W. Joel Gridley
Total Page:16
File Type:pdf, Size:1020Kb
W. Joel Gridley 70 Northview Drive Glenside, PA 19038 (267)760-7606 [email protected] Overview: I have a depth and breadth of exposure to many different types of applications, systems, and architectures, as well as getting these disparate components to work together efficiently.
In addition to technical experience, I have worked in leadership roles periodically throughout my career acting as project manager, engagement manager, mentor, technical lead, shift supervisor, and product manager.
Professional Experience:
-Broadview Networks, King of Prussia, PA Oct. 2009-Feb. 2014 -Senior Security Engineer; Provided Tier III support of EOL/EOS Cisco security products and services. Developed online tools and SOPs for the provisioning department to follow for Industry Best Practice, responsible for the care and feeding of legacy equipment while also responsible for the development and lobbying of Next Generation services to conform with internal policy. Savior of several managed security customers using common sense, security acumen, security best practices, and neurologic linguistic programming. Worked with both Sales and Marketing to develop new security products and services.
-SunGuard Availability Services, Wayne, PA Nov. 2008-Jul. 2009 -Senior Security Consultant; Compliance consultant responsible for assessing multiple industry compliance, and providing guidance to achieve that compliance within the boundaries of budget specifications. Duties included network and physical penetration testing for PCI/DSS, HIPAA, SBX, GBL, FDIC, NCUA, FFIEC, FERPA, NERC, CIP.
-PJM Interconnections, Norristown, PA Mar. 2007-Aug. 2007 -Senior Security Analyst (contract); 6 month contract position aligning legacy enterprise network into compliance with NERC and CIP standards. Tasks including establishing a security awareness program, developing processes for tracking action items discovered during self scanning through the Tenable Nessus vulnerability scanner and Symantec Enterprise Security Manager (ESM), and providing guidance to the CSO for security related expertise.
-AT&T Professional Services, Tewksbury, MA Sept. 2006-Jan. 2007 -Senior Security Consultant; Provided consultation, analysis, recommendations and assessments of security process, policies, and architecture. Developed detailed deliverables intended for everyone from “C” level management to technical personnel for the purposes of communicating engagement findings, recommendations, or analysis results.
-Message Secure Corporation, Lowell, MA Apr. 2005-Sept. 2006 -Security Architect; Provide third level support to the customer support organization, provide backstop for IDS console monitoring, create, present, and support integrated security solutions on the Solaris based managed services. Create network diagrams in support of sales operations, perform installations, upgrades and other consulting for customers. Provide on-call after hours support for both client support as well as IDS monitoring. Responsible for performing the functions of internal audit. Researched the integration of Blade Logic, Big Fix, and other compliance applications into the support and operations architecture to satisfy FFIEC requirements.
-Tufts University, Somerville, MA Feb. 2002-Apr. 2005 -Network, Systems Security Administrator; Authored, lobbied, and implemented policy, procedure, and technologies to ensure enterprise compliance with several federal mandates including FERPA, HIPAA, GLB, “Reg E” and SEVIS. Provided system security administration on Solaris, FreeBSD, Cisco network equipment, and Foundry network devices. Developed a method of network intrusion detection that fit the academic environment, and allowed enforcement of security policies. Worked with the campus police, providing support, expertise and occasional forensics when required. Organized a high-level policy review committee involving directors and deans representing all organizations within the university for the discussion and creation of university security philosophies. Created a system of notification in which security issues could be clearly and rapidly communicated across the university to system administrators and data stewards.
