New York security consultant / web security researcher
NY, NY • 10/12/2008
I specialize in website security security consulting.
Web hacking analysis, web penetration testing, security code reviews, etc.
See attached resume below:
David Totten
7100 Saratoga Springs Lane
Raleigh, NC 27613
(919) 641-3327 hm
QUALIFICATIONS
? Formidable technical credentials in web penetration testing
? Exceptional application and programming skills
? Outstanding Project Management Skills
COMPUTER SKILLS
? ASP.NET C, C++, Perl, Unix Shell Scripting, Java, Visual Basic, HTML, PHP, JSCRIPT
? MySQL, Microsoft SQL, Oracle, Linux, Unix
? MS project, MS excel, MS power point, MS access
? Evaluation of security vulnerabilities in Java, JSP, JSCRIPT, and Cold Fusion code
CERTIFICATIONS AND TRAINING
? CISSP
? PMP
? MCSE 4.0
? ORACLE DBA
? Network +
? Security +
EMPLOYMENT
Nortel Networks Raleigh, NC
Information Technology Consultant 2000 ? Present
? Penetration Tester(August 2005 ? present) :
? Perform technical security verification and risk analysis on various systems using automated tools and examination.
? Conduct network security and vulnerability assessments for outsourcing projects
? Made recommendations based on evaluation of assessment information from NESSUS
? utilized penetration software testing tools for security certification
? Utilized Sniffers, NMAP, NESSUS, NetStumbler, and JOHN the RIPPER
? Analyze system configurations to determine the security posture and recommend risk-mitigation solutions.
? Utilized traffic generators to diagnose CPU usage, Memory, Session capacity
? Performed Web vulnerability scanning to detect a wide range of vulnerabilities, including application, platform, and HTML weaknesses
? Utilized the webinspect vulnerability scanner to perform scans
? Analyzed reports including broken links, server errors, and timeouts
? DBA Security Application Prime(August 2005 ? present) :
? Develop DBA Security Best Practice Documents and Standards for Oracle, MS SQL, and MySQL.
? Implement DB Audit Solution for Sarbanes Oxley gaps .
? Provide DBA support for installing and upgrading , instance creation, application database setup and database monitoring and tuning of MS SQL and Oracle Servers
? Web Application Developer(August 2005 ? present) :
? Implement database driven interactive content.
? Customize information retrieval and client/server programmability.
? Supports the team in utilizing current and emerging script technologies.
? Develop publishing tracking systems, conversion tools, automation tools and procedures and miscellaneous support projects.
? Own responsibility for entire security exemptions project and web pages.
? Works closely with production staff on a project basis-Managing Security Architects or Team
? Security Project Manager(August 2005 ? present) :
? -Define project objectives, resources and schedules in conjunction with team members
? -Prepare and maintain project plans including timelines, and resources
? -Identify resource and other constraints in achieving project objectives
? -Prepare regular status and variance reports to Strategic Program Manager and team
? -Negotiate resources and plans with external support organizations
? -Monitor progress of project plans, analyze variances to plan and recommend alternatives to achieve objectives
? -Lead regularly scheduled project reviews with the team
? -Issue action items and follow-up
? -Manage issue resolution with vendors on tech / products quality and functionality
? -Lead and Managed Security Trials
? -Developed Business Case for project funding initiatives
? -Communicate project status, milestones and issues to the project sponsors
? -Track and report progress relative to time, budget, and demonstrated results
? Network Support Engineer(Sept. 2003 ? Aug. 2005):
? -Providing technical guidance for trouble shooting and issues resolution
? - Consulted customers including Bellsouth and Qwest on network infrastructure and design with NAT and Radius technologies utilizing Shasta Firewall
? - Provided Penetration Testing for new releases of software using traffic generators and reported appropriate recommendations
? - Conducted Buffer Overflow Penetration testing for Bellsouth and Qwest during VOIP trial period
? - Recommended best use VPN end to end Encryption product alternatives to customers
? -Designed and Supported multiple routing protocols, RIP, BGP, iBGP, OSPF
? -Designed and Supported network monitoring tools(MDM, HP OpenView)
? -Configured Cisco routers, Service Edge Routers, Juniper Routers and switches
? -Gathered network requirements, provided a design from approved product specifications for production networks
? -Collected and analyzed network traces
? -Provided Performance Management & Capacity Planning skills
? -Evaluated and established IP Addressing Schemes
? Technical Instructor(July 2000 ? Aug. 2003):
? Performed penetration testing demonstrations for students utilizing traffic generators and sniffers
? Constructed Nat/Firewall network infrastructure and design for students to perform testing
? Performed IPSEC VPN lectures to demonstrate the use of encryption
? -Served as a subject matter expert on Nortel security and routing products(Shasta, Contivity, Alteon, Passport, MDM)
? -Served as a subject matter expert on Nortel security technology(Firewalls, VPNs, Anti-Spoofing, Nat)
? -Develop and implement certification training and exams
? -Develop Technical Learning Modules in a variety of formats (ie. e-learning, instructor-led etc.)
