Professional Experience

2005 - PresentComputer Protection Program Manager, Ames Laboratory, US DOE
Manage the implementation of Department of Energy cyber security requirements, anticipate threats and guide security strategy, produce computer security policies and procedures, develop training for staff, respond to new directives, and acquire or develop security tools and controls to ensure that policy and procedure are adhered to. Currently the program includes two part time students, five staff members, and approximately 20 researchers and administrators.

Significant projects include:

  • Created a multi-threaded automated vulnerabilitiy management system using Perl, Python, and MySQL. Supports scheduled automated scanning, vulnerability status tracking, notification of users, and automated remediation detection.
  • Developed a Bayesian statistical analysis engine for Netflow data, involving the manipulation of large data sets, using object oriented Perl and the Perl packaging framework.
  • Architected an agent-based data aggregation and notification system which provides multi-level notifications on a variety events. Data gathering agents collect and preprocess inforamtion from heterogeneous sources, while alerting agents correlate data into events of interest and generate alerts to appropriate individuals. Development utilizes Perl, Python, C, and Java with interfaces to MySQL, MSSQL, and several proprietary data sources.
  • Authored security configuration documents and scripts to harden a variety of operating systems including RedHat Linux, Debian Linux, Mac OSX and Windows.

2001 - 2005System Support Specialist, Ames Laboratory, US DOE
Support server, network, and desktop services. Deploy new laboratory wide services, maintain and improve existing services, and respond to customer or DOE requests for service changes. Develop instructional documentation for users, and perform custom scripting to automate tasks, create custom data reports, and track network and computer statistics.

Significant projects include:

  • Developed a web content management system using Linux, Apache, MySQL, CVS, and Perl/PHP technologies to meet Department of Energy (DOE) documentation requirements.
  • Authored a multitude of system administration scripts, primarily in shell script or Perl, to automate user account creation and configuration, log parsing, and web page management.

1998 - 2001Student Assistant, Ames Laboratory, US DOE
Assist with desktop trouble calls from users, complete special projects such as upgrading the existing web servers, write a web-based system inventory, and implement and operate a network intrusion detection system.

1997 - 2000Partner, Pisces Interactive Web Design
CGI Programming in Perl and C, HTML coding, JavaScript, and MySQL database management to support custom web sites for clients. Company financial management and reporting.