Russell K.
Oswego Place NE,
Seattle, WA
Preventing Problems through Extraordinary
Service
Innovative, conscientious, accomplished
and creative Senior Security Analyst with over years experience in
telecommunication information systems. Responsible for implementation
of security policies which would ensure availability, confidentiality,
integrity and authenticity of information.
Work Experience
Census, U.S. Department of Commerce,
current
• Field work.
Verizon,
• Performed risk analysis and
application penetration tests.
• Assembled data classification,
data flows, port scans, application penetration test results, vendor
responses, network diagrams for application reviews.
• Represented application teams
when security questions arose regarding their applications.
• Tested applications for security
vulnerabilities including web applications on Apache and IIS servers
and their XSS, CSRF and other vulnerabilities. Worked with application
teams to evaluate risk and mitigate vulnerabilities.
• Tested implementations for security
vulnerabilities.
• Coordinated security patch evaluation,
testing, implementation and monitoring.
Verizon Wireless,
• Implemented and maintained the
endpoint security applications: patch management, antivirus, and firewall.
• Evaluated and implemented information
leakage and metadata control measures.
• Coordinated security patch evaluation,
testing, implementation and monitoring.
• Reduced desktop visits for virus
repair by % by validating patch deployment, validating a resilient
antivirus infrastructure, blacklisting malware distributors, root cause
analysis “forensic analysis” of malware detected and reporting
undetected malware.
• Mined SQL database of system
configurations for anomalous services, files and settings, as confirmation
of defenses IDS.
• Cut annual endpoint security
expenditures from $ . million to $ ,.
• Collected over one hundred previously
undetected malware samples which were used by antivirus vendors to improve
their products.
• Collected over two hundred previously
undetected malicious web sites, which antivirus vendors used to improve
their "cloud" defenses.
• No virus outbreaks. No network
outages related to malware. In the last five years, there has been no
need for an emergency response procedure due to a malware outbreak.
• Selected desktop management
system Microsoft SMS. Specified costs and benefits and alternatives,
received budget approval. Selected vendor, coordinated implementation.
Delivered on time, on budget, met benefits expectations.
Pacific Northwest Bell to US West to
Airtouch to Vodafone to Verizon,
• COBOL and PL/ programmer including
software distributed nationally trained in structured development,
structured testing and Systems Development Lifecycle SDLC
• mainframe disk space coordinator
performing data classification
• C++ programmer for application
development framework system at USWest
• implemented Microsoft Systems
Manager Server SMS for USWest New Vector Group
Certifications
CISSP, ISC, October
Certified Computer Examiner, International
Society of Forensic Computer Examiners, October
Education
Western Washington University, BA,
Bachelor of Arts Western Washington
University majors in Philosophy, Psychology, Computer Science
North Seattle Community College
Accounting
Seattle University MBA program
Project Management and Quality training
through US West, NewVector, Airtouch and Verizon Wireless
Additional Information
See blog at
Contributor to "Microsoft's Guide
to Security Patch Management".
Hacker training through Foundstone
Member of InfraGard and OWASP
