Resume in Word format - edandmonique.org by tlyaappjdlag

VIEWS: 90 PAGES: 6

									By 8700 Cretys Cove                                                                                        (512) 636-9426
Austin, Texas 78745                                                                                  edavison@gmail.com

                                                 Edward Davison




1 Professional Profile
I am a professional systems and network administrator with experience in Linux, Solaris, AIX, HP-UX, BSD, Windows NT,
Windows 2000, Windows 2003, CISCO switches and network performance analysis. I have extensive experience with IT
security including intrusion detection, intrusion prevention, vulnerability assessment, penetration testing, network packet
capture and analysis, forensic analysis and patch management. As an experienced database administrator, I have worked
with Oracle, MS SQL Server, MySQL, PostgreSQL, DBASE and flat-file data storage.
    • Linux/Unix                                                  • IDS/IPS
    • Windows 2000/2003                                           • Oracle/MS-SQL Server/MySQL
    • IT Security                                                 • PERL
As a network and system administrator with significant database and security background, I continue to seek jobs where I
can work in a challenging environment and grow and gain strength with my IT skills.

2 Career History
IT Consultant                                                                                     April 2007 – Present
Self Employed (Clients: County Line, Inc., Sutdio8 Architects, Fortis Software, STG Architects, Medical Accountability
Network, SportClips, Inc., Barram Software)
    • Consulting Services with a number of clients to include the following:
          • Microsoft Windows Server administration
          • Microsoft Exchange troubleshooting and maintenance
          • Network and Domain configuration and administration
          • Linux server installation and maintenance
          • Linux Email server installation and maintenance
          • Security Consulting including Penetration Testing and Vulnerability Assessments
          • Database Developer with SQL Express 2005
          • Website design, programming and implementation including interface with database for dynamic display of
              data
Security Analyst                                                                                    Dec 2006 – April 2007
Emagined Security, consulting at VISA USA
        Performed IT Security Penetration Testing for both OS and Web Applications looking for vulnerabilities and
         violations of both best practices and corporate technical guidelines. Techniques and methodologies included: Brute
         force password cracking, HTML form field validation, HTML form field fuzzing, HTML form hidden field
         manipulation, HTML parameter manipulation, SQL Injection, Blind SQL Injection, SQL Fuzzing, use of proxy
         software to inspect and inject HTML, cross-site scripting, Javascript script injection, spidering of website for
         offline analysis, comment analysis for filenames, password, access points, hidden files, and program flow, privilege
         escalation, authentication validation, cookie analysis, MIME decoding. Infrustructure testing included Nessus,
         nmap, amap and other OS-related scanning tools.
        Used various automated and manual testing tools and procedures to perform ethical hacking and validation testing
         of fixed issues as needed including SPI Dynamics Webinspect, Paros Proxy, httrack, wikto, Nessus, WebScarab,
         SPIKE Proxy.
        Wrote technical reports to convey the findings to the client (project manager and development team) and
         researched technical and vulnerability issues as needed.
Sr. Systems Analyst                                                                                      Feb 2001 – Dec 2006
McCombs School of Business, University of Texas at Austin
        Worked with central IT web application team to implement Watchfire Appscan software automated web
         application testing software for all new applications being deployed withing the McCombs School of Business. I
         was responsible for working with the application development team lead and the webmaster to report and resolve
         any security-related issues detected by the Appscan application as well as any infrastructure-related issues (such as
         invalid SSL certs or no SSL) on the webserver used to host the web application.
        Installation and administration of Linux, OpenBSD and Sun Solaris systems. Currently maintaining and patching
         ten Linux systems used for a number of security and database related tasks including several X-Windows desktop
         configurations. Also responsible for assisting in the system administration for two OpenBSD servers that run as our
         email gateway(s). I have been responsible in the past for the installation and administration of a number of Linux
         and OpenBSD systems used for security purposes including a MySQL server housing our Snort security database.
         We have run Oracle on Sun Solaris in the past and I was responsible for its installation and maintenance during the
         life of the server. Also assisted in the installation and system administration of an RS6000 running IBM AIX for
         Oracle database support.
        Network, router and switch management duties have been an increasing duty over the past several months. I have
         assisted in the installation and maintenance of Cisco switches (2950 /3550) as well as creating some custom
         management scripts (PHP/Perl) to manage the VLANs of these switches dynamically from a web page.
        Created and maintained central syslog server including log analysis tools to alert, via email, to any suspicious
         activity.
        For the past 2-3 years, I have had the primary responsibility for the operation and administration of several Tipping
         Point Intrusion Prevention System devices that sit inline and inspect all packets to/from our network for
         vulnerability and/or attack patterns. Those that match a profile are either dropped (blocked) or let through (and
         optionally logged). These devices keep our network secure and need to be tuned and analyzed as well as frequently
         updated and these are all my responsibility. We originally had a Unity 2000 and then switched that out for 5 2400’s
         and an SMS unit to manage them.
        Lead database administrator for MS SQL Server machines in the College of Business, UT Austin. I have been
         administering servers and programming SQL for both VBScript, Perl and ASP applications. Nearly all of the
         servers here are now running MS SQL Server 2000, including 2 failover clusters with SAN storage. We have used
         both Dell PowerVault 650 storage as well as our current Dell/EMC CX600 storage.
        Created a system to track lab computer usage and display free/busy systems graphically through an implementation
         of login scripts (using Windows AD Group Policy) and database storage of the information of login/logoff events.
         The web site that displays this can be found at
         http://www.mccombs.utexas.edu/services/cbacc/dbsupport/mil_lab_use.asp.
        Assisting in the collection and analysis of Snort IDS data as well as the implementation of SourceFire IDS sensor.
         We have had a bank of 3 Snort IDS sensors watching 19 subnets collecting alerts on all of the traffic in the entire
         College and storing it in a MySQL database (of which I am the db admin). I have written custom reporting tools for
        analysis top attackers, top signatures, geographic analysis (using GRASS) of source IP (example can be found at
        http://www.mccombs.utexas.edu/services/cbacc/dbsupport/snortdbinput/geo_ip_anal.pdf), packet dumps of the data
