My Photo

Contact

  • Website:

Biography

David L. Dann, CISSP
Email: ddann@optonline.net


SUMMARY: Fourteen years experience in IT with proven track record managing mission-critical operation and projects at Fortune 500 Corporations.

SKILLS: SOFTWARE: Wintel, Windows Server 2003, Windows XP, Active Directory, Red Hat Linux, Microsoft Exchange 2000, Citrix Server, Windows Remote Access Server, Remedy, Windows XP Professional, Project 2003, MacAfee EPO, Tripwire IDS, Ethereal Packet Capture, LDRPS, Cisco Intrusion Detection System, CheckPoint VPN-1/Firewall-1, Legato Networker, Retina Vulnerability Scanner, TCP/IP, Windows Shell Scripting, Visio, Hitachi Path Manager, Load Balancer HARDWARE: HP Blade Servers, Hitachi SAN, Emulex LP-8000 Fibre Host Bus Adapters, Cisco Catalyst Ethernet switches, Cisco IDS 4235 Sensor, Brocade Switches, Wi-Fi (802.11b) adapters, routers and access points.

EXPERIENCE:

Mortgage Bank – name available on request
October 2005 – Present

Security Analyst (Consultant)
· Worked with mortgage banking firm to determine those control objectives that should be included for Sarbanes-Oxley compliance. Prepared matrix based on COSO standard template identifying those controls and the necessary policies and procedures needed to meet objectives.
· Prepared other materials, such as general narrative, testing plan and firm’s information security policies and procedures for the review by internal auditors for SOX compliance.
· Tested objectives and examined test samples such as firm’s Active Directory user and group lists, system and backup logs, Microsoft’s Security Baseline Analyzer reports, etc. Conducted walk-through of data centers and observed physical access controls. Authored final testing narrative and conclusion.

Fortune 500 Pharmaceutical Firm – name available on request
February 2005 – August 2005

Security Analyst (Consultant)
· Make recommendations for security hardening of Windows 2000 and Windows 2003 Advanced server. Review patch management products for Windows 2000 and XP workstations.
· Conduct QualysGuard vulnerability scans for all Unix and Linux servers. Review reports with systems administrators, prioritize vulnerabilities and prepare mitigation plan.
· Work on project to build secure bastion Linux systems on outside perimeter network. Help formulate best practices and governance for Red Hat Enterprise Linux server rollout.


Fortune 500 Financial Services Firm – name available on request
September 2004 - December 2004


· Charged with insuring security compliance for a server rollout project for a Citigroup investment group in New York City. Conducted vulnerability scans using eEye Digital’s Retina Network Security Scanner and Microsoft Baseline Analyzer. Made appropriate changes to harden security on servers.
· Reviewed and evaluated with server team patch management solutions including Shavlik, Ecora Patch Management and native Microsoft patch update tools (SUS). Worked on policy for patch assessment and scheduling implementation.
· Conducted risk assessment on requests from developers for privileged user accounts to servers.


Computer Consulting firm – name available on request
June 2004 – September 2004

Information Security Analyst (Consultant)
· Worked with enterprise security group in preparing documentation on security guidelines for distribution to end-users. Reviewed for thoroughness and made recommendations for changes and additions.
· Evaluated business continuity plans and met with different vendors to discuss BCP products, such as LDRPS, audit and business impact analysis questionnaires. Reviewed contingency off-site facilities with providers.
· Acted as liaison with firm’s external auditors on contingency plan.


Fortune 500 Pharmaceutical Firm – name available on request
Dec. 2003 – May 2004

IDS Administrator (Consultant)
Directly responsible for overseeing and managing an IDS project during a corporate divestiture. Project had a worldwide enterprise wide scope with sensors installed in Europe, Japan, North and South America.
· Communicated with the IBM SOC to discuss and obtain clarification of alerts and baseline the new IDS systems. Conduct security forensic investigations after determining systems were attacked.
· Performed risk and threat assessments for received alerts. Work with Security team to ensure that impact assessment and proposed resolution is in accordance with corporate standards.
· Evaluated requests for non-standard account access for Windows and Unix platforms. Worked with business SDM and security officers to mitigate risk.
· Resolved IP addressing issues and initiate investigations as necessary. Manage alert communications to Pfizer processes to ensure resolution is achieved.