? -Maintained technical training equipment on Nortel Products(Contivity VPN,SER,Alteon,Multi Service Switch Routers)
? -Analyzed program design/development, implementation, evaluation, and the control and improvement of training
AT&T Solutions Durham, NC
Network Engineer 1997 ? 2000
? - Provided Unix shell scripting and Unix Administration.
? -Tested and solved TCP/IP LAN/WAN network connectivity issues.
? -Set up, installed, and configured Cisco routers and catalyst switches.
? -Designed and Supported multiple routing protocols, EIGRP, BGP, iBGP, OSPF
? -Designed and Supported network monitoring tools(BMC Patrol, HP OpenView)
? -Configured Cisco routers, Service Edge Routers, Juniper Routers and switches
? -Gathered network requirements, provided a design from approved product specifications for production networks
? -Collected and analyzed network traces
EDUCATION
North Carolina A&T State University
Master of Science Industrial Technology May 2000
Bachelor of Science Computer Technology May 1997
Web hacking analysis, web penetration testing, security code reviews, etc.
See attached resume below:
David Totten
7100 Saratoga Springs Lane
Raleigh, NC 27613
(919) 641-3327 hm
QUALIFICATIONS
? Formidable technical credentials in web penetration testing
? Exceptional application and programming skills
? Outstanding Project Management Skills
COMPUTER SKILLS
? ASP.NET C, C++, Perl, Unix Shell Scripting, Java, Visual Basic, HTML, PHP, JSCRIPT
? MySQL, Microsoft SQL, Oracle, Linux, Unix
? MS project, MS excel, MS power point, MS access
? Evaluation of security vulnerabilities in Java, JSP, JSCRIPT, and Cold Fusion code
CERTIFICATIONS AND TRAINING
? CISSP
? PMP
? MCSE 4.0
? ORACLE DBA
? Network +
? Security +
EMPLOYMENT
Nortel Networks Raleigh, NC
Information Technology Consultant 2000 ? Present
? Penetration Tester(August 2005 ? present) :
? Perform technical security verification and risk analysis on various systems using automated tools and examination.
? Conduct network security and vulnerability assessments for outsourcing projects
? Made recommendations based on evaluation of assessment information from NESSUS
? utilized penetration software testing tools for security certification
? Utilized Sniffers, NMAP, NESSUS, NetStumbler, and JOHN the RIPPER
? Analyze system configurations to determine the security posture and recommend risk-mitigation solutions.
? Utilized traffic generators to diagnose CPU usage, Memory, Session capacity
? Performed Web vulnerability scanning to detect a wide range of vulnerabilities, including application, platform, and HTML weaknesses
? Utilized the webinspect vulnerability scanner to perform scans
? Analyzed reports including broken links, server errors, and timeouts
? DBA Security Application Prime(August 2005 ? present) :
? Develop DBA Security Best Practice Documents and Standards for Oracle, MS SQL, and MySQL.
? Implement DB Audit Solution for Sarbanes Oxley gaps .