        and others. Most of the code here is written in Perl against the MySQL datastore. Further analysis experience with
        Ethereal, Sarah, Nessus and nmap have helped us to identify vulnerable machines on our network. When SQL
        Slammer was released and became and huge international problem, our Snort sensors helped us to find and locate
        all machines in our network that were infected and shut them down. It also helped us to locate machines elsewhere
        on campus that were infected and report them to central IT for handling.
       Maintained a security vulnerability scanning platform on Linux with Nessus that is used extensively to analyze
        network and system vulnerabilities in the College. Currently we are using it to identify systems that need the new
        MS04-007 patch installed and taking appropriate remediation actions to handle the located systems.
       Started coding for SnortDBInput to be able to analyze the data that I had been collecting in Snort as SnortSnarf was
        a good reporting tool but at the time did not read any data from anything but the Snort flat-files. I have been
        maintaining this for the life of the product so far and have had good response to this as well as requests for other
        database interfaces. I expanded the product form its initial MySQL interface so that it now also reads from
        PostgreSQL and Oracle.
       Oracle system and database administrator for Oracle 9i and Oracle Application Server. This is currently running
        IBM AIX on an IBM RS/6000 server. Primary use of Oracle at this time is for classroom/student support.
       MySQL system and database administrator running currently on Linux and OpenBSD for security and web-
        database applications.
Systems Analyst                                                                                          Aug 1997 - Feb 2001
McCombs School of Business, University of Texas at Austin
   • Lead database administrator for MS SQL Server machines in the College of Business, UT Austin. During this time
      period we started with MS SQL Server 6.5, upgraded to MS SQL Server 7.0 (after participating in the 7.0 beta
      program) and then moved to MS SQL Server 2000 when it came out (also participating in the beta program). Was
      responsible for the first cluster install of SQL Server in the College on 7.0 attached to Dell PowerVault 650 storage.
   • Oracle system and database administrator for Oracle 8i which then upgraded to Oracle 9i as well as several versions
      of Oracle Application Server. Used Oracle for research data manipulation that was beyond the scope of simple text
      tools to massage and clean several hundred Mb of data for a class teaching and research project. During this time
      period Oracle was running on many different platforms. Initially this was on a Sequent running Dynix OS, moved to
      Solaris Intel and finally ended up on IBM RS/6000 running AIX. I have also had an installation of Oracle running on
      Debian Linux for 4-5 years that I used for testing purposes and occasional web/database connectivity.
   • Programming activity related to retrieval and management of research data in a proprietary home-grown format.
      Access to this data was through FORTRAN libraries that we wrote here at the College of Business, UT Austin.
   • I was also writing custom applications in FORTRAN and C to do advanced research and data manipulation for
      researchers needing more than just our out-of-the-box data retrieval code.
   • Additional to that was the creation of indexes against this data by year using Perl and SAS allowing for faster data
      retrieval. The addition or Oracle and MS SQL Server at this time called for the “export” of this data into SQL,
      relational tables for import to SQL. I was responsible for the creating of the FORTRAN programs to do this and then
      the creation and import of the SQL tables.
   • Helped to create a web front-end to this SQL data using ASP (VBScript) on IIS. This was a menu-driven system that
      allowed the researcher to select the data tables, columns and search criteria he was interested in and then to see a
      small subset of the screen. If this data was of interest, the researcher could request the entire data to be created in
      download format and an email was sent telling them the download url when it was ready.
   • During this time I installed both SHADOW and Snort on machines that I used personally and started research into
      IDS technology. I got involved in its analysis and reporting as well as identification of hacked machines on both our
      network and remote networks.
Computer Programmer                                                                                Dec 1996 - Aug 1997
McCombs School of Business, University of Texas at Austin
  • Programming activity related to retrieval and management of research data in a proprietary home-grown format.
     Access to this data was through FORTRAN libraries that we wrote here at the College of Business, UT Austin.
  • I was also writing custom applications in FORTRAN and C to do advanced research and data manipulation for
     researchers needing more than just our out-of-the-box data retrieval code.
  • Additional to that was the creation of indexes against this data by year using Perl and SAS allowing for faster data
     retrieval.
Computer Programmer/Services Assistant                                                            May 1995 - Dec 1996
McCombs School of Business, University of Texas at Austin
  • Programming activity related to retrieval and management of research data in a proprietary home-grown format.
     Access to this data was through FORTRAN libraries that we wrote here at the College of Business, UT Austin.
  • I was also writing custom applications in FORTRAN and C to do advanced research and data manipulation for
     researchers needing more than just our out-of-the-box data retrieval code.
  • Additional to that was the creation of indexes against this data by year using Perl and SAS allowing for faster data
     retrieval.
Computer Programmer                                                                                      Dec 1990 - Jun 1992
Wetland Technologies, Inc, Houston, TX
  • CAD/mapping duties for all of our wetland projects to create the base maps, location maps, survey data, soil maps,
      delineate the areas that were determined to be wetland, design and create construction drawings for implementation
      of remediation of the wetland.
  • Technical report writing for each of these project and preparation of final presentation for client. This included
      collecting all of the site sample reports, scanning the photos of the site, production of maps for the report and final
      preparation and binding of the report.
  • Database administration duties that initially started with DBase to store all of our plant, soil, site info and other data
      used to make wetland determinations. Later moved this data to Oracle and write Windows 3.0/3.1 programs to access
      this data and retrieve data based on search criteria. Started to work on an Expert System to help with the
      determination and analysis process but found the technology and software available to be insufficient to fulfill our
      needs.
Computer Programmer                                                                                May 1989 - Dec 1990
Document Image Systems, Inc., Houston, TX
   • Programming the interface and software for a document image retrieval system based on DBase. Wrote compiled
     BASIC programs for data entry; C programs to drive the scanner and retrieve the image the scanner and store them
     in .TIF format; and compiled DBase programs to manage and retrieve documents indexed in the database and stored
     on CD (WORM) disc.
   • Later added OCR capabilities to the system so the images could be leveraged for the content as well as for the saving
     of storage space.

