoP software requirements for Residential and
Enterprise Gateway , IP phone (IPP), wireless IP Phone (WIPP), and Video IP Phone (VIPP). Chips included
Titan, Petra, VDSP, Montichello, and OMAP 1600 and 1700. Worked closely with hardware engineer on
product requirements analysis. Developed drivers (included LEDs, serial interface, USB, Ethernet, LCD, and
keyboards).
• Supported PM and Sales: Defined marketing requirements and roadmaps. Wrote RFI responses. Wrote GW
product feature spec and admin guide. Provided training to sales and marketing.
• Standard Forum: Was the major contributor to PacketCable PC2.0 RTS and SIP networks standard WGs.
• Patents: Filed and was granted 3 patents.
• Publications: Published 26 conference articles on VoIP, VoIP security, and CALEA. Offered Voice over WLAN
Workshop at Voice over WLAN Conferences.
Sr. Software Engineer, Team Lead
2001-2003
• VoIPoDSL: Wrote VoIPoDSL system specifications and software architecture documents. Led a team to
develop VoIP MG on TI VoIP DSL boards in C on VxWorks/Tornado and VisualSlick. Focused on call
processing between legacy Q.931/ Q.921 and VoIP SIP and MEGACO. Resolved issues on end-to-end calls over
ATM with Siemens HiQ Softswitch and Jetstream CPX-1000 MG. Developed SCTP code for layer 4 streams.
Modified L2TP, IP filtering, IP forwarding, and firewall features to support VoIP. Modified DSL code.
Developed DuSlic control software to control Infineon telephony card DuSlic via Telogy DSP.
Sr. Software Engineer, Software Architect, Sr. System Architect, Sr. Product Manager (PM)
1992-2001
• VoIP: Served as an Architect for Class 5 switch UE9K VoIP MEGACO MG. Wrote requirements and software
high-level design. Prototyped VoIP MEGACO in C/C++ on Linux. Assisted software engineers.
• PacketCable: Served as Sr. PM for all PacketCable standards and relationship with Cable MSO and 3rd-party
developers. Wrote call controls contributions to ITU-T SG9, IETF MEGACO and Sigtran WGs. Managed 12
Nortel architects to implement PacketCable VoIP features.
• Funding Grants: Wrote 8 proposals. Six of them brought in grants in excess of $1M. Converted
telecommunications call processing, ATM, and Frame Relay to new platforms using IP switching.
Page
3
• Computer Telephony Integration (CTI): Developed CTI server to allow a computer to control class 5 switch
call processing in C on Linux. Conducted research on CTI standards and products. Defined and developed class
5 switch open API in CORBA and built a class 5 switch ORB. Served as PM to develop new PBX CTI products.
Worked with marketing, sales, and other vendors and developers.
• ISDN: Served as an Architect and PM for the ISDN packet projects. Modified ISDN packet-switching call
processing features in Protel on class 5 switches. Approved all ISDN packet detail design and code.
• X.500 Directory: Developed X.500 directory in C on UNIX and Stratus.
• Patents: Filed and was granted 6 patents.
• Technical Sessions: Hosted RTP lab-wide lunch learning sessions for 3 years. Presented 3 sessions.
Research Assistant Professor
1989-1992
• Developed a network traffic engineering and network planning tool for Class 4/5 switches and SS7 in C on UNIX, with a CSIM
package for Litel and Sprint. Designed network management with the Object-Oriented Approach. Designed Multimedia
Benchmark Suite and Bandwidth Aggregation.
• Represented DoD in OSI Workshops.
• Received training in SS7.
Sr. Software Engineer
1987-1989
• Developed an automated medical lab information systems using CASE-ASDD on UNIX and VAX.
• Developed Oracle SQL DB applications, and Programmable Logic Controller on VRTX-OS in C and Assembly.
Graduate Research Assistant/Teaching Assistant
• Was a Teaching Assistant for Microcomputer Architecture, covered Intel 8086 processor, Assembly, and C.
Participated in projects: using computer to automate chip fabrication process, TTU computer-aided registration,
automating answering service, automating medical lab data process., and building inventory control systems.
EDUCATION
•
•
•
•
•
Doctoral Candidate (passed the qualifying exam), Computer Science Telecommunications Program
M.S., Computer Science Telecommunications Program
Ph.D., Industrial Engineering
M.B.A.
B.A. Law, Minor in Education
PROFESSIONAL TRAINING
• Eight computer forensics courses (Web, Android, hard disk, Windows, cloud computing, assessment & testing)
(2012-2013)
• Two weeks of Juniper AJEX switches and routers and advanced security training (2012)
• Government Acquisition Process (2008)
• Satellite Networks (2008)
• SIP, TI DSP, Voice over WLAN at Texas Instruments (2003 – 2005)
• Many courses on DMS100, Meridian PBX, Data Network Protocols, and Trouble Shooting at Nortel Networks
(1992 – 2001)
AWARDS and RECOGNITIONS
• DHS recognition letter for contributing to Next Generation National Security Emergency Preparedness (NS/EP)
and Network Security in 2010
• Homeland Security Center Director’s Award for significant contribution to DHS in 2010
Page
4
• Outstanding Researcher award from Chancellor of University in 1990
• Litel recognition letter for developing the simulation software to simulate and analyze telecommunication traffic
in 1990
• 9 patents granted
Page
5