[Printer Friendly Version]

Confidential Resume of


Stan Hoffman, CISSP                                                              9701 Tiffany Lane - Manvel, Texas 77578

                                                                                                                                                                                    ' 281.635.6810

                                                                                                                           : www.BakosGroup.com/resumes/shoffman.htm

                                                                                                                                                                š shoffman@computer.org










CISSP – ISC2 Certified Information System Security Professional

IAM – NSA Infosec Assessment Methodology

CCNP – Cisco Certified Network Professional

GCIA – SANS GIAC Certified Intrusion Analyst

CWNA – Certified Wireless Network Administrator

MCSE, MCP+1 – NT 4.0 Pre-Installation Specialist

Security+ - CompTIA Security+ Certification



skills matrix • core competencies


u    Security: Auditing: NSA Infosec Assessment Methodology PDD-63 / OMB A-130 Compliance NIACAP/DITSCAP ST&E and audit CIS Benchmark Compliance Intrusion Detection: Snort NFR SHADOW CSIDS (Netranger) ▪ Packet analysis to bit-level Logfile Analysis Protocol and Performance Analysis: NAI Sniffer Ethereal Etherpeek Penetration Testing: Shell Scripting Web App Testing Social Engineering Physical Compromise Wireless Physical Security: Design of Physical Security Systems to Component Level Cross-trained in locksmithing Tools: Various including dd netcat lcrzo Nessus ISS Cybercop SARA ftester ▪ Encase ▪ Access Data ▪ Autopsy.


u    Infrastructure Hardware: Cisco 1600, 2600, 3600 and 7200 Routers Cisco 2400, 2900 and 6500 Series Switches Cisco PIX 515-UR Cisco CSIDS, FW/IDS, IOS, VPN, ACLs Checkpoint Firewall FW-1 Versions 4.0, 4.1 and NG F5 BigIP ▪ Radware WSD Pro ▪ Compaq Servers & Workstations ▪ Sun Servers ▪ Cubix Servers.



u    Protocols: Routing: OSPF, EIGRP, BGP4, IPSEC VPN tunneling Switch: VLAN VTP, dotlq PVLAN Network: TCP/IP, PPTP, IPSEC, IKE, SSL, HTTP, SMTP, FTP, SMB, ATM, Frame Relay, ISDN, High Speed Telco.


u    Cabling: NEBS NEC EIA/TIA-trained for Telecomm / Data Network cabling (Cat5, Cat3, Fiber Optic, PoE) Electrical wiring and grounding to NEC code standard ▪ Protocol analyzers ▪ Oscilloscopes ▪ Signal analyzers ▪ T-Berd


u    Operating Systems: Windows 2000, NT, 98 Solaris 7 & 8 Linux RedHat 5.1-7.3 Cisco IOS 11.1 – 12.0


u    Non-IT Systems: PLC/SCADA – Modicon, A/B, ICOM, Taylor, RSLogix, Intellution, F/Link Access Controls Biometrics PLC Programming Active & Passive Sensors CCTV Telco Power Conditioning. 





Senior Network Engineer                                                                                                                         2000 - 2002

Fidelity National Information Solutions / RealEC Technologies, Inc.               Houston, Texas


        Combine extraordinary market cognizance with a practiced business sense managing, developing and providing highly effective security and network infrastructure design, development and administration in fast-paced environment. Key responsibilities include LAN/WAN network design through administration and troubleshooting, security development and implementation and e-commerce support and monitoring. Extremely proficient “fire fighter” with ability to identify and implement solutions to wide range of issues from root level and up.


Stan Hoffman, CISSP                                                                                                                                                             Page 2


            Provide high level of expertise for all aspects of systems security, including design and installation of firewalls, vulnerability assessment and remediation, incident response, forensics and policy development and enforcement. Developed new Cisco PIX/Checkpoint NG on Solaris firewall system for Internet / Extranet security. Responsible for all Snort/SHADOW IDS log monitoring and parsing, and assist client security administrators with analyzing network traffic at packet-level.


            Routine duties include design, implementation and optimization of Cisco routers, routing protocols, switches and high-speed Telco connectivity (ATM, DS3, Frame Relay) to guarantee uninterrupted production abilities; system consists of 58 load-balanced servers and 17 privately routed connections to financial partners.


