David E. Thiel
Principal Security Consultant, iSEC Partners, Inc. July 2006 - Present
- White box and black box penetration testing of a wide variety of high-profile web applications, desktop software, server software, embedded devices and network environments.
- Security architecture review of various production software and infrastructure, as well as embedded device architecture, communication and encryption schemes.
- Source review of applications in C, C++, Java, C# and Objective C.
- Debugging and exploit development for software in C/C++.
- Development work in Python on public and private internal tools.
- Research in the areas of media technologies, rich web content and instant messaging.
Security Architect, Shopping.com December 2004 - July 2006
- Designed, implemented, and wrote tools to support a Kerberos/LDAP-based centralized authentication and authorization system, for both UNIX systems and in-house applications.
- Implemented host-based intrusion detection and centralized logging for 2000+ UNIX and Windows machines, creating custom tools for HIDS event reporting and host management.
- Deployed and performed daily maintenance and monitoring of a Sourcefire-based Network Intrusion Detection System for corporate offices and multiple production hosting facilities.
- Conducted application penetration testing against in-house applications, reporting security weaknesses and risk analyses to engineering groups for correction. Used both automated and manual means for vulnerability detection.
- Defined access control policies for role-based authorization and privilege escalation in production and development environments, using sudo, cfengine, and LDAP-based access control.
- Instrumental in Sarbanes-Oxley compliance efforts, owner of the majority of systems, network and information security controls. Wrote internal security policies and standards, worked to identify potential areas of deficiency, and led efforts to correct them.
- Managed vendor selection, security product evaluation, and dedicated security budget.
IT Manager (Part-time Contract), Jigsaw Data Corporation October 2004 - June 2005
- Conducted penetration testing on in-house developed applications, production networks, and production systems and devices. Assisted in resolution of exposed security weaknesses.
- Responsible for purchase, configuration, testing and administration of production x86 Linux systems, Cisco PIX clusters, switches, Cisco LocalDirectors, RAID arrays, and corporate development/QA labs.
- Managed equipment selection and purchasing to expand datacenter environment, adding in full network and system redundancy, load balancing, and network segmentation.
- Managed production and corporate firewalls and VPN Client-to-LAN / LAN-to-LAN access.
- Worked with engineering team to identify and eliminate performance bottlenecks and plan for future capacity requirements.
Systems/Security Architect, NetEnrich, Inc. November 2004 - May 2005
- Designed and built prototype KVM/Datacenter management appliance in an early-stage startup environment.
- Designed secure architecture and for encrypted communications between client, management appliance, and KVM controllers.
- Performed OS customization/hardening/minimization, webserver configuration, and application reliability testing.
- Worked with hardware vendors to design x86-based appliance prototypes meeting cost and performance requirements.
- Wrote user interface and backend for OS and application configuration.
- Assisted with product UI and feature design.
Security Administrator, WagerWorks, Inc. August 2002 - July 2004
- Designed and applied security policies to production OSes and applications, including the hardening of Solaris, Linux, Apache, WebLogic, remote access, DMZ design, proxy architecture, firewall security, and DNS and mail services in an online gaming ASP environment serving several high-profile casinos.
- Designed mechanisms and network devices to mitigate DDoS attacks on customer sites, worked with backbone providers and law enforcement to combat organized attacks.
- Conducted comprehensive penetration testing program, exposing and correcting weak points in both public and corporate network security.
- Implemented centralized intrusion detection with Snort, MySQL and Samhain, collecting data over secure channels from local and remote locations to a central database and display system for analysis.
- In addition to deploying and maintaining Cisco PIX firewalls, designed Linux and FreeBSD-based firewalls with integrated load-balancing and HA.
- Managed VPNs for Client-to-LAN access, management-LAN access, and connectivity to remote offices.
- Conducted staff training of both Engineers and System Administrators in security best practices.
