GCIA, GCUX, GCIH, GSEC
Dallas, TX USA
July 1999 - Present
Network Security Engineer assigned to the Perimeter Security team. Primary duties include security and system administration. Specific duties include firewall, router, log server and workstation installation/administration, administering a comprehensive intrusion detection analysis infrastructure, and vulnerability analysis of the production and development environments. Further duties include preparing the network for security certification by the customer security auditors, and documenting the security policies and system security plan.
Aug. 1998 - June 1999
Software Engineer to the Software Integration and Test Team in support of the Algorithm Optimization group.
May 1997 - July 1998
Technical Team Leader over eight software engineers in the Algorithm Optimization group. Responsible for designing, coding, testing, and integrating code on Cray and SGI platforms. Additional duties included scheduling projects, tasking engineers, meeting project deadlines, and coordinating efforts with multiple groups. Responsible for interfacing with existing customers and presenting project designs, in addition to writing and conducting employee performance appraisals.
May 1996 – Apr. 1997
Senior Associate Software Engineer responsible for code and test activities in the Algorithm Optimization group.
Oct. 2001 - Present
SANS Authorized Grader for GIAC Certification Practicals
SANS Authorized Grader (http://www.giac.org/graders.php) employed by SANS on a consultancy basis. Duties include grading SANS practicals and providing detailed feedback to students on their practical. Additional duties include helping train new graders and helping guide the continued development of SANS certification tracks.
¨ Experience with firewall configurations and administration (Cyberguard 5.0/5.1, Sidewinder and Gauntlet 5.5/6.0), vulnerability analysis and penetration testing using PGP Cybercop, Crack/L0phtCrack, Nmap, Nessus, and various ISS products. Additional experience with PKI, LDAP, Netscape/iPlanet Certificate and Web Servers, Apache web server, and Cisco routers and switches.
¨ In-depth experience with multiple IDS (Intrusion Detection System) packages such as Sourcefire 10/100 and GigE appliances, Snort, NFR and ISS Realsecure. Additional experience configuring Cisco router and switch ACL’s, TCP Wrappers, SSL, SSH, and Tripwire. Experience with other penetration tools such as Solarwinds, Hping2, SendIP, Netcat, and Whisker.
¨ UNIX (Solaris 2.6/7/8/9), Linux and Windows System Administration that includes: Installing O/S, hardening NT/W2K systems registry and UNIX/Linux operating systems and services for enhanced security. Further experience with Anti-Virus, implementing split DNS for firewalls, BIND, NAT, disk partitioning, UNIX and NT user account creation/maintenance, and maintenance of heterogeneous Ethernet LAN’s. Experience with the deployment and maintenance of Recourse Mantrap honey-pot/decoy servers, and analysis of the resulting logs. Proven experience designing, building and maintaining secure production networks.
¨ C Programming, UNIX Shell Scripting, Perl, Perl-Tk, in-depth knowledge of TCP/IP.
¨ UNIX (Solaris 2.6/7/8/9), Linux (Redhat and Mandrake), Windows 2000/XP/NT, DOS
¨ MS Word, MS Project, MS Excel, MS Power Point, MS Visio, StarOffice, FrameMaker 5.5
¨ GCIA – Intrusion Detection Certification by the SANS Institute (System Administration and Network Security). Honors status awarded. Details available at: http://www.giac.org/subject_certs.php#GCIA
¨ GCUX – UNIX Security Administration Certification by the SANS Institute. Details available at: http://www.giac.org/subject_certs.php#GCUX
¨ GCIH – Advanced Incident Handling and Hacker Exploits Certification by the SANS Institute. Details available at: http://www.giac.org/subject_certs.php#GCIH
¨ GSEC – GIAC Security Essentials Certification by the SANS. Details available at: http://www.giac.org/subject_certs.php#GSEC
¨ Holland, Jeff “GCUX Practical Assignment ” URL: http://www.giac.org/practical/Jeff_Holland_GCUX.doc, October 2002.
¨ Holland, Jeff “GCIA Practical Assignment ” URL: http://www.giac.org/practical/Jeff_Holland_GCIA.doc, August 2001.
¨ Holland, Jeff “GCIH Practical Assignment – CGIback.c - CGI Backdoor” URL: http://www.giac.org/practical/Jeff_Holland_GCIH.doc, December 2000.
¨ Holland, Jeff “DNS Security” URL: http://rr.sans.org/firewall/DNS_sec.php, July 2000.
May 2002 SANS 2002 System Administration and Network Security Conference. Attended classes
UNIX Security Administration.
March 2001 SANS 2001 System Administration and Network Security Conference. Attended classes
intrusion detection and signature analysis.
August 2000 WebSec 2000 Conference. Attended classes on NT and UNIX O/S security, virus detection and prevention, and web security. Administered by MIS Training Institute.
August 2000 Cisco Interconnecting Network Devices: ICND 1.0a (material covered all skills needed for the CCNA exam).
March 2000 SANS 2000 System Administration and Network Security Conference. Attended classes on Vulnerability Analysis, Sendmail/BIND, Intrusion Detection Systems (IDS), and Firewall Perimeter Defense. Administered by the SANS Institute.
February 2000 Gauntlet Firewall Administrator Training. Administered by NAI.com.
August 1994 – Master of Science, Mathematics (Operations Research)
May 1996 New Mexico State University, Las Cruces, New Mexico
Courses of study included: Linear/Nonlinear Programming, Discrete Optimization, Nonlinear Optimization, Probability/Statistical Theory, Stochastic Processes, and Real/Complex Analysis.
August 1992 – Bachelor of Science, Mathematics
May 1994 California State University San Marcos, San Marcos, California
Courses of study included: C Programming, UNIX, Abstract Algebra, Complex Variables, Number Theory, Linear Algebra, Numerical Linear Algebra, Public Key Cryptography and Primality Testing, and Discrete Mathematics.
© 2000-2014 Whitehats.ca