            Noteworthy accomplishments include rebuilding client firewalls live in e-commerce production environments, live router and switch troubleshooting and solution development, managed real-time intrusion while maintaining production throughput, and provide proactive response to significant, pernicious viruses (Nimda and Code-Red) with no detrimental effects. During tenure, network grew by 200% and network traffic grew by 400%.


Senior Network Engineer                                                                                                                         2000 - 2000

Rare Medium                                                                                                                                                      Houston, Texas


        Demonstrated strong planning, organizing and leadership skills developing, implementing, supporting and administering meshed Cisco LAN/WAN network for 30 corporate offices. Assisted office managers with daily systems operations, trained and supported end users both locally and internationally, and developed effective security policies, procedures and strategies to safeguard office and global e-commerce operations worldwide.


            Network architecture consisted of Cisco 720x, 3600 and 2621 routers, OSPF, EIGRP and BGP4 routing protocols, Cat 6509, Cat 2948G and CAT5000 switches, Checkpoint FW-1 firewalls and ATM, DS3 and Frame Relay high-speed Telco connectivity.


            Remotely established corporate VPNs to Singapore, London, Sydney and Brussels, designed and built critical cable plant environment for Houston NOC, and provided on-call 24x7 NOC support.


            Personally designed and maintained data center, equipment rack layouts and power distribution scheme, and provided highly effective security monitoring utilizing Tivoli NetView and What’s Up Gold software tools.


            Other noteworthy accomplishments included redesign of corporate network’s internal OSPF to eliminate instabilities, and maintenance of dual OC-3 load-balanced peers to ISPs, with failover to New York OC-3 feed.


Network Engineer                                                                                                                                           1999 - 2000

CO Space                                                                                                                                                                 Houston, Texas


        Lead developer supervising design initiatives for 5,000 square foot collocation facility, providing network design and implementation efforts, and design and monitoring of effective network security systems and monitoring procedures. Key responsibilities included personnel and materials allocations, identification and engagement of vendor software / hardware providers, system installations and configurations and continually identifying containing costs while maintaining projected delivery date.


            Designed NT 4/0 Windows network utilizing Cisco routers, switches and high-speed Telco connectivity. 


            Maintained NEBS, NEC, OSHA and EIA/TIA compliance during all collocation construction activities.


Network / Controls Engineer                                                                                                               1997 - 1999

PM Consulting                                                                                                                                                  Houston, Texas


        Worked with wide variety of multi-disciplined personnel projects managing design, development and implementation of production and operating systems for high end client list, including General Motors, Anheuser-Busch, Delta Design and Ultra Express. Efforts included network design and support, website development, database support and systems security implementation and maintenance.



Stan Hoffman, CISSP                                                                                                                                                             Page 3


            Technical lead developing, implementing and supporting Windows NT 4.0 Virtual Private Network, Steeplechase controls software, SQL Server 7.0 corporate use database and complex Intranet Website.


            Managed and assisted in installation and startup of automated Production systems and processes, developed and implemented security systems augmentation measures to reduce security breaches, and successfully altered software to avoid costly $50,000 hardware rework; led 3-person team and met stringent deadline successfully.


            Project managed all aspects of Year 2000 compliancy project.


Controls Engineer                                                                                                                                          1995 - 1997

General Motors – Mid-Sized Car Division (contracted)                                                           Warren, Michigan


        Provide insightful technical development supporting Oshawa car assembly plant robotic manufacturing process. Activities included debugging, installing and start-up of automated vehicle bodyside sub-tools and network for automated robotic assembly systems consisting of SLC 5/04-based control system, PV550 MMIs, ABB S4PC robots, and Robotron weldsets.


            Notable achievements included programming imported control systems leading to standardized program interface to corporate specifications.





Guidance Software – Encase, Level 1 & 2

Federal Bureau of Investigation – Approach to Computer Crime Investigation

USMC – Communications & Electronics School, 29 Palms, CA

Exabyte – Certified Storage Engineer

DOD – DITSCAP Module 1.1





Member – HTCIA, ISSA, IEEE, InfraGard (Secure Representative)






Possess and uses personally owned 400+ volume Information Technology Library

Serve as Volunteer Analyst for Incidents.org, HTCIA

SANS GCIA Cert-Practical online at: http://www.giac.org/practical/Stan_Hoffman_GCIA.doc

Subject Matter Expert for CompTIA Security+ Exam

CASPR and Information Systems Forensic Association CBK









Non-Active Sitemap

Copyright © 2000-2014 Whitehats.ca
Contact Information 519.221.9132 : Web Contact webmaster@whitehats.ca