Sr. Hosting Operations Engineer, NexPrise, Inc. June 2000 - June 2002
- Design, administration and maintenance of Solaris, FreeBSD, and Linux server environment in a 3-tier ASP architecture, with a focus on redundancy, reliability, and security. Clients primarily Fortune 100 companies.
- Security auditing and enhancement of the product and hosting offerings, including active and passive intrusion detection, cryptographic authentication, penetration testing, and DoS resistance. Developed and implemented policies to improve production site security.
- Design and implementation of a monitoring and notification system for hosted architecture, tracking server load, Oracle instances, network performance, and other critical system statistics and services. Authoring of system extensions in Python and Bourne shell, including client-side session performance monitoring.
- Configuration, hardening, and maintenance of Oracle, Apache-SSL/Jserv/Tomcat, IPF-based firewalls, qmail, POP3, IMAP/SSL, and sendmail.
Computer Specialist, US Department of the Interior, USGS July 1999 - May 2000
- Administered Solaris, FreeBSD, Linux, DG/UX, Windows NT, and WinNT Terminal Server Edition servers in a datacenter environment.
- Developed and implemented strategies for better security practices, including extensive use of encryption, BSD login classes, chrooted server applications, host and router-based packet filtering, TCP wrappers, intrusion detection, and proactive security auditing.
- Assisted and instructed other districts nationwide implement similar security procedures as part of the national WRD Security Team.
Systems Administrator/HW Technician, DCWI, Inc. June 1995 - May 1999
- Assisted in configuration and maintenance of FreeBSD servers, Cisco routers, and modem banks for a local ISP of approximately 1000 customers.
- Assisted with implementation of secure commerce applications for business clients using Stronghold and Perl/Perlshop.
- Installed Windows NT and FreeBSD based LANs, firewalls, and internet connectivity for corporate customers.
- Performed troubleshooting, repair, and upgrading of third-party manufactured systems, peripherals, and software.
Computer Consultant, Purdue University Computing Center April 1997 - April 1999
- Assisted students and faculty in UNIX, MacOS, Solaris and Windows system operations, including web development and statistical analysis.
- Performed troubleshooting and repair of computing systems and peripherals.
- Committer, FreeBSD
- Co-author/Presenter, Living in the RIA World
(Black Hat Vegas 2008, DEFCON 16, PacSec 2008)
- Author/Presenter, Exposing Vulnerabilities in Media Software
(Black Hat Vegas 2007, Black Hat EU 2008)
- Author, Fuzzbox
- Porter/maintainer, several FreeBSD ports
- Author, Nihongobot
- Minor contributor, FreeVRRPd, cmus, curl
| Security: |
Application and network penetration testing,
protocol analysis, fuzzing, architecture review, source code review,
anti-DDoS, IDS |
| Languages: |
Python, Objective C, C, Bourne shell and LATEX. Familiar
with C++ and Java. Conversational in Japanese. |
| Software: |
Osiris, Samhain, Nessus, Qualys, Snort,
Tripwire, Squid, tcpdump/snoop/wireshark, WebScarab,
IPF/PF, MIT Kerberos, OpenLDAP, Apache, WebLogic, Tomcat,
Oracle, MySQL, qmail, Postfix, djbdns,
BIND 4/8/9, Solaris Jumpstart |
| Operating Systems: |
FreeBSD 2.x-8.x, Solaris 2.6-10,
MacOS X, Linux (RedHat, Fedora, Ubuntu), OpenBSD, Windows
2K/XP/NT, Citrix Metaframe, Cisco IOS, DG/UX |
Purdue University 1997-2000
Major: Computer Technology
Major GPA: 3.5
PGP: http://redundancy.redundancy.org/lx.gpg
Fingerprint: 482A 8C46 C844 7E7C 8CBC 2313 96EE BEE5 1F4B CA13
http://redundancy.redundancy.org/resume.pdf
http://redundancy.redundancy.org/resume.html
http://redundancy.redundancy.org/resume.txt
David E. Thiel, lx-jobs2008 [@at@] redundancy.redundancy.org