Professional Experience

NetWorks Group [Sep. 2011 - Present] 

Senior Consultant - Ann Arbor, MI

• Development of Ruby-based internal operations software for backup management and change management processes
• Creation of customer RFP responses; technical review and guidance for Statements of Work
• Backup automation software development for over a dozen individual software types to support customer devices
• Web application vulnerability assessments for customers; security recommendations for customer processes
  

MNX Solutions [Oct. 2010 - Sep. 2011] 

Senior Linux Systems Administrator - Monroe, MI

• Cloud computing and information security specialist for customer accounts; proposal development and pre-sales engineering
• Development of automation practices, configuration management, and deployment of custom code for customers
• Management of various separately-maintained customer infrastructures totally over 500 production servers managed
  

ePrize, LLC [Nov. 2009 - Oct. 2010] 

Linux Systems Administrator - Pleasant Ridge, MI

• Subject Matter Expert (SME) for cloud computing; architect and lead administrator for deployment of Amazon EC2 infrastructure
• Development of 22 Puppet modules for automation of configuration management service for cloud computing servers
• Created & leads company information security meet-up and internal company mailing list for information security questions
• Successful deployment of ad-hoc scalable infrastructure that withstood two Super Bowl advertised digital promotions at once

Orange Creative Solutions [May 2009 - Nov. 2009] 

PHP Programmer/DBA/Systems Administrator - Keego Harbor, MI

• Created Debian-based development infrastructure utilizing Subversion, Apache, Trac, MySQL & phpMyAdmin
• Rebuilt the company’s primary revenue website from static HTML to a fully dynamic 70 table, 55,000 record database-driven site
• Developed company documents to structure project planning and deployment based around the SDLC
  

Aegis Data Security [Feb. 2008 - May 2009] 

Web Developer/Linux Administrator - Dearborn, MI 

• Managed up to six company projects at a time, self-monitoring progress and goals
• Developed a hardened Linux operating system for deployment on the product's server appliance
• Created a complex object-oriented PHP server administration web site, integrating with the appliance's services

University of Michigan [Jul. 2007 - Aug. 2008]

UNIX Systems Administrator - Dearborn, MI

• Replaced over 85% of systems infrastructure during a five month period, providing a smooth transition for users
• Integrated OpenAFS, Kerberos, and LDAP in a mixed Solaris, Windows, and Mac environment
• Created departmental policies and procedures, inline with University standards
• Developed and implemented a server visualization and issue notification system using SNMP, Cacti, and Nagios

Eastern Michigan University [Dec. 2003 - Jul. 2007]

Senior Technician/Junior Network Administrator - Ypsilanti, MI

• Managed staff of up to 12 student employees
• Created a FreeBSD-based file server for usage of staff/faculty. Wrote detailed technical documentation.
  

Xzibition Data Communications [Feb. 2004 - Apr. 2005]

UNIX Systems Administrator - Telecommute (OH)

• Deployed four servers running FreeBSD to service 500 customers and provided technical support via IRC, e-mail, and phone
• Implemented Mandatory Access Controls, Port ACLs, event auditing, IPFW, process accounting

Collegiate Teaching

Eastern Michigan University [Sep. 2009 - May 2011]
Adjunct Lecturer - Ypsilanti, MI

• Open-Source and Platform Network Administration (2 Semesters)
• Linux Security Administration (4 Semesters)

Education

Eastern Michigan University 

M.S. Technology Studies (Information Assurance) (4.00/4.00 GPA) - [May 2009 - Dec. 2011]
B.S. Networking and IT Administration (3.24/4.00 GPA) - [Aug. 2003 - Aug. 2007]

Certifications

• (ISC)^2 Certified Information Systems Security Professional (CISSP) [03/01/2012]
• Cloud Security Alliance ‘Cloud Computing Security Knowledge’ Certification (09/21/2010)
• CompTIA Security+ (01/19/2006)
• CompTIA Linux+ (05/07/2004)

Technical Skills/Knowledge

UNIX Server Software: Apache, Tomcat, Passenger, BIND, Courier, Dovecot, Postfix, QMail, Spam Assassin, SNMP, Nagios, Cacti, Munin, MySQL, PostgreSQL, OpenAFS, NFS, Samba, Kerberos, LDAP, Puppet, CFEngine, MCollective, IPTables, Foreman
Operating Systems: Windows Server 2003 & 2008, Mac OS X, Linux (Various), FreeBSD, Solaris 8-10, Junos, ScreenOS, IOS
Programming Languages: OOP PHP 5, Ruby, SQL, BASH, AutoIT, PERL, Javascript, CSS, XML, XHTML