-Callisma, Wakefield, MA Mar. 2000-Jan. 2002 -Consultant; Responsible for a wide variety of assignments, using a proprietary methodology, primarily focusing on a personal specialty of network security. Provide support as a subject matter expert for co-workers on topics of firewalls, security policy and procedures, and information security. Responsible for developing tools and best practice templates for internal use on future engagements. Attended several lectures on both HIPPA/HIPAA and GLB, and in turn lectured on both topics for intra-company training. -Callisma (continued) -Irvine, CA Firewall Assessment Developed and employed a documented protocol for conducting both intrusive and non-intrusive penetration tests. Analyzed the resulting data to formulate suggested ‘best practices’ for firewall and perimeter router deployment, disposition, policy, and software configuration. Responsible for using this same methodology to assess the security status of server and workstation standardized images, and with internal departmental firewalls, routers, and switches. Raptor Firewalls Microsoft Windows 2000 (professional and server) HFNetChk application Nessus, Nmap, Firewalk, and Whisker probe applications -Manhattan, NY IDS Evaluation Entrusted by the holding company of several major financial institutions, insurance brokers, and risk management agencies to advocate on their behalf to establish a documented set of requirements and present these requirements to intrusion detection software vendors participating in the evaluation of their products. Required to run each product through a documented evaluation, and present a recommendation based on documented findings of suitability. In tandem with the IDS evaluation, responsibility also included developing a disaster recovery/business continuity plan. This plan was successfully implemented and proven during the September 11th attack on the world trade center. Enterasys Dragon, NFR, eTrust, Snort, Cisco Secure Scanner, and ISS RealSecure IDS. Lotus Notes architectures FreeBSD, NetBSD, Windows 2000 Server. HPOpenview, CSPM Checkpoint 5.0/2000(next generation beta) Nokia Business Continuity Planning Disaster Recovery -Andover, MA Security Ops Management Assisted a client in bringing it’s managed firewall service to it’s customers in- house and developing it’s own security operations department. This included determining the proper personnel to recruit, required or desired skill sets, developing and documenting all operational procedures, and earning a reputation of confidence and trust between the new department and the firewall customers, and with the other established departments through service delivery, accountability, and meeting deadlines. PKI, VPN, vLAN, IPSec Solaris, Nokia Checkpoint, PIX Arrowpoint (CSS) VRRP, HSRP -Callisma (continued) -Manhattan, NY Security Policy Development Junior contributor to a team of consultants working on a standard to measure the information security posture within an organization. Similar to the BC 7799 and the ISO IEC 1779-1, but broader in scope and more detailed in what it measured. Citigroup’s ISEM Audit, Assessment -Waltham, MA Server Configuration Built and configured a secure proxy server using custom shell scripts developed and tested during this engagement to conform to expressed security and monitoring specifications. During this engagement, responsibility also included observing daily operations, and suggesting improvements for optimization, security, and accuracy. Caldera, OpenBSD Perl Assessment SonicWall, NetScreen -Woburn, MA Incident Response Performed an Emergency Incident Response and conducted system forensics on a system suspected of being compromised. This was followed by a complete rebuild of the compromised transaction server, and design of a security architecture to enable the client to develop a security policy and enforce it properly. WindowsNT HFNetChk -Boston, MA Network Upgrade and Redesign Installed and upgraded several Nokia and Solaris based Checkpoint Firewall-1 modules in a far-flung WAN financial environment. Also presented a comprehensive OSPF network redesign for consideration. During the installation and upgrade process, several techniques of system hardening were documented and taught to the customer. Checkpoint Firewall-1 Solaris, Nokia WAN OSPF, VRRP, HSRP Windows 2000 Professional
-BBN (GTEi), Burlington, MA Oct. 1998-Mar. 2000 -Network Support Analyst; Responsible for providing network analysis and technical support to commercial BBN customers for problem resolution primarily across layers 2, 3 and 4 of the OSI model. Fulfilled configuration requests for BGP routing on multi-homed connections and multi-protocol translations. Coordinated with the NOC to implement filters on sites undergoing suspected denial of service attacks, and back tracing the packets across the backbone to the point of origin if required by the customer’s security policy. -Site Patrol Engineer; Responsible for the administration, configuration, and active monitoring of over 500 managed Gauntlet, Checkpoint FW-1, and WatchGuard firewalls for BBN customers. Initiated a change in the procedures followed for intrusion detection and reporting to improve BBN’s ability to detect and prosecute suspected security incidents. Responsible for implementing filters as needed or requested by the customer. Education/Certifications:
-Information Systems Audit and Control Association Jul. 2005 (CISA) (Lapsed) -American College of Forensic Examiners Jul. 2004 (FACFEI)(Lapsed) -Certified Information Systems Security Professional Jan. 2002 (CISSP)(Lapsed) -Neural Linguistic Programming (NLP) Apr. 2001 Practitioner -Cisco Certified Network Associate, Sept. 1999 (CCNA)(Lapsed) -United States Navy, Pensacola, FL Jan. 1986-Apr. 1990 Cryptologic Combat Support Technician “A” School