uncompiled.com

Resume

Professional Experience

NetWorks Group [Sep. 2011 - Present]
Senior Consultant - Ann Arbor, MI

Ethical Hacking (web application security assessments, code audits, internal/external penetration testing, architecture reviews)
Development of Ruby software for backup management, change management, credential storage, and document management
Creation of customer RFP responses; technical review and guidance for Statements of Work; pre-sales engineering for solutions
Defined missing company processes, vetted applicable technologies, and guided successful implementation and usage

MNX Solutions [Oct. 2010 - Sep. 2011]
Senior Linux Systems Administrator - Monroe, MI

Cloud computing and information security specialist for customer accounts; proposal development and pre-sales engineering
Development of automation practices, configuration management, metrics, and deployment of custom code for clients
Management of various separately-maintained customer infrastructures totaling over 500 production servers
Leadership of junior employees including task assignment, overseeing project progress, and career development

ePrize, LLC [Nov. 2009 - Oct. 2010]
Linux Systems Administrator - Pleasant Ridge, MI

Subject Matter Expert (SME) for cloud computing; architect and lead administrator for deployment of Amazon EC2 infrastructure
Development of 22 Puppet modules for automation of configuration management service for cloud computing servers
Created & leads company information security meet-up and internal company mailing list for information security questions
Successful deployment of ad-hoc scalable infrastructure that withstood two Super Bowl advertised digital promotions at once

Orange Creative Solutions [May 2009 - Nov. 2009]
PHP Programmer/DBA/Systems Administrator - Keego Harbor, MI

Created Debian-based development infrastructure utilizing Subversion, Apache, Trac, MySQL & phpMyAdmin
Rebuilt the company's primary revenue website from static HTML to a fully dynamic 70 table, 55,000 record database-driven site
Developed company documents to structure project planning and deployment based around the SDLC

Aegis Data Security [Feb. 2008 - May 2009]
Web Developer/Linux Administrator - Dearborn, MI

Managed up to six company projects at a time, self-monitoring progress and goals
Developed a hardened Linux operating system for deployment on the product's server appliance
Created a complex object-oriented PHP server administration web site, integrating with the appliance's services

University of Michigan [Jul. 2007 - Aug. 2008]
UNIX Systems Administrator - Dearborn, MI

Replaced over 85% of systems infrastructure during a five month period, providing a smooth transition for users
Integrated OpenAFS, Kerberos, and LDAP in a mixed Solaris, Windows, and Mac environment
Created departmental policies and procedures, inline with University standards
Developed and implemented a server visualization and issue notification system using SNMP, Cacti, and Nagios

Eastern Michigan University [Dec. 2003 - Jul. 2007]
Senior Technician/Junior Network Administrator - Ypsilanti, MI

Created a FreeBSD-based file server for usage of staff/faculty complete with detailed technical documentation
Provided comprehensive end-user computer troubleshooting, network diagnostics, and internal web application development
Managed a staff of up to 12 student employees including scheduling, task-assignment, and general mentoring

Xzibition Data Communications [Feb. 2002 - Apr. 2003]
UNIX Systems Administrator - Telecommute (OH)

Deployed four servers running FreeBSD to service 500 customers and provided technical support via IRC, e-mail, and phone
Implemented Mandatory Access Controls, Port ACLs, event auditing, IPFW, process accounting to support information security
Custom BASH and PERL code to provide log aggregation and parsing for threat identification

Education

Eastern Michigan University

M.S. Technology Studies (Information Assurance) (4.00/4.00 GPA) [May 2009 - Dec. 2011]
B.S. Networking and IT Administration (3.24/4.00 GPA) [Aug. 2003 - Aug. 2007]

Certifications

(ISC)^2 Certified Information Systems Security Professional (CISSP) [03/01/2012]
Cloud Security Alliance 'Cloud Computing Security Knowledge' Certification [09/21/2010]
CompTIA Security+ [01/19/2006]
CompTIA Linux+ [05/07/2004]

Technical Skills

Server Software: Apache, Tomcat, Passenger, BIND, Courier, Dovecot, Postfix, QMail, Spam Assassin, SNMP, Nagios, Cacti, Munin, MySQL, PostgreSQL, OpenAFS, NFS, Samba, Kerberos, LDAP, Puppet, CFEngine, MCollective, IPTables, Foreman
Operating Systems: Windows Server 2003 & 2008, Mac OS X, Linux (Various), FreeBSD, Solaris 8-10, Junos, ScreenOS, IOS
Programming Languages: OOP PHP 5, Ruby, SQL, BASH, AutoIT, PERL, Javascript, CSS, XML, XHTML

Honors

University of Michigan - Outstanding Service Award (2008)
Business Professionals of America - Cisco Systems CCNA Competition, 1st Place (2003)
Science and Engineering Fair of Metro Detroit - Computer Science, 1st Place Team (2002)
Intel International Science and Engineering Fair - IEEE Computer Society, 1st Place Team (2002)

Professional Organizations

Open Web Application Security Project (OWASP): Detroit Chapter [2012 - Present]
ISSA Motor City [2012 - Present]
Cloud Security Alliance (CSA): Southeast Michigan Chapter [2011 - Present]
MiSec: Michigan Security Meet-Up [2011 - Present]
ARBSEC: Ann Arbor Security Meet-Up [2010 - Present]
InfraGard [2009 - Present]

