Shawn Grimes, CISSP
Certifications
- CISSP, Certificate ID: 42383
- Tripwire Certified Professional
Skills
Programming Languages:Perl, PHP, Unix Shell Scripting,Visual Basic,Cocoa, Objective-C, C++, Java, Version control with CVS and Subversion
Database Experience:MySQL, MS SQL, MS Access, Oracle, DB2
Web Servers:Apache, IBM HTTP Server
Operating System Experience: FreeBSD, Red Hat Linux, Debian Linux,HP/UX, Solaris, AIX, Windows 98, NT (Workstation & Server),2000/3, XP
Security Tools:
- AntiVirus with Symantec Enterprise Server and McAfee ePolicy Orchestrator
- Network Intrusion Detection Systems (NIDS) with Snort and Sourcefire
- Centralized log management and monitoring with Splunk
- Encrypted email with Voltage.
- Identity Management
- Control-SA
- Role Based Access Control
- Web Access Management
- ONT’s DirectorySmart/Universal Identity Platform (J2EE)
- IBM Directory Server (LDAP)
- Tivoli Identity Manager
- Encryption with PGP Certificate Server and PGP client, GuardianEdge hard drive and USB encryption
- Host-based Intrusion Detection Systems (HIDS) with Tripwire and Samhain, McAfee HIPS
- Firewalls with Bridge-Netfilter and Iptables firewall
- Forensics with The Coroner’s Toolkit and Tripwire
- Network and Packet Analysis using Nmap network scanner, TCPDump traffic and protocol analyzer, Ethereal/Wireshark traffic and protocol analyzer
- Patch Management with HFNetChk Pro and UpdateExpert
- Vulnerability Scanning with Nessus vulnerability scanner and ISS Internet Scanner
Personal Projects/Publications
- Wrote documentation for Bridge-Netfilter firewall project (referenced on http://www.securityfocus.com/infocus/1737 and archived at http://www.shawnsbits.com/resume-files/Firewalling_for_free.pdf).
- September issue of Information Security Magazine, “IDS Users Roundtable”.
- Delivered presentation on “IT Security” at the Security Technology Symposium 2002
- Built a Perl program in my spare time to monitor Instant Messages on a local area network, http://www.aimsniff.com
- Developed PosePad, an iPad application for photographers
- Developed StackEm, an iPhone/iPad game
Experience
December 2006 – Present
Legg Mason – Senior Security Architect
Baltimore, MD
- Identified security needs of the company and evaluated/implemented solutions
- Automated many manual tasks through the use of scripting.
- Implemented a mobile security program utilizing hard disk encryption and Host Intrusion Prevention System (HIPS) solutions.
- Implemented an anti-spam solution that dramatically reduced received spam by more than 30%.
- Implemented a centralized log management solution utilizing Splunk.
- Implemented encrypted email solution with Voltage.
- Provide guidance and recommendations for remediation of audit findings.
- Providing guidance on Tivoli Identity Management implementation
July 2006 – December 2006
IBM – Senior Security Consultant
Baltimore, MD
- Team Lead for security of a government client
- Provided guidance and technical suggestions for solutions
to client
needs and audit issues - Worked with IDS, User Management with Control-SA, role
based access
control, event correlation, vulnerability detection and
remediation - Worked with the client to generate reports using SQL and
the Control-SA
Oracle backend database.
August 2004 – July 2006
CareFirst BlueCross BlueShield – SeniorSecurity Architect
Baltimore, MD
- Team lead and architect in the Application and Identity
Management
group of the Information Security Section - Designed LDAP implementation for
application authentication - Architected solutions for LDAP administration and
performance
monitoring. - Administered Open Network’s Web Access Control (now BMC’s
Universal
Identity Platform) product for authentication and authorization of
e-commerce applications for over 500,000 users/customers across 15
applications. - Administered BMC’s Control SA product for centralization of
identity
management and password synchronization including automation
scripts for Active Directory, 110 UNIX systems, LDAP, and custom
applications. This included the
development of custom agents for CareFirst applications. - Produced reports for SAS-70 and SOX audits of access
controls for
Active Directory, UNIX, and e-commerce systems.
May 2000-August 2004
National Institute on Aging – Lead Security Analyst/Programmer/Network Administrator/Database Administrator
Baltimore, MD
- Administration of file servers, proxy servers, high
availability web
servers, database
servers, backup systems - Designed and implemented security architecture
including:- Firewalls
- Network Intrusion Detection Systems
- Host Based Intrusion Detection Systems with
Tripwire - Web Content Filtering System
- Developed Centralized Desktop Backup System
- Developed and implemented security policies and procedures
including:- Incident Response Guidelines
- Disaster Recovery Plans
- Acceptable Use Guidelines
- Certification and Accreditation tasks and risk
assessments - Developed software that addressed security needs and system
administration tasks. - Performed forensics analysis on computers and servers
suspected of
being compromised. - Performed vulnerability testing and penetration testing of
critical
systems. - Performed various web-based and application programming
tasks when
required. - Member of NIH Enterprise Architecture Review
Board. - Access Management with Active Directory and 25 UNIX
systems. - Network Management with HP Pro-Curve switching
hardware
1998–2002 Musicians’ Association of Metropolitan Baltimore- Programmer/Network Administrator
Baltimore, MD
- Upgraded and restored computer systems and the
LAN. - Identified the needs of the client and then developed a
database driven
application for
membership tracking and reporting
May 99-Aug 99
Baltimore Gas Electric – Programmer
Baltimore, MD
- Developed a multi-user procurement tracking database and
front end
application
using Microsoft Access 2000 and Visual Basic for Applications.
May 98-Aug 98
National Institute on Aging – Network Administrator/Helpdesk
Baltimore, MD
- General computer maintenance and repair.
- Network Management with HP Pro-Curve switching
hardware.
Education
2007–Present
Capitol College
- Pursuing Master’s degree in Information Assurance.
1998–2002
Capitol College
- Bachelor of Science Degree in Software and Internet
Applications. - Cumulative GPA 3.49
- Member of National Honor Society
Awards
- Torch Award from CareFirst
- 2x – People Processing Information Employee Recognition
Award - 2x – NIA/IRP Employee Recognition Award for Excellent
Service - Eagle Scout, Class of 1998