Hack validating windows
Alternative to PENETRATION TESTER position names: Ethical Hacker, Application Penetration Tester, Red Team Lead, Application Security Consultant, Source Code Reviewer, Senior Information Systems (IS) Security Auditor, PCI Auditor, Security Advisor Engineer (SAE), Security Testing Engineer, Principal Security Subject Matter Expert (SME), Information Assurance Technical Analyst, Senior IT Security Analyst – SSDLC, System Security Architect.
Seeking Penetration Tester consulting position in a network security field with exposure to: penetration testing, manual and automated testing of: operating system, network, web application (DAST), source code (SAST), mobile devices, database, wireless, cloud, and social engineering (phishing).
➢ Have over twenty years of combined software/system development and management experience.
Offering occasionally travel to nationwide clients for 1-2 days, every few weeks (10%-20%) for internal review.
NETWORK SECURITY PROFESSIONAL CERTIFICATIONS: CISSP - Certified Information Systems Security Professional # 35232 (by ISC2 in 2002) GWAPT - GIAC Web Application Penetration Tester # 3111 (by SANS in 2011) GWEB - GIAC Certified Web Application Defender (by SANS) candidate, exam due in 2015 GPEN - GIAC Certified Penetration Tester (by SANS) candidate, exam due in 2015 CPT - Certified Penetration Tester (passed written & practical exploitation exam; by IACRB in 2015) LPT - Licensed Penetration Tester (by EC-Council in 2007) ECSA - E-Council Certified Security Analyst (by EC-Council in 2006) CEH - Certified Ethical Hacker (by EC-Council v.4 in 2006 & v.8 in 2014) OSCP - Offensive Security Certified Professional (by Offensive Security) candidate, exam due in 2015) CHCP - Certified Hacking and Countermeasures Professional (by Intense School in 2003) HBSS - Host Based Security System Certification (by Mc Afee in 2009) CHS-III - Certification in Homeland Security - Level III (the highest level) (by ACFEI in 2004) NSA CNSS - National Security Agency & Committee National Security Systems Certification (by NSA in 2003) NSA IAM - National Security Agency INFOSEC Assessment Methodology (by NSA in 2003) CSS1 - Cisco Security Specialist 1 (by Cisco in 2005) SCNP - Security Certified Network Professional (by SCP in 2002) NSCP - Network Security Certified Professional (by LTI - Learning Tree Inc in 2002) EWSCP - Enterprise and Web Security Certified Professional (by LTI - Learning Tree Inc in 2002) SOFTWARE PROGRAMMING PROFESSIONAL CERTIFICATIONS: CSSLP - Certified Secure Software Lifecycle Professional (by ISC2) candidate, exam due in 2015 CJPS - Certified Java Programming Specialist (by LTI - Learning Tree Inc in 2014) CJP - Certificate Java Programming (by NVCC - Northern Virginia Community College in 2014) MOBILE PROFESSIONAL CERTIFICATIONS: GMOB - GIAC Mobile Device Security Analyst (by SANS) candidate, exam due in 2015 CMDMADS - Certified Multi-Device Mobile Application Development Specialist (by Learning Tree Inc in 2014) CADS-Android - Certified Application Development Specialist - Android (by LTI - Learning Tree Inc in 2014) CADS-i OS - Certified Application Development Specialist - i OS (by LTI - Learning Tree Inc in 2014) MANAGEMENT PROFESSIONAL CERTIFICATIONS: CISM - Certified Information Systems Manager # 0912844 (by ISACA in 2009) CEISM - Certificate in Enterprise Information Security Management (by MIS in 2008) ITMCP - IT Management Certified Professional (by LTI - Learning Tree Inc in 2003) PMCP - Project Management Certified Professional (by LTI - Learning Tree Inc in 2003) CBGS - Certified Business to Government Specialist (by B2G in 2007) AUDITING PROFESSIONAL CERTIFICATIONS: CISA - Certified Information Systems Auditor # 0435958 (by ISACA in 2004) CITA - Certificate in Information Technology Auditing (by MIS in 2003) NETWORK ENGINEERING PROFESSIONAL CERTIFICATIONS: CCIE - Cisco Certified Internetwork Expert candidate (passed a written exam) (by Cisco in 2001) CCDP - Cisco Certified Design Professional (by Cisco in 2004) CCNP - Cisco Certified Network Professional (by Cisco in 2004) CCNP ATM - Cisco Certified Network Professional ATM Specialization (by Cisco in 2001) CCDA - Cisco Certified Design Associate (by Cisco in 2000) CCNA - Cisco Certified Network Associate (by Cisco in 1999) MCSE - Microsoft Certified Systems Engineer (by Microsoft in 1999) MCP I - Microsoft Certified Professional Internet (by Microsoft in 1999) MCP - Microsoft Certified Professional (by Microsoft in 1999) USACP - UNIX System Administration Certified Professional (by LTI - Learning Tree Inc in 2002) SSACP - Solaris Systems Administration Certified Professional (by LTI - Learning Tree Inc in 2002) Network - Computing Technology Industry Association Network (by Comp TIA in 1999) A - Computing Technology Industry Association A Service Technician (by Comp TIA in 1999) Do D 857001M INFORMATION ASSURANCE WORKFORCE (IAWF) IMPROVEMENT PROGRAM CERTIFICATION POSITION LEVELS: IAT - Information Assurance Technical Level III (Do D Directive 8570) IAM - Information Assurance Manager Level II (Do D Directive 8570) CND-AU- Computer Network Defense-Service Provider (CND-SP) Auditor (Do D Directive 8570) EDUCATION: Master of Science in Information Technology, Specialization in Information Security, School of Technology, Capella University, Minneapolis, MN (July 2004, GPA 4.0 – Summa Cum Laude). Master of Science in Geography, Specialization in Geomorphology and Quaternary Paleogeography, Faculty of Geosciences and Geology, Adam Mickiewicz University, Poznan, Poland (July 1990).
Wrote degree thesis on the subject: "Network Vulnerability Assessment at a U. COURSES / CLASSES: Attended 100 classes: Web Application Penetration Testing and Assessment (by Black Hat, SANS, EC-Council, Learning Tree Int.
• Non-active OPM National Agency Check with Inquiry (NACI) security clearance (March 2003 - 2008). It previously resulted in winning government contract bids.
Experience consists of 27 years of exposure in computers and networks, 20 years in information security / assurance, 16 years in information system (IS) security auditing, 14 years in project management, 14 years in penetration testing and vulnerability assessment, 14 years in application security, 14 years supporting government clients (Do D/ANGB, DSS, DISA, DHHS/FDA, PSC, Do L/ESA, Do S/CA, DHS/FEMA, TSA, Do ED, FHFA, LOC, USAID), and 6 years in supporting commercial companies in telecommunication, financial services and banking industry, including banking applications Information Systems (IS) security audits.