• Save
Dave Sweigert CISSP CISA PMP  CV
Upcoming SlideShare
Loading in...5
×
 

Dave Sweigert CISSP CISA PMP CV

on

  • 686 views

Dave Sweigert CV

Dave Sweigert CV

Statistics

Views

Total Views
686
Views on SlideShare
686
Embed Views
0

Actions

Likes
0
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Dave Sweigert CISSP CISA PMP  CV Dave Sweigert CISSP CISA PMP CV Document Transcript

  • DAVE SWEIGERT BACKGROUND:  IT core infrastructure security expert (operating systems, networking security, Auth/Auth).  Seasoned and experienced communicator with senior management and technical staff.  Well versed in legal, privacy, technology-risk, standards, compliance and framework issues. CERTIFICATIONS:  Certified Information Systems Security Professional, No. 29416 (CISSP)  Certified Information Systems Auditor, No. 0646445 (CISA)  Project Manager Professional, No. 1604404 (PMP) EDUCATION:  Diploma, 700 hours, USAF Advanced Communications-Electronics Course  Associates degree, Electrical Engineering Technology (analog-digital systems)  Bachelor’s degree, Information Systems (UNIX operating systems, TCP/IP networks)  Master’s degree, Information Security (thesis “27001:2005 ISO Framework Implementation”)  Master’s degree, Project Management (thesis “Using waterfall (SDLC) methodology”) RECENT PROJECTS: 5/11 – 9/12. Consulting SME to Kaiser Permanente Foundation, Pleasanton, California  Led team of five auditors to compile, edit and refine source documents to create validate Kaiser’s Information Security program (to include: network security and AAA (identity management)).  Prepare polished Corrective Action Plans for review by Governing Board to enable risk management, prioritization of future mitigation plans, weighting of options, etc. 7/08 – 4/11. I.T. Security Lead, General Cellular Corporation, Lancaster, California  Develop risk-based information technology security assessment capability to assess network security and authorization policies and procedures used by military defense contractors.  Create review processes for telecommunications planning documents, enterprise infrastructure designs, etc. for evidence of compliance to support FISMA certification and accreditation (C&A). 11/06 – 7/08. Manager - Information Security, j2 Global Communications, Los Angeles, California  Supervise three (3) direct reports to manage day-to-day cyber security hygiene for 500 employees.  Lead PCI assessment and remediation; attest to compliance based upon my credentials.  Build VMware imaging capability to enable self-policing activity exposure and forensics (SOX). 12/05 – 9/06. Senior Consultant to Delta Dental, Sacramento, California  Perform assessment of I.T. Controls (SOX, HIPAA) to document operational effectiveness (based upon NIST 800 special publications as standard framework). Evidence attestation. Technical Skills Network Security Authentication Server Admin Virtualization Soft Skills Compliance Info Assurance Project Mgt
  • DAVE SWEIGERT RECENT CAREER HIGHLIGHTS:  Formed initial HIPAA Security evaluation team leader to Kaiser-Permanente (18 mos)  Created certification and accreditation capability for military contractor per FISMA (36 mos)  Led IT Control development for PCI and SOX as Information Security manager for J2 Global (18 mos)  Wrote and institutionalized HIPAA Security standards and guidelines for Delta Dental (9 mos)  Organized and led PCI testing and remediation driver and consultant for eFUNDS (6 mos) CAREER SUMMARY: PKI-based projects (digital signature, large scale directories) Seven years working as security infrastructure architect with project focus relying on Public Key Infrastructure (PKI), digital signatures, directory services, federated identity (IdM), identity and access management (IAM), etc. to create business-driven solutions; such as: * 2005/5: Organize, define, specify and implement comprehensive patch remediation and server hardening program to secure 375 PCI-DSS regulated servers within EBT/Card clearinghouse (eFunds, Wisconsin). * 2004/5: Refine, recommend, review architecture of SAFE Bio-Pharma Bridge CA (see below) to support multi- agency (cross border) validation of heterogeneous PKI credentials (X.509v3 certs). Deployed prototype Web servers architecture relying on cross-organizational certificate validation for the Chief Information Officer of the U.S. Department of Homeland Security (DHS). * 2003/04: Security architect for RouteOne credit portal who assisted in the definition of SAML security messages to authorize authenticated users into highly sensitive credit ratings database. Assisted in developing complex IBM WebSphere use cases to support Ford, GM, Chrysler and Toyota credit operations. * 2002/03: Drive development and deployment of secure LDAP directory services for Lexmark Corporation to support 55,000 employees, contractors and partners with attribute based access control (pseudo-RBAC). * 2001/02: Deployed prototype Bridge CA in Luxembourg on behalf of the Luxembourg Bankers' Association to create a European wide certificate validation authority. First widespread using of Online Certificate Status Protocol (OCSP) as a pre-processor to X.500/LDAP key management system. * 1999/2001: Secure LDAP directory services to support PKI for Chase Manhattan Bank (CMB). Engineering architect to define X.509v3 PKI exchange via the Federal PKI Bridge Certificate Authority (CA). * 1998/99: Secure X.500 directory services to support U.S. National Security Agency (NSA) populated with key attributes for all military Defense Messaging System users (X.400) on multi-classification (Top Secret, Secret, etc.) using PCMCIA card authentication. Network Security and Infrastructure build-out projects Five year career focus on building out developing Internet architectures to support emerging applications; such as directory services (x.500), secure messaging (X.400), network management (SNMP), DMZ deployments (DNS, SMTP, firewalls, Web services). * 1996/97: Consultant to support Lucent's network management center by monitoring client (5-12) network activities for anomalies and performance issues (to include troubleshooting broadcast storms, relying on HP OpenView SNMP utilities, deep packet inspection, etc.) * 1995/96: Establish, configure, operate and upgrade all Internet services (SMTP, DNS, etc.) for U.S. Army modeling and simulation users (2,000) to support secure messaging and interactive messaging simulations to support various war game scenarios (see Distributed Interactive Simulation (DIS)).