? Provide DBA support for installing and upgrading , instance creation, application database setup and database monitoring and tuning of MS SQL and Oracle Servers
? Web Application Developer(August 2005 ? present) :
? Implement database driven interactive content.
? Customize information retrieval and client/server programmability.
? Supports the team in utilizing current and emerging script technologies.
? Develop publishing tracking systems, conversion tools, automation tools and procedures and miscellaneous support projects.
? Own responsibility for entire security exemptions project and web pages.
? Works closely with production staff on a project basis-Managing Security Architects or Team
? Security Project Manager(August 2005 ? present) :
? -Define project objectives, resources and schedules in conjunction with team members
? -Prepare and maintain project plans including timelines, and resources
? -Identify resource and other constraints in achieving project objectives
? -Prepare regular status and variance reports to Strategic Program Manager and team
? -Negotiate resources and plans with external support organizations
? -Monitor progress of project plans, analyze variances to plan and recommend alternatives to achieve objectives
? -Lead regularly scheduled project reviews with the team
? -Issue action items and follow-up
? -Manage issue resolution with vendors on tech / products quality and functionality
? -Lead and Managed Security Trials
? -Developed Business Case for project funding initiatives
? -Communicate project status, milestones and issues to the project sponsors
? -Track and report progress relative to time, budget, and demonstrated results
? Network Support Engineer(Sept. 2003 ? Aug. 2005):
? -Providing technical guidance for trouble shooting and issues resolution
? - Consulted customers including Bellsouth and Qwest on network infrastructure and design with NAT and Radius technologies utilizing Shasta Firewall
? - Provided Penetration Testing for new releases of software using traffic generators and reported appropriate recommendations
? - Conducted Buffer Overflow Penetration testing for Bellsouth and Qwest during VOIP trial period
? - Recommended best use VPN end to end Encryption product alternatives to customers
? -Designed and Supported multiple routing protocols, RIP, BGP, iBGP, OSPF
? -Designed and Supported network monitoring tools(MDM, HP OpenView)
? -Configured Cisco routers, Service Edge Routers, Juniper Routers and switches
? -Gathered network requirements, provided a design from approved product specifications for production networks
? -Collected and analyzed network traces
? -Provided Performance Management & Capacity Planning skills
? -Evaluated and established IP Addressing Schemes
? Technical Instructor(July 2000 ? Aug. 2003):
? Performed penetration testing demonstrations for students utilizing traffic generators and sniffers
? Constructed Nat/Firewall network infrastructure and design for students to perform testing
? Performed IPSEC VPN lectures to demonstrate the use of encryption
? -Served as a subject matter expert on Nortel security and routing products(Shasta, Contivity, Alteon, Passport, MDM)
? -Served as a subject matter expert on Nortel security technology(Firewalls, VPNs, Anti-Spoofing, Nat)
? -Develop and implement certification training and exams
? -Develop Technical Learning Modules in a variety of formats (ie. e-learning, instructor-led etc.)
? -Maintained technical training equipment on Nortel Products(Contivity VPN,SER,Alteon,Multi Service Switch Routers)
? -Analyzed program design/development, implementation, evaluation, and the control and improvement of training
AT&T Solutions Durham, NC
Network Engineer 1997 ? 2000
? - Provided Unix shell scripting and Unix Administration.
? -Tested and solved TCP/IP LAN/WAN network connectivity issues.
? -Set up, installed, and configured Cisco routers and catalyst switches.
? -Designed and Supported multiple routing protocols, EIGRP, BGP, iBGP, OSPF
? -Designed and Supported network monitoring tools(BMC Patrol, HP OpenView)
? -Configured Cisco routers, Service Edge Routers, Juniper Routers and switches
? -Gathered network requirements, provided a design from approved product specifications for production networks
? -Collected and analyzed network traces
EDUCATION
North Carolina A&T State University
Master of Science Industrial Technology May 2000
Bachelor of Science Computer Technology May 1997
Posted by: dtotten
Located: NY, NY
(No map found for this address)