Owen Patrick Crow
1026 Candlelight Lane
Houston, TX 77018
+1 713 680-3830
ocrow-at-io.com
I am interested full time positions as a senior security analyst or security architect in Information Security.
· Designed, deployed and maintained a distributed internal network intrusion detection system (NIDS) based on Snort, ACID, MySQL and customized open source software.
· Diagnosed security and network issues using tcpdump, Ethereal, ntop, nmap, and others.
· Designed and deployed web-based self-scanning tools to help users verify their compliance with security polices and best practices.
· Installed vulnerability assessment system (Nessus). Designed policies and procedures for using Nessus as part of production change control and general security assessment.
· Performed ad-hoc vulnerability assessments/pen tests for new vulnerabilities and compliance testing.
· Authored enterprise-wide security policies, standards and guidelines.
· Performed extensive incident response involving discovering and sandboxing new malware.
· Performed computer forensic analysis using EnCase and open source tools. Provided testimony based on evidence gathered.
· Taught secure practices to users, developers and other IT staff and advised on design choices.
· Assessed vendor solutions and made purchase recommendations.
· Discovered directory traversal vulnerability in McAfee’s ePolicy Orchestrator agent software (2003, http://secunia.com/advisories/9413/).
· Performed quantitative risk analysis on BMC-wide risks in order to maximize the return on investment for security countermeasures.
· Maintained services as part of a support team for R&D on an extremely heterogeneous server farm including AIX, Solaris, HP-UX, Linux, Tru64 Unix, Reliant Unix and others.
· Installed and maintained network time servers (NTP) based on GPS, WWVB, and CDMA time synchronization sources.
· Wrote and maintained support scripts in Perl and shell that secured user access, logged activity, monitored performance, created custom reports, and converted data from third party applications.
· Performed cyclical and major upgrades of the Lawson software.
· Monitored application performance and produced metrics for needed upgrades
· Handled day-to-day user requests including direct telephone support
Worked at two petroleum companies, a leading insurance company, an international entertainment company, and a leading personal computer manufacturer as a consultant.
· Administered Unix for three SAP R3 clusters on IBM RS6000 and SP2 systems plus an IBM ADSM backup server with a 3590 tape library (17 servers in all.)
· Developed user and administrator-level security procedures for Unix systems.
· Developed and maintained support scripts in shell and Perl to automate Unix administration.
1989-1994 Bachelor of Science in Computer Engineering
GPA: 3.375 in major, 3.234 overall
· SANS Community Instructor for Security Essentials course (401-GSEC).
· Mentor in the SANS Local Mentor program, Track 1 (GSEC). Lead group in study of the SANS Security Essentials during eleven two-hour sessions with hands-on training.
· GCIH – SANS GIAC Certified Incident Handler, 2005-04-08
· GSEC – SANS GIAC Security Essentials Certified, 2004-09-30
· CISSP (Certified Information Systems Security Professional) from International Information Systems Security Certifications Consortium, Inc. February 23, 2002, February, 2005.
· IBM Certified Advanced Technical Expert for RS/6000 AIX V4.2. June 1998.
· Certified as an Engineer-in-Training by the Texas State Board of Registration for Professional Engineers, January 26, 1996.
Last updated February 28, 2007