Printer Friendly Email Dave View Dave's LinkedIn profileView Dave's profile
 
Information Security Professional
 
Solutions oriented Information Security Professional with notable success in a broad range of corporate information systems initiatives. Played an integral role in the architectural design, solution development, and implementation of information security solutions in direct support of business objectives.
  • Track record of increasing responsibility in the Information Security, systems analysis, development, and project management areas.

  • Hands-on technical experience leading all stages of system development efforts, including requirements definition, design, architecture, testing, and support.

  • Outstanding leadership abilities; able to coordinate and direct all phases of project-based efforts while motivating and leading project teams.

  • Adept at developing effective security standards and procedures, project documentation, and technical/business specifications.

  • Exceptional communication skills, effective interaction with customers who possess varied technical backgrounds and through this interaction, gather the data required to create a viable technically sound architectural design.

  • Created and implemented custom Windows system applications / services in order to fulfill security requirements when no off-the-shelf solution was available.

  • Ability to build lasting customer relationships, focusing on becoming the customer's trusted advisor.
 
Core Competencies
  • Customer Focus
  • Anti-Virus Management
  • Regulatory Compliance
  • Application Development
  • Windows Security
  • Windows System Development
  • Research & Development
  • Web Development
  • Identity Management
  • User Provisioning
  • Risk Assessment
  • Windows Administration Automation
 
Professional Experience
 
03/08 - PresentSenior Consultant - Professional Services
  • Custom Identity Management Solutions
    • Analyzed customer requirements and business logic.
    • Created rules and data translations to ensure IdM solution met or exceeded business requirements.
    • Developed and executed comprehensive test scenarios to ensure solution performed as expected.
    • Created informational and implementation documents for customer.
  • Built custom scripting modules that can be reused in future projects.
  • Designed and developed custom SOAP over SSL data connector.
  • Performed Critical Path Meta-Directory and MetaMonitor upgrades.
  • Provided technical expertise needed to solve customer issues.
  • Designed and developed a Java based connector for SAP Netweaver VDS.
  • Technologies used during this period:
    • Windows scripting
    • PERL scripting
    • ADSI
    • Batch scripting
    • Java
    • LDAP
    • HTML
    • JNDI
    • Java Script
    • SQL
    • Critical Path Meta-Directory
    • Critical Path Directory Server
    • Microsoft Active Directory
    • Microsoft Exchange
    • SAP Netweaver VDS
 
05/06 - 03/08Senior Consultant - North America Professional Services
  • Customer focused Meta-Directory implementations.
    • Analyzed customer requirements to develop customized best-fit solutions.
    • All solutions are designed to ensure maintainability; overly complex designs are continually reviewed until the best overall solution is created.
    • Implemented these solutions using either the built-in (Grammar based) rules or Perl based script rules.
    • Consistently met customer deadlines for design and implementation.
    • Documented all changes and updates to existing systems.
  • Developed and provided Advanced Meta-Directory training.
    • Focused on Meta-Directory and its interaction with Active Directory / Exchange 2000.
    • Training class presented to customers at their location.
    • Created all training materials and manuals.
  • Updated and provided Introduction to Meta-Directory training.
    • Updated course material to correspond with current product line.
    • Training customized to target audience's environment.
    • Training class presented at customer's location.
  • Provide Technical Sales support.
    • Assist potential customers by providing Meta-Directory engineering knowledge.
    • Developed and presented customer targeted / tailored demonstrations of Meta-Directory based solutions.
    • Participate in sales meetings as the Meta-Directory SME.
  • Part of the team that developed a web based Meta-Directory monitoring and reporting solution.
    • This solution was written using Perl, CSS, and JavaScript is a PSO offering.
  • Created and implemented a custom Exchange distribution group management solution.
    • Group membership management based on data from HR information.
    • Limited Active Directory queries to restrict possible impact on Directory.
    • Group membership is modified using deltas only.
  • Implemented custom data joining solution using SAP MaXware DSE product
    • Leveraged MaXware product strengths to join data based on complex business rules.
    • Created customized reporting solution using both scripts and integral product assets.
  • Technologies used during this period:
    • Visual Studio 2005
    • VB.Net
    • Windows scripting
    • PERL scripting
    • ADSI
    • Batch scripting
    • LDAP
    • HTML
    • Java Script
    • CSS
    • CGI
    • SQL
    • Critical Path Meta-Directory
    • Critical Path Directory Server
    • SAP MaXware DSE
    • Open DSE
    • Microsoft Active Directory
    • Microsoft Exchange
 
