Scott Small
phone: 650.302.1427
7473 Dumas Drive, Cupertino, CA 95014
Objective:A Security Engineer position in a dynamic and rewarding environment that will allow me to build upon my past experiences with complex projects.
Summary:Experienced security engineer with a diverse systems administration background that spans both commercial and federal environments.
- Effective communicator and team member
- Over 10 years of experience in architecture and analysis of complex systems
- Attained a federal security clearance that involved an extended background investigation for positions of public trust
Most Recent Experience:
Sr. Security Engineer, Responsible Solutions, Ltd. October 1999 - May 2002
Primary client: United States Postal Service
San Mateo, CA
- Security Review of architecture and procedures for a national ID verification project.
- Security responsibility for and the Internet face of the USPS
- Systems Architect of a large-scale Certification Authority. Executed project through the root key generation ceremony. Created root keys for inclusion in MS Internet Explorer and Netscape Navigator. Worked with auditors and Security Officers to ensure regulatory compliance.
Network Manager, Atari Games Corporation June 1997 - September 1999
Milpitas, CA
- Replaced preexisting security infrastructure to better protect corporate assets.
- Redesigned corporate network to improve throughput.
- Performed design review and analysis for a proposed nationwide on-line gaming network.
Systems Administrator, Sequent Associates March 1996 - May 1997
Primary client: Siemens AG (Automotive Division)
Sunnyvale, CA USA / Regensburg, Bavaria Germany
- Supported a crew of German programmers on a Navigation Systems R&D effort started as a crash joint development project in Sunnyvale, California.
- Established the development team's Internet and transatlantic WAN connectivity to enable collaboration with remote team members.
- Physically relocated R&D network from Sunnyvale, California to Regensburg, Germany with minimal downtime. Remained in Germany for 4 months to provide ongoing support.
Relevant concepts and technologies:
Policy & Procedure – risk assessment, design review, policy development, forensics, incident response, capacity planning, business continuance planning, disaster recovery
Network Security - Checkpoint Firewall-1, firewall toolkit (fwtk), ipchains, service proxy, stateful inspection, packet filter, tcpdump, sniffer, NIDS
Host Security – vulnerability assessment, system hardening, system auditing, access control, biometrics, nmap, tripwire, whisker, log monitoring, HIDS
Encryption - certification authority, public key infrastructure (PKI), X509v3 certificate, CRL, PKCS, SSL, ssh, FIPS-140, key storage unit, cryptographic accelerator
OS & Systems – UNIX/Linux/Solaris/IRIX/BSD, MS Windows 95/98/NT/2000, Cisco IOS, Sun ultraSparc, Silicon Graphics MIPS, Wellfleet, Bay Networks, ICE, embedded systems
Storage - data replication, samba, SMB, CIFS, NFS, EMC Symmetrix, SymmConsole, failover, volume manager, journaling filesystem, fiberchannel, Veritas NetBackup, Alexandria,Legato Networker
Protocols/Services - TCP/IP, UDP, SMTP, sendmail, NIS/YP, DNS/BIND, LDAP, syslog