Dave's Good Stuff

CV

Posted On Saturday, June 16th, 2007 By David Veatch

SUMMARY OF QUALIFICATIONS

I have 14 years in Information Technology, ranging from front end web development, to middleware web application development, to service and server administration, and information security. I have been involved in restructuring, from the ground up, enterprise security infrastructure using best industry practices, both as a technical lead and as support for business units and other areas of IT. My technical knowledge includes logical and physical network and security infrastructure, firewalls, intrusion detection and prevention, network traffic mapping and monitoring, vulnerability and network state scanning, encryption, policy and procedure creation and enforcement, and product evaluation and implementation. My experience includes the support of information technology teams, troubleshooting network, server and software issues, extensive work with auditors, and external regulations (GLBA, Sarbanes-Oxley, HIPPA). I am familiar with and comfortable in both Windows and unix/linux environments.

TECHNICAL SKILLS

• Operating Systems: Microsoft Windows XP, 7; Microsoft Server 2000, 2003; unix (FreeBSD, OpenBSD, Linux, Solaris, HP/UX, AIX).
• Firewalls: Checkpoint/Nokia DL350, Netscreen 5GT; 208, SonicWALL Pro 300; Pro 1260; Pro 2040; Pro 3060
• Security Software: McAfee Entercept and ePO, ISS RealSecure, ISS Guard, Surf Control E’mail Filter, Blue Coat ProxySG, Juniper NeoTeris SSL VPN, Checkpoint SecureClient/SecureRemote VPN, TrendMicro IMSS, Securify Enterprise Monitor, nCircle, ArcSight, NFR, Snort, ACID, Open SSH, TripWire, NMap, Nessus.
• Other Software: Apache 1.3.x – 2.2.x, Active Directory, Hyena 7, CVS, MySQL, Oracle, PostFix, Sendmail, Samba, PostgreSQL, Microsoft Office (2000, XP, 2007).
• Languages: Perl (& mod_perl), Powershell, HTML, CSS, Shell Scripting (DOS, Bourne, KSH, SH, CSH, TCSH).

PROFESSIONAL EXPERIENCE

2007 – Present
First National Bank – Overland Park, KS
Information Security Analyst

• Oversight of and responsible for awareness campaigns, auditing, policy compliance, and training for Kansas, Texas and some Iowa affiliate locations.
• Performed business hours and evening walk throughs of locations under area of responsibility on a regular basis to gauge Information Security Policy compliance.
• Primarily responsible for monthly enterprise wide newsletters on information security topics, including the following: Social Networking Security, Social Security Number fraud, Risks of Removable Media, Password Security, and Protecting Personal Information at Home.
• Participated in evaluation of technology to allow secure use of personal devices for enterprise messaging and calendar.
• Participated in evaluating vendors for PCI and HIPAA compliance.
• Perform regular audits of Active Directory account activity, network share security, installed applications against approved applications lists, patch level compliance and file level auditing using Nessus, Hyena, nCircle, MBSA, and a variety of custom built tools written in Perl and Powershell.
• Presentations at all employee, management and officer meetings on general information security topics and specific Information Security Policy points.
• Provide new hire orientation.

2003-2007
Gold Bank / Marshall & Ilsley Corporation – Overland Park, KS Senior Information Security Analyst

… Marshall & Ilsley Corporation

• Monitored, customized, and supported the IDS monitoring system, NFR, the distributed network scanning system nCircle, and the enterprise log aggregation tool, Arcsight. Built and deployed custom ArcSight agents for log collection for log exports in text format from external applications.
• Created monthly executive reports using Excel from several variant data sources, including Surf Control, nCircle, McAfee Enterprise Policy Orchestrator, Crystal Reports, and Lotus mail files parsed with custom perl scripts.
• Responsible for researching and coordinating the eventual enterprise installation of a centrally managed password and document storage system as well as an enterprise encryption solution for protecting data both in transit and at rest.

… Gold Bank

• Responsible for monitoring, configuring and maintaining enterprise network security, including perimeter and internal firewalls (Checkpoint NG and Juniper Netscreen 208s), IDS and HIDS installations, client-based and clientless VPN, regular and ad hoc scanning of the network.
• Installed and maintained three FreeBSD based snort sensors that report to a central database store. Used ACID to monitor and maintain event database and reports.
• Wrote corporate security policies, and accompanying technical policies for IIS Site Protector, McAfee Entercept and Microsoft Active Directory.
• Worked with federal examiners and audit firms to ensure all GLBA and SOX requirements were met. Worked with external penetration testing firms to expose vulnerabilities and validate fixes.
• Built custom vulnerability scanning tools in perl for regular Windows account auditing.
• Built custom Checkpoint log reporting tools in perl.
• Additional duties included assisting the IT Help Desk in troubleshooting network, server and application issues as related to both security and general productivity. This included availability and configuration issues with Windows 2000 and 2003 IIS, SQL Server 2000, and a wide variety of operating systems issues.

01/2001-11/2001
eScout LLC – Lees Summit, MO
CVS/Apache Administrator

• In charge of implementing and maintaining CVS and Apache across 5+ Sun Solaris 5.6/8 and VA Linux servers.
• Responsible for all Apache configuration and performance issues.
• Involved in the design and implementation of a code migration schedule and structure that involved three tiers (development, QA/QC, and production).
• Developed a collection of perl and shell scripts to partially automate code migration through this schedule. Began work to consolidate the various and separate scripts into one cohesive application, and to convert the three tiered migration structure to a four tier (development, QA/QC, staging, production) structure to better handle emergency releases and bug-fixes.

1997-2000
UMB Bank – Kansas City, MO
Internet Services Programmer/Analyst

• HTML/graphic design with emphasis on usability design.
• Applications programming using perl.
• Systems administration with a focus on the Apache web server.

5/1996 – 4/1997
University of Kansas – Lawrence, KS
Web Assistant

• HTML coding of University Relations web site, including undergraduate catalog, and news releases. Began implementing web site/database integration utilizing Lasso and Filemaker Pro 4.

1/1996 – 4/1997
University of Kansas – Lawrence, KS
Consultant/Help Desk

• Extensive customer interaction, Macintosh and Windows troubleshooting, helping with Windows95 Slip and PPP connectivity, and general software and hardware troubleshooting.

1/1997 – 5/1997
University of Kansas – Lawrence, KS
KUfacts Interim Web Administrator

• Answering any and all e’mail to the KUfacts administrative accounts, handling issues such as inappropriate use of server resources, server upkeep, site maintenance and upkeep, and working with various individuals, departments and organizations in keeping the site up to date.

PROFESSIONAL TRAINING

December 2003 – SANS Conference – Washington, DC
SANS Track 5: Securing Windows using Active Directory

April 2005 – FishNet Security – Kansas City, KS
AccessData Ultimate Toolkit Bootcamp

August 2005 – FishNet Security – Kansas City, KS
Netscreen Firewalls

August 2006 – ArcSight – San Francisco, CA
ArcSight Log Aggregation Tool

EDUCATION

1990-1997 – University of Kansas – Lawrence, KS
- 3 Years Illustration and Graphic Design
- 1 Year Computer Engineering
- BSW from the School of Social Welfare