Emory University 2008-2012, 2014-
- Monitored and tuned systems for security incident and anomaly
detection, including IDS, SIEM, and Netflow
- Responded to security incidents: conducted
investigations, performed forensic analysis, wrote reports
- Designed and implemented a technique to take automatic action
based on SIEM alerts, and used this technique to solve chronic issue
with compromised accounts
- Developed and operated system for vulnerability scanning and
reporting
- Designed and implemented a tool to provide centralized reporting
and managing of Apple FileVault 2 disk
encryption
- Designed and implemented an advanced demographic reporting tool
for analyzing data from PhishMe phishing awareness
training
- Designed, implemented, and maintained a highly available web
hosting environment for over 200 critical sites and applications
- Designed, implemented, and operated Shibboleth SAML web single sign-on
system, and modified systems to use SSO
- Designed and implemented an automated file deployment system
using Subversion
and rsync
- Wrote and maintained extensive user-facing documentation,
contributing more articles to the local knowledge base system than
any other employee
University of California, San Francisco 2012-2014
- Designed an implemented fully redundant disaster recovery
environment in Amazon AWS for
identity management systems including SSO, LDAP, and web
applications
- Operated and maintained Shibboleth SAML web single sign-on
system with more than 200 integrations, and modified applications to
use SSO
- Developed and deployed Chef cookbooks and
configurations to automatically deploy and manage systems
- Developed and presented workshops on integrating with SAML
single sign-on
- Developed web applications and data integrations in PHP and Grails
- Wrote and maintained extensive user-facing documentation
Brandeis University 2004-2008
- Responsible for all production UNIX machines, including a
10,000-user email system
-
Developed and operated custom security systems for vulnerability
scanning and reporting, network traffic analysis, compromised
account detection, and DMCA complaint automation
- Designed and helped implement a high availability, scaleable
email architecture capable of withstanding the loss of an entire
data center
-
Developed policies, delivered presentations and wrote documentation
to promote institutional security. One creative technique coincided
with a 70% reduction in infections.
- Designed, implemented, and operated Snort network intrusion detection
system
- Designed, implemented, and operated CoSign web single sign-on system,
and modified systems to use SSO
- Wrote a suite of switch and
router management utilities to simplify network
admininistration
- Designed and implemented a secure server access model based on
SSH keys and proxying
-
Performed original security research, discovering and reporting
vulnerabilities in products from companies including Cisco, Aruba,
and Brocade