3 Additional Professional Activity
   •   Maintainer and developer of SnortSnarf, a project to analyze snort alert logs and output an html formatted, browsable
       summary; located at http://www.sourceforge.net/projects/snortsnarf.
   •   Creator and maintainer of SnortDBInput to pull snort log data from MySQL and make it available to SnortSnarf for
       analysis of alerts. Previously located at http://www.mccombs.utexas.edu/services/cbacc/dbsupport/snortdbinput and
       now rolled officially into SnortSnarf.
   •   Creator and maintainer of Gentry, a MySQL data entry tool for Linux/Unix systems. Located on the web at
       http://www.sourceforge.net/projects/gentry

4 Education
PDA Forensic Analysis
Incident Response
NT Forensics Analysis
NT Intrusion Detection
Tripwire installation and configuration
Windows 2000 MCSE training class (but did not take the tests)
Windows 2003 MCSE training class (taken 5 of 7 tests)
Oracle Administration
MS SQL Server Administration
Tradecraft: System and Process for Digital Evidence
Windows 2K Penetration Testing
Incident Response for NT/2K
CISSP Bootcamp
Web Application Security Testing

5 Certifications
CISSP
MCP
Linux Administrator A+

6 Skills Profile
Professional Unix/Linux system administrator, specializing in Linux but with the following experience in various
Unix/Linux flavors:
   • 10 years with Linux                                     • 3 years with BSD
   • 3 years with IBM AIX                                    • 3 years with HPUX
   • 2 years with Sun Solaris
Professional database administrator with the following experience and expertise:
   • 10 years with Oracle                                        • 2 years with PostgreSQL
   • 11 years with MS SQL                                        • 5 years with DBase
   • 10 years with MySQL
Expert security analyst specializing in Intrusion Prevention, Intrusion Detection, Forensic Analysis (with expertise in
Windows, various Unix variants, and PDAs ) and Network analysis with specific experience as follows:
   • 8 years experience running Snort/Sourcefire                • 7 years experience with network packet analysis using
   • 2 years running SHADOW                                         varous tools
   • 7 years running NESSUS                                     • 5 years experience with CISCO switch management
   • 6 years running Microsoft Baseline Security Analysis
Highly skilled programmer with expertise in:
   • SQL                                                 •   BASIC
   • C                                                   •   PHP
   • Perl                                                •   ASP
   • FORTRAN                                             •   HTML
   • VBScript

7 References
Pat Lett         pat.lett@mccombs.utexas.edu           1-512-415-8845

Steven Meyers    steven.meyers@studio8architects.com   1-512-921-3693

Elan Barram      elan@barramsoftware.com               1-818-288-5306

Carter Hobbs     carterh@countyline.com                1-512-585-7645

Judy Carr        jcarr@fortissoftware.com              1-727-386-4020

								
To top