Presentations

• EMU Information Assurance Club - Core Linux Security: 0-Day Isn’t Everything [Nov. 2011]
• MiSec Meet-Up - “It’s Just a Web Site: How Poor Web Programming is Ruining InfoSec. [Nov. 2011]
•  IAPP KnowledgeNet: Detroit - Panelist; “Cloud Computing in Business” [Nov. 2011]
• Washtenaw Linux Users Group - “Cloud DR: Leveraging Cloud Computing for Cheap Hot Sites” [Oct. 2011]
•  DetroitDevDays -  “Cloud Computing: Let’s Clear the Air” [Oct. 2011]
• InfraGard Great Lakes Fall Conference - “It’s Just a Web Site: How Poor Web Programming is Ruining InfoSec. [Sep. 2011]
•  GrrCON 2011 - “It’s Vulnerable... Now What? Three Tales of Woe and Remediation” [Sep. 2011]
•  CloudDevDay Detroit 2011 - “Development Operations: Take Back Your Infrastructure” [Jun. 2011]
•  Security B-Sides Detroit - “It’s Vulnerable... Now What? Three Tales of Woe and Remediation” [Jun. 2011]
•  Metro Detroit Linux Users Group - “Cloud DR: Leveraging Cloud Computing for Cheap Hot Sites” [May 2011]
•  Michigan HTCIA - “Cloud Computing: Let’s Clear the Air” [May 2011]
•  Penguicon - “Development Operations: Take Back Your Infrastructure” [Apr. 2011]
•  Penguicon - “Being a Puppet Master: Automating Amazon EC2 with Puppet & Friends” [Apr. 2011]
• NOTACON 8 - “It’s Vulnerable... Now What? Three Tales of Woe and Remediation” [Apr. 2011]
• NOTACON 8 - “Being a Puppet Master: Automating Amazon EC2 with Puppet & Friends” [Apr. 2011]
• Indiana Linuxfest - “Development Operations: Take Back Your Infrastructure” [Mar. 2011]
• EMU Information Assurance Club - “It’s Vulnerable... Now What? Three Tales of Woe and Remediation” [Feb. 2011]
• Washtenaw Linux Users Group - “Being a Puppet Master: Automating Amazon EC2 with Puppet & Friends” [Dec. 2010]
• Detroit Cloud Computing Group - “Being a Puppet Master: Automating Amazon EC2 with Puppet & Friends” [Sep. 2010]
•  Cloud Camp: Detroit - Moderator; “Cloud Security” [May 2010]
• NOTACON 7 - “What’s a Linux: Creating & Teaching College Courses at 24” [Apr. 2010]
• NOTACON 2 - “Get Smart[y]: The Smarty PHP Template Engine” [Apr. 2005]

Vulnerability Research

• ‘WSN Links’ - SQL Injection Vulnerability; CVE-2010-4006
• ‘Free Simple Software’ - SQL Injection Vulnerability; CVE-2010-4298
• ‘Orbis CMS’ - Arbitrary Script Execution Vulnerability; CVE-2010-4313
• ‘Pulse CMS Basic’ - Local File Inclusion Vulnerability; CVE-2010-4330
• ‘Pointter PHP CMS’ - Unauthorized Privilege Escalation; CVE-2010-4332
• ‘Pointter PHP Micro-Blogging Social Network’ - Unauthorized Privilege Escalation; CVE-2010-4333
• ‘Seo Panel’ - Cookie-Rendered Persistent XSS Vulnerability; CVE-2010-4331
• ‘Quick Polls’ - Local File Inclusion & Deletion Vulnerabilities; CVE-2011-1099
• ‘Andy’s Knowledgebase’ - SQL Injection Vulnerability; CVE-2011-1546

Honors

• University of Michigan  - Outstanding Service Award (2008)
• Business Professionals of America - Cisco Systems CCNA Competition, 1st Place (2003)
• Science and Engineering Fair of Metro Detroit - Computer Science, 1st Place Team (2002)
• Intel International Science and Engineering Fair - IEEE Computer Society, 1st Place Team (2002)

Professional Organizations

• Detroit Cloud Computing User Group (2010 - Present)
• MiSec: Michigan Security Meet-Up (2011 - Present)
• ARBSEC: Ann Arbor Security Meet-Up (2010 - Present)
• InfraGard (2009 - Present)
• High Technology Crime Investigation Association (2009 - Present)