The Resume of Shawn Grimes

Shawn Grimes, CISSP
Aberdeen,MD
http://claimid.com/shawn
shawn [at] aimsniff [dot] com

Certifications

  • CISSP, Certificate ID: 42383

  • Tripwire Certified Professional

Skills
Programming Languages:Perl, PHP, Unix Shell Scripting,Visual Basic,C++, Java, Version control with CVS and Subversion
Database Experience:MySQL, MS SQL, MS Access, Oracle, DB2
Web Servers:Apache, IBM HTTP Server
Operating System Experience: FreeBSD, Red Hat Linux, Debian Linux,HP/UX, Solaris, AIX, Windows 98, NT (Workstation & Server),2000/3, XP
Security Tools:

  • AntiVirus with Symantec Enterprise Server and McAfee ePolicy Orchestrator
  • Network Intrusion Detection Systems (NIDS) with Snort and Sourcefire
  • Identity Management 
    • Control-SA
    • Role Based Access Control
    • Web Access Management
    • ONT’s DirectorySmart/Universal Identity Platform (J2EE)
    • IBM Directory Server (LDAP)
  • Encryption with PGP Certificate Server and PGP client, GuardianEdge hard drive encryption
  • Host-based Intrusion Detection Systems (HIDS) with Tripwire and Samhain, McAfee HIPS
  • Firewalls with Bridge-Netfilter and Iptables firewall
  • Forensics with The Coroner’s Toolkit and Tripwire
  • Network and Packet Analysis using Nmap network scanner, TCPDump traffic and protocol analyzer, Ethereal/Wireshark traffic and protocol analyzer
  • Patch Management with HFNetChk Pro and UpdateExpert
  • Vulnerability Scanning with Nessus vulnerability scanner and ISS Internet Scanner

Personal Projects/Publications


Experience
December 2006 – Present
Legg Mason – Senior Security Architect
Baltimore, MD

  • Identified security needs of the company and evaluated/implemented solutions 
  • Automated many manual tasks through the use of scripting. 
  • Implemented a mobile security program utilizing hard disk encryption and Host Intrusion Prevention System (HIPS) solutions. 
  • Implemented an anti-spam solution that dramatically reduced received spam by more than 30%. 
  • Presently evaluating data loss prevention solutions and log management solutions 
  • Providing guidance on Tivoli Identity Management implementation 

July 2006 – December 2006
IBM – Senior Security Consultant
Baltimore, MD

  • Team Lead for security of a government client 
  • Provided guidance and technical suggestions for solutions
    to client
    needs and audit issues 
  • Worked with IDS, User Management with Control-SA, role
    based access
    control, event correlation, vulnerability detection and
    remediation 
  • Worked with the client to generate reports using SQL and
    the Control-SA
    Oracle backend database. 

August 2004 – July 2006
CareFirst BlueCross BlueShield – SeniorSecurity Architect
Baltimore, MD

  • Team lead and architect in the Application and Identity
    Management
    group of the Information Security Section 
  • Designed LDAP implementation for
    application authentication 
  • Architected solutions for LDAP administration and
    performance
    monitoring. 
  • Administered Open Network’s Web Access Control (now BMC’s
    Universal
    Identity Platform) product for authentication and authorization of
    e-commerce applications for over 500,000 users/customers across 15
    applications. 
  • Administered BMC’s Control SA product for centralization of
    identity
    management and password synchronization including automation
    scripts for Active Directory, 110 UNIX systems, LDAP, and custom
    applications. This included the
    development of custom agents for CareFirst applications. 
  • Produced reports for SAS-70 and SOX audits of access
    controls for
    Active Directory, UNIX, and e-commerce systems. 

May 2000-August 2004
National Institute on Aging –  Lead Security Analyst/Programmer/Network Administrator/Database Administrator
Baltimore, MD

  • Administration of file servers, proxy servers, high
    availability web
    servers, database
    servers, backup systems 
  • Designed and implemented security architecture
    including: 
    • Firewalls 
    • Network Intrusion Detection Systems 
    • Host Based Intrusion Detection Systems with
      Tripwire 
    • Web Content Filtering System 
  • Developed Centralized Desktop Backup System 
  • Developed and implemented security policies and procedures
    including: 
    • Incident Response Guidelines 
    • Disaster Recovery Plans 
    • Acceptable Use Guidelines 
  • Certification and Accreditation tasks and risk
    assessments 
  • Developed software that addressed security needs and system
    administration tasks. 
  • Performed forensics analysis on computers and servers
    suspected of
    being compromised. 
  • Performed vulnerability testing and penetration testing of
    critical
    systems. 
  • Performed various web-based and application programming
    tasks when
    required. 
  • Member of NIH Enterprise Architecture Review
    Board. 
  • Access Management with Active Directory and 25 UNIX
    systems. 
  • Network Management with HP Pro-Curve switching
    hardware 

1998–2002 Musicians’ Association of Metropolitan Baltimore- Programmer/Network Administrator
Baltimore, MD 

  • Upgraded and restored computer systems and the
    LAN. 
  • Identified the needs of the client and then developed a
    database driven
    application for
    membership tracking and reporting 

May 99-Aug 99
Baltimore Gas Electric – Programmer
Baltimore, MD 

  • Developed a multi-user procurement tracking database and
    front end
    application
    using Microsoft Access 2000 and Visual Basic for Applications. 

May 98-Aug 98
National Institute on Aging – Network Administrator/Helpdesk
Baltimore, MD 

  • General computer maintenance and repair. 
  • Network Management with HP Pro-Curve switching
    hardware. 

Education
2007–Present
Capitol College

  • Pursuing Master’s degree in Information Assurance. 

1998–2002
Capitol College

  • Bachelor of Science Degree in Software and Internet
    Applications. 
  • Cumulative GPA 3.49 
  • Member of National Honor Society 

Awards

  • Torch Award from CareFirst 
  • 2x – People Processing Information Employee Recognition
    Award 
  • 2x – NIA/IRP Employee Recognition Award for Excellent
    Service 
  • Eagle Scout, Class of 1998

No comments yet.

Leave a Reply