12/05 - 05/06Software Developer - Northwest Arkansas Development Team
  • Focused development on new product line, to correspond with the use of the .Net 2.0 framework.
  • Created robust multi-threaded windows services used to monitor and process various network related metrics.
    • Converted existing code from the Microsoft .Net 1.1 framework to the .Net 2.0 framework.
    • Ensured all code met all organizational design practices and standards.
    • Designed a framework to ensure the product would allow for "Plug-In" based extensions.
    • Created the standard "Plug-In" design, used to build the product "Plug-Ins".
  • Designed and developed a new interface and logic for the installation and configuration process.
  • Provided training and mentoring to junior team members.
  • Technologies used during this period:
    • Visual Studio 2003
    • Visual Studio 2005
    • VB.Net
    • ASP.Net
    • SQL Server 2000
    • SQL Server 2005
    • VB6
    • Classic ASP
 
08/05 - 12/05Systems Engineer - Threat Research and Analysis Team
  • Researched possible internal threats, external threats, exposures, and security breaches.
  • Designed and developed utilities to combat various security concerns / issues.
  • Designed and developed various utilities to find and retrieve data / file information.
  • Designed reporting solutions to display certain information in a management friendly format.
  • Technologies used during this period:
    • Visual Studio 2003
    • Visual Studio 6.0
    • DevPartner Studio
    • C++
    • VB6
    • Win32 APIs
    • Standard Template Library
    • SQL
    • XML
    • Windows scripting
    • Batch scripting
    • EnCase
 
05/04 - 08/05Systems Engineer - Security Architecture Team
  • Primary customer liaison with internal covered entities for Health Insurance Portability and Accountability Act (HIPAA) compliance project. Responsibilities include:
    • Providing guidance and answers to HIPAA Security questions and compliance as it relates to internal policies, standards, and procedures.
    • Interfacing with internal and external legal counsel.
    • Working with internal auditors.
    • Driving the resolution of any issues.
    • Reporting to Privacy Official and Security Official on project status and issues.
  • Integral part of the team that designed and performed the risk assessment and then generated the risk mitigation recommendations to ensure compliance with HIPAA.
  • Participated in the development of a framework that was used to define the security best practices to follow during system evaluations.
    • Performed system and software security analyses using the defined framework.
  • Developed a multi-threaded windows service, designed to assist with identification and management of windows devices.
  • Created Java class used to deteremine appropriate Active Directory domain controller to handle a specifc authentication / authorization request, used during initial login to an internal web portal that was accessed by over 1,000,000 users.
  • Technologies used during this period:
    • Visual Studio 2003
    • Visual Studio 6.0
    • DevPartner Studio
    • C++
    • VB6
    • Standard Template Library (STL)
    • Win32 APIs
    • SQL
    • XML
    • Windows scripting
    • Batch scripting
    • JAVA
    • JNDI
 
10/02 - 05/04Systems Engineer - Global Directory Engineering Team
  • Lead for this team as it supported the Meta-Directory and Directory infrastructures and the data joining processes.
    • Continuous communications with customers to ensure that the data in the directory met their needs and that the all issues were resolved in a timely manner.
    • Main point of contact for all contractors working on the Global Directory system.
    • consisted of multiple Critical Path Meta-Directory and Directory Servers.
    • Trouble shot any identity or access related issues.
    • Updated data join rules as discrepancies were discovered or as business rules changed.
    • The customer facing directory contained over 1,000,000 user entries.
    • The data join rules processed tens of thousands of changes daily.
  • Project\Technical Lead for the Meta-Directory project.
    • Assumed project manager role for Wal-Mart on this project while acting as the technical lead.
      • Communicated with all stake holders on project issues, updates, and progress.
      • Direct responsibility for all assigned personnel resources, associates and contractors.
      • Ensured project milestones were completed as scheduled or schedule modifications were communicated to all parties involved in the project.
      • Ensured all project documentation was completed to defined standards.
      • Possessed final say for all technical implementation and data joining decisions.
    • Data joined from multiple, worldwide, data sources based on extremely complex business rules.
    • Custom data processing and manipulation scripts were created to facilitate the complex business rules.
    • The final product was a Meta-Directory infrastructure that was redundant and highly available that supports 24/7 worldwide operation.
  • Project\Technical Lead for the directory used by an internal web portal project.
    • This project was executed in parallel with the Meta-Directory project.
    • Project Management responsibilities:
      • Communicated with all stake holders on project issues, updates, and progress.
      • Direct responsibility for all assigned personnel resources, associates and contractors.
      • Ensured project milestones were completed as scheduled or schedule modifications were communicated to all parties involved in the project.
    • Technical Lead Responsibilities:
      • Defined correct processing of business rules as defined for the portal project.
      • Designed the directory structure that housed the portal related identity data.
      • Architected all data joining processes required to keep the portal identity data up to date.
  • Designed, developed, and implemented a secure Windows authentication mechanism for internal web applications.
  • Designed, developed, and implemented a secure process for synchronizing Novell passwords, used by an internal password management application.
  • Technologies used during this period:
    • Visual Studio 6.0
    • C++
    • Visual Basic
    • ADSI
    • Win32 APIs
    • Standard Template Library (STL)
    • Windows scripting
    • Perl scripting
    • Batch scripting
    • LDAP
    • JAVA
    • JNI
    • JNDI
    • Java RMI
    • OpenSSL
    • Critical Path Meta-Directory
    • Critical Path Directory Server
    • Tivoli Access Manager
    • Tivoli Directory Server (SecureWay)
    • Microsoft Active Directory
    • Microsoft Exchange
 