Volunteering

Make a Wish Foundation - Fundraiser Walker - 2012
Security B-Sides: Detroit - Registration Desk - 2012
Susan G. Komen, 3-Day Walk - Fundraising & Walker - 2010
Susan G. Komen, Detroit Race for the Cure - Runner - 2009
American Cancer Society, Relay for Life - Fundraising & Walker - 2008
Eastern Michigan University, Help Desk Fall Move-In - Field Technician - 2007, 2008, 2009
Leukemia & Lymphoma Society, Light the Night - Fundraising amp; Walker - 2006, 2007
Northern Ohio Technological Advancement Conference (NOTACON) - Core Organizer - 2003, 2004, 2005

Presentations

How I Became an iOS Developer for Fun and Debt

04/2013: Penguicon 2013
04/2013: NOTACON 10

So You Want to Hire a Penetration Tester?: 10 Tips for Success

04/2013: ISSA Motor City

Keeping the Cloud Promise: Infrastructure Agility with a DevOps Toolchain

08/2012: CloudDevelop

Core Linux Security: 0-Day Isn't Everything

05/2013: Great Lakes InfraGard Conference
05/2013: MiSec
07/2012: Detroit Linux Users Group
07/2012: Metro Detroit Linux Users Group
04/2012: Penguicon 2012
11/2011: Eastern Michigan University, IA Student Association

"It's Just a Web Site": How Poor Web Programming is Ruining Information Security

05/2013: Stir Trek
04/2013: Penguicon 2013
03/2013: GrWebDev
03/2013: GRDevDay
11/2012: 1DevDay Detroit
05/2012: ISSA Motor City
11/2011: MiSec
09/2011: Great Lakes InfraGard Conference

Cloud Disaster Recovery: Leveraging Cloud Computing for Cheap Hot Sites

05/2012: Stir Trek
04/2012: Penguicon 2012
03/2012: Detroit Day of Azure
10/2011: Washtenaw Linux Users Group
05/2011: Metro Detroit Linux Users Group

Cloud Computing: Let's Clear the Air

10/2011: DetroitDevDays
05/2011: Michigan HTCIA

Development Operations: Take Back Your Infrastructure

Being a Puppet Master: Automating Amazon EC2 with Puppet & Friends

04/2011: Penguicon 2011
04/2011: NOTACON 8
12/2010: Washtenaw Linux Users Group
09/2010: Greater Detroit Cloud Computing User Group

It's Vulnerable... Now What?: Three Tales of Woe and Remediation

09/2011: GrrCon
06/2011: Security B-Sides Detroit
04/2011: NOTACON 8
02/2011: Eastern Michigan University, Information Assurance Club

What's a Linux?: Creating & Teaching College Courses at 24

04/2010: NOTACON 7

Get Smart[y]: The Smarty Template Engine for PHP

04/2005: NOTACON 2

Miscellaneous

08/2012: Panelist; "Reaching for the Clouds: What Every Small Business Should Consider" at Automation Alley
08/2012: Panelist; "Cloud Computing" at CloudDevelop
11/2011: Panelist; "Cloud Computing in Business" at IAPP KnowledgeNet: Detroit
05/2010: Moderator; "Cloud Security" at Cloud Camp: Detroit

Vulnerabilities

Publications

Graduate Research

Technical Documentation

Blog Posts

NetWorks Group

Failing Gracefully: Using AWS for Web Site Failover - 05/13/2013
Configuration Backups for Enterprise Business Continuity - 04/29/2013
Hiring an Ethical Hacker: Tips for Success - 04/23/2013
Drupal Deployment Security Hardening - 04/16/2013
Another Certificate Authority (CA) Blunder; No Hack Required - 11/04/2011
Mitigating the Risks of Poor Web Programming - 10/18/2011
Cloud Should Not Be Spelt FUD - 10/13/2011
Security Folks on Twitter Who Deserve Attention - 10/11/2011
American Express Leaves a Door Wide-Open - 10/06/2011
Two-Factor Authentication for MediaWiki with Duo Security - 10/04/2011
Don’t Miss Out on National Cyber Security Awareness Month - 09/29/2011
Browser Exploit Against SSL/TLS (BEAST)—Another Blow to Browser Security - 09/27/2011

MNX Solutions

Two Factor SSH Authentication with Duo Security - 05/13/2011
Safari providing an SSL error "client certificate rejected" when other browsers work - 03/21/2011
Automatically purge old configuration from Nagios deployed by Puppet - 02/16/2011
MNX Solutions YUM Repository: Puppet, mCollective, ActiveMQ, Foreman, & More - 02/01/2011
Infrastructure Management: Part #2, mCollective - 01/17/2011
Infrastructure Management: Part #1, Puppet - 12/31/2010
Hiring a PHP Programmer: Part #3, Frameworks & Licensing - 11/27/2010
Hiring a PHP Programmer: Part #2, Code Organization & Commenting - 11/15/2010
Hiring a PHP Programmer: Part #1, SQL Security - 11/10/2010

Press Quotes

Cloud computing gains steam, but questions remain

Interviews

B-Sides Detroit 2013 Podcast

Teaching

Eastern Michigan University

NITA 212: Open Source Platform and Network Administration - Fall 2009; Winter 2010
Labs: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11
Slides: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11

NITA 412: Linux Security Administration - Winter 2010; Fall 2010; 2x Winter 2011
Labs: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
Slides: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9

ITT Technical Institute

IT 250: Linux Operating System - Fall 2009