Associate Director November 2006 to CurrentDartmouth College － Hanover, NH
Information Security (current) Oversee the security of the College's Information Systems and 13,000 node network Coordinate Dartmouth's information security risk management efforts Developed process for assessing and documenting compliance with the Dartmouth Information Security Policy Perform departmental compliance assessments Assist Risk Management and Internal Controls with information security audits Provide training on Dartmouth policies to faculty, staff, and students Instituted vulnerability management and assessment procedures Developed the College's Incident Response Procedure and direct the Incident Response Team Provide HIPAA compliance auditing, documentation, and training for College administrative departments Conduct security assessments for Dartmouth information system initiatives including new software and cloud-based services Assist researchers with data security compliance reporting and development of security plans Oversee College's PCI (credit card processing) compliance reporting Technical Manager of Dartmouth Cyber-Security Initiative (CSI) Direct team of undergraduate and graduate student interns Focused on projects aimed at improving the security of the College's information systems.
Instruct students in networking, server security, intrusion detection, and auditing Oversee administration of intrusion prevention, firewall, PKI Certificate Authority, vulnerability scanners and other security systems.
IT Security Officer October 2001 to November 2006Villanova University － Villanova, PA
Created the University's first IT Security Model, Internal IT Audit Program, Incident Response Policy and Vulnerability Assessment Procedure Developed University's IT Security Strategic Plan and Assessment process Established and documented security standards for University servers (Solaris, Windows, Linux) and services (LDAP, RADIUS, DNS, DHCP, and E-mail) Project manager for numerous campus-wide initiatives including: Design and deployment of 6 sensor Intrusion Detection System Developed security architecture for 5,000 user Wireless LAN Implemented audit program using a variety of vulnerability assessment tools Initiated IT Security User Awareness Campaign Designed and implemented University's IPSEC and SSL VPN's Deployed and managed numerous firewalls (Cisco PIX, Fortinet, Juniper/NetScreen).
Senior Network Engineer May 2000 to October 2001Quintiles Transnational － Piscataway, NJ
Supervised team of system administrators on network monitoring, server administration.
and maintenance, as well as asset management and user/group administration.
Instructor December 1998 to May 2000NetTrain Inc － Cherry Hill, NJ
Taught courses in the following certification programs:.
Certified Cisco Network Associate (CCNA).
Microsoft Certified System Engineer (MCSE).
Certified Netware Engineer (Novel CNE).
Systems Specialist December 1996 to December 1998Towers Perrin － Voorhees, NJ
Various responsibilities supporting a 68 site Novell 4.11 network Conference Papers and Presentations Collaboration, Confidentiality, and Calm: Attack Protection on High-speed, Mix- use Networks" presented at VISION Conference, October 2014 in Atlanta, GA Multi-Factor Authentication in Higher Education" panel at Securing the eCampus, July 2013, Hanover, NH Translating Research into Education and Practice: Collaborative Efforts to Improve Information Security" presented at NERCOMP Conference, March 2011 in Providence, RI.
Pleasant Skies or Gathering Storm.
The Good and Evil of Servers in the Cloud" presented at EDUCAUSE 2010 Security Professionals Conference.
April 2010 in Atlanta, GA.
The Dartmouth CSI: Faculty, Staff, and Students Work Together" with David Bucciero, article in IEEE Security and Privacy Magazine.
November/December 2009 issue.
Dartmouth Cyber-Security Initiative" presented at Colloquium for Information System Security Education (CISSE).
June, 2008 in Dallas, TX Incident Response from the Ground Up" presented at NERCOMP Conference.
March, 2008 in Providence, RI.
Dartmouth Cyber-Security Initiative and the New Achilles Vulnerability Assessment Console: A Case Study in Collaboration" presented at the EDUCAUSE 2008 Security Professionals Conference.
May, 2008 in Washington, DC.
The Disintegrating Perimeter: Planning for the Shift to Asset-based Security" presented at the EDUCAUSE 2005 Security Professionals Conference.
April, 2005 in Washington, DC.
Education and Training
Master of Science : Information AssuranceNorwich University － Northfield, VTGPA: Cum LaudeInformation Assurance Cum Laude
B.ARutgers University － New Brunswick, NJGPA: with High Honorswith High Honors
ISC2 - Certified Information System Security Professional (CISSP) ISACA - Certified Information System Auditor (CISA) Cisco - Certified Cisco Network Associate 2.0 (CCNA), Certified Cisco Network Professional 2.0 (CCNP) SANS Institute -GIAC Certified Forensic Analyst 2007 (GCFA) ISFCE - Certified Computer Examiner (CCE) Microsoft - Microsoft Certified System Engineer +Internet NT 4.0