Fortune 500 Financial Services Firm – name available on request
June 1997 – April 2003

Assistant Vice President Network Administrator-Debt/Equity
Maintained and installed and supported over 400 Windows NT 4.0 and Windows 2000 application, SQL, SMS, web, file servers and domain controllers. Point person for all security related concerns including virus attacks and outages. Responded to SNMP alerts on a 24/7 basis for 400 various servers.
· Implemented system security requirements in Active Directory group policy during Win2K migration. Made sure that firm wide security standards were implemented. Worked with developers in completing and collating application compliance questionnaires.
· Chief liaison for server team when firm developed a business continuity plan. Worked in a Round the clock effort to build out alternate data center in New Jersey following the September 11th terrorist attacks. Made it possible for business to be conducted when markets re-opened in a week.
· Installed IDS systems and was responsible for intrusion monitoring on our file servers. Performed penetration testing on all systems to verify security standards.
· Planned and implemented a project to install a dual fiber path from firm’s 30+ file servers to Hitachi managed storage. Ensured fault tolerant connections to SAN.
· Designed, implemented and installed Windows active high availability 2-node cluster servers for firm’s file, application and IIS servers. Created documentation for server builds for both stand alone and clustered servers for firm enterprise wide use.


Systems Administrator Manager-Municipal Bonds
Managed a staff of 6 help desk and 2nd level support techs for Bond department.
· Migrated and upgraded 200+ users in Municipal Bond Department in four US cities from legacy hardware and software to new desktops and servers with NT OS, Exchange mail and domain controllers. Project was completed within 2 weeks and one month ahead of scheduled. Maintained desktop inventory and managed desktop upgrades and new installs using Microsoft SMS and SQL servers.
· Installed Windows NT Remote Access server with multiple dial-in lines for Bond department. Configured this server with Ace security client software and provided users with RSA SecureID token cards. Result was remote access while maintaining high security concerns. This was in advance of a year of firm’s secure enterprise RAS solution.

Fortune 500 Financial Services Firm – name available on request
Jul. 95 – May 97

Systems Administrator-High Yield/Fixed Income
The main 2nd level support contact for over 100 bankers, sales and traders.
· Installed, administered and managed all aspects and facets of an NT domain for high yield debt trading and sales department. This included installing NT servers, setting up centralized user profiles to enable’ free seating’ for users, print queues, installing server based custom applications and tape backups of domain controllers. Moved users off legacy protocol to TCP/IP and increased throughput for applications across the board.
· Oversaw the installation of ISDN and RAS connections for remote users. Allowed users to access network remotely for first time from home.
· Administered and maintained NetWare 3.12 server on which mission critical debt trading system resided. Provided access for analysts to IP based, historical and financial databases plus real time market data such as Open Bloomberg and Reuters.
· Provided personal overall technology guidance for senior managing directors including but not limited to PDA products, voice recognition systems and Internet issues.

Major Broadcasting company – name available on request
Apr. 95 – Jul. 95

ABC/CAPITAL CITIES
Consultant-LAN and Desktop Support
· Provided support for all divisions, including news on a variety of platforms and protocols, including NetWare 3.x, Windows for Workgroups, and Windows NT. Migrated workstation news feed programs from Dos to Windows based.
· Installed and administered Windows NT 3.5 servers in News division.


EDUCATION: Bachelor of Arts from The State University of New York at Brockport
Diploma in Cobol Programming from New York University
IT Training: Win 2000-Advanced Server, Designing a Secure Win2000 Network, Microsoft TCP/IP, Microsoft TCP/IP, Cisco Routers & Switches (CCNA), Brocade SAN Technology, Project Management Institute training for PMI exam.

CERTIFICATIONS:
· Certified Information Systems Security Professional (CISSP) #51571 - granted by the International Information Systems Security Certification Consortium

Interests

My favorite films? Anything starring Alec Guiness, especially those pictures that came out of the Ealing Films studios in England during the late 1940's and early 1950's. It's hard to pick the best of the lot but "The Man in the White Suit" made in 1953 comes close.