04/02 - 10/02Senior Systems Programmer - Workstation Security Engineering Team
  • Led this team while it provided technical support for AV software, settings, and updates.
    • Continuous communications with customers to ensure that any virus scanner related issue was resolved in a timely manner.
    • Architected and then implemented a process that deployed AV signature updates worldwide, 100,000+ devices, in a defined time frame; based on threat severity.
    • Technical lead for any virus / virus scanner related issues.
  • Designed, developed, and deployed a Windows user account provisioning application.
    • User provisioning was based on defined business rules.
    • User accounts were created, modified, or disabled user accounts in NT 4.0 and Active Directory Domains.
    • Application designed to allow for easy migration from NT4 domains to an Active Directory domain structure.
  • Member of the Incident Response team.
  • Technologies used during this period:
    • Visual Studio 6
    • C++
    • Visual Basic
    • Win32 APIs
    • LDAP
    • ADSI
    • SQL
    • Standard Template Library (STL)
    • Windows scripting
    • Batch scripting
 
03/00 - 04/02Senior Systems Programmer - Security Administration Team
  • Lead on project to provide a robust solution for virus protection on 100,000+ Windows devices.
  • Member of the Incident Response team.
  • Performed evaluations of Windows systems to ensure that all security requirements were met.
  • Designed, coded, and implemented Win32 applications used to enforce company policies.
  • Planned, developed, and implemented standard Component Object Model (COM) servers and COM DLLs for use in Web based applications.
  • Designed, developed, and implemented a Java based reporting solution used to notify personnel about new and updated information concerning viruses.
  • Shared responsibility for determining security and system settings for Windows 2000 and Windows XP desktop Operating Systems.
  • Created solutions used to facilitate installations of software packages without expanding basic user permissions on Windows workstations.
  • Provided Windows related technical assistance to various teams as required to solve stubborn issues.
  • Technologies used during this period:
    • Visual Studio 6.0
    • C++
    • Visual Basic
    • ASP
    • JavaScript
    • Java
    • HTML
    • Win32 APIs
    • COM / COM+
    • ADSI
    • Standard Template Library (STL)
    • Active Template Library (ATL)
    • Microsoft Transaction Server (MTS)
    • Windows scripting
    • Batch scripting
 
04/98 - 03/00Programmer - Security Administration Team
  • Member of a two person team that developed and implemented a multi-threaded windows service used to deter unauthorized modification or addition of software initially deployed on 20,000+ workstations.
  • Member of the Incident Response team.
  • Performed evaluations of Windows systems to ensure that all security requirements were met.
  • Designed, developed, and implemented Win32 software that enforced IT security policies.
  • Assisted with deployment of Windows NT 4.0, by providing administration, scripting, and programming support to the rollout team.
  • Provided Windows related technical assistance to various teams as required when solving stubborn issues.
  • Provided support to internal and external auditors while performing information system audits on Windows systems.
  • Performed Windows NT 4.0, Novell 3.x, and Novell 4.x access troubleshooting and account administration.
  • Technologies used during this period:
    • Visual Studio 6.0
    • C++
    • Visual Basic
    • ASP
    • JavaScript
    • HTML
    • LDAP
    • Win32 APIs
    • ADSI
    • Batch scripting
    • Standard Template Library (STL)
    • Active Template Library (ATL)
    • Microsoft Transaction Server (MTS)
    • C on HP-UX
    • Shell scripting
 
Education
 
Bachelor of Science Degree in Computer Information Systems/Business Administration
Columbia College - Rolla, Missouri
 
Professional Training and Certifications
 
CISSP - Certified Information Systems Security Professional
 
Professional Affiliations
 
Member - Information Systems Security Association
Founding Member - Northwest Arkansas Chapter, Information Systems Security Association
Member - International Information Systems Security Certification Consortium, Inc.
 
 
Printer Friendly Email Dave View Dave's LinkedIn profileView Dave's profile
 


Copyright © 2005 - 2013 Dave Moats.  All rights reserved.  Links: Copyright © by their respective owners.
NO WARRANTIES EXTENDED.  Void where prohibited by law.  Please report any issues or broken links.
You may link to this site freely from your own site.  You may quote from this site, but please include a link to the original source on the originating site.