|Email:||mkrygier (at) hotmail (dot) com [email concealed]|
|Location:||London, , United Kingdom|
MICHAEL KRYGIER, CISA, CISSP, SSCP
Chemin des Deux Communes 29
1226 Geneva, Switzerland
Mobile: 079 863 6790
Email: mkrygier (at) hotmail (dot) com [email concealed]
Canadian Citizen Swiss B Permit
Ambitious and challenge-driven information security professional. Team builder who interacts well with all levels, thrives in a fast-paced environment of ongoing change. Resourceful, project-driven, highly organized and efficient.
Articulate communicator and negotiator, simplifies technology language; exudes energy and confidence. Visionary, sees the big picture while critically analysing the details. Core expertise includes:
* Network Security
* Systems Security
* Network Management
* Network Design
* Documentation, Diagrams, Reports
* Data Centre Operations
CheckPoint NGX, Checkpoint UTM-1 Edge, Juniper Netscreen (ISG 1000, NS500, SSG540), Cisco ASA, Cisco PIX, Provider-1, Nokia IP Firewalls (IPSO), Proventia IDS, Microsoft ISA 2004/2006, BlackICE, Symantec SGS Firewall
Windows Server 2008/2003/2000, Windows Vista/XP, Linux, AIX, Solaris 8/9/10, FreeBSD, OpenBSD
Ethereal/Wireshark, Nessus, Metasploit, MBSA, tcpdump, Nmap, netcat, John the Ripper, LC5, Nikto, Retina, Network Stumbler, SSH, Windows Security templates, Norton Ghost, HFNetChkPro, RSA SecurID, PointSec, ActiveScout IDS
Networking & VOIP
Cisco Routers, Catalyst 6500 switches, Nortel Contivity VPN, TCP/IP, IPSec, QoS, MRTG, Solarwinds, Packeteer Packetshaper, Cisco CSS, ACLs, VLANs, ATM, T1, Avaya S8700/G650, Avaya CMS/BCMR
Symantec Corporate AntiVirus, McAfee VirusScan, Symantec Mail Security, Sophos Antivirus, Sybari Antigen, NOD32, TrendMicro
Active Directory, Group Policy, DNS, Terminal Services, DHCP, RRAS, WSUS
Legato Networker 7.x, Backup Exec, Arcserve, Retrospect
Languages and Scripting
BASH, Awk, Sed, Grep, Windows Batch, Visual Basic .Net, C, PHP, HTML, SQL
Databases & Software
Remedy, MS SQL 2000, FileMaker, Sage MAS 90, SAP Business One, Crystal Reports, MS Office, MS Visio, VMware ESX, Citrix Presentation Server 4.5
Penta Consulting SA, Geneva, Switzerland July 2008 present
NETWORK SECURITY ENGINEER
* Administered 4 core CheckPoint NGX firewalls and 60 CheckPoint UTM-1 Edge client firewalls.
* Created detailed physical and logical network diagrams, fully documented network details.
* Developed a user account and password policy, implemented least privilege and identification concepts for operator accounts.
* Designed a secure isolated multi-layered network for a financial services client.
* Implemented Microsoft ISA 2006 as a reverse proxy to protect a cluster of web servers.
* Worked with compliance team on SAS70 audit preparations.
* Managed and monitored an ActiveScout IDS.
Accenture, London, England November 2007 June 2008
NETWORK TEAM LEAD LONDON
* Supervised a team of two network engineers administering 10 firewalls (Netscreen, Checkpoint, Cisco ASA), 115 routers, switches, vpn concentrators, packetshapers and 40 WAN circuits at a globally strategic network POP handling traffic for 200 of global projects.
* Successfully planned and executed an upgrade of a critically important Nokia IP350 firewall from IPSO 3.7 and Checkpoint NG FP3 to IPSO 4.1 and NGX R60.
* Carried out a firewall rule and service review and consolidation project on a 7,000 rule Juniper Netscreen NS-500 core firewall policy reducing the policy count by removing 500 redundant and overlapping policies.
* Created BASH scripts and Excel templates to carry out firewall rule-base additions and modifications.
* Cooperated with an internal ISO 27001 audit and executed a remediation plan to implement security standards, policies and procedures in preparation for ISO 27001 certification.
* Enabled connectivity for clients by utilising Netscreen Virtual Systems, Virtual Routers, source-based routing, NAT/PAT, MIPs, DIPs and GRE tunnels inside of IPSec connections.
* Managed a data centre with 50 server racks hosting 250 servers.
* Reviewed and amended data backup configuration, upgraded backup software.
* Identified and corrected Computer Room physical security weaknesses.
Accenture, Toronto, Canada April 2006 October 2007
Rapidly promoted through the following two progressively responsible positions within 6 months in a process that normally takes over 1 year:
NETWORK LEAD CANADA
* Administered 5 firewalls and 55 network devices including routers, VPN concentrators, switches, proxy servers, intrusion detection devices, to provide connectivity to 400 employees and 40 client facing projects.
* Designed and implemented a remote access VPN service that securely enabled users to access network resources from outside of their office.
* Worked closely with the Global IT Security Lead to implement security standards, policies and procedures in preparation for ISO 27001 certification.
* Performed RSA SecurID setup and administration.
* Worked on deploying PointSec Hard Disk encryption to 400 computers.
LEAD SECURITY ENGINEER III
* Led a four person 3rd level security team charged with resolving complex and critical issues on 400 globally deployed Checkpoint (Nokia, SPLAT, Solaris, Linux), Netscreen and Cisco ASA/PIX firewalls, Nortel VPN concentrators and Microsoft ISA proxy devices.
* Ran a project to design, configure and deploy three Netscreen firewalls, two Cisco ASA firewalls, and 4 Nortel VPN concentrators for two new Accenture offices.
* Performed a firewall conversion from Checkpoint NG on Nokia to a dual Netscreen/Cisco ASA configuration.
* Conducted technical interviews of potential new employees. Trained new employees on the network security architecture; created a new employee handbook.
X-COPPER Legal Services Inc., Markham, Canada August 2004 April 2006
* Designed a corporate WAN using Symantec Firewall/VPN devices to securely enable inter-branch communication and sales software data transferral, providing increased sales, and improved administration for agents, clients and personnel.
* Led the I.T. component during the companys expansion, opening three new offices at geographically distant locations across the province of Ontario. Accountable for IT strategy, budget preparation, equipment and service procurement. Oversaw the installation and testing of all technology.
* Designed and built out a server room to securely house servers.
* Facilitated an inventory audit of all I.T. assets to allow the company to optimise its technology infrastructure and vendor support contracts, and to prepare capital for replacements and future expansion. Developed a strategy to gradually replace outdated equipment.
Thomson Research Associates, Toronto, Canada June 2002 July 2004
* Instrumental in upgrading server and workstation security, created a formal password policy, implemented centralised virus scanning and patch deployment.
* Administered two Netscreen firewalls providing remote office site to site and client to site VPN connectivity.
* Purchased Sybari Antigen antivirus and anti-spam software for MS Exchange to provide layered infection defences.
* Updated the data backup process, implemented offsite tape storage.
* Designed and built out a new server room to securely house computers.
EDAN Search Group, Toronto, Canada February 1999 June 2002
* Implemented Netscreen firewalls to secure branch internet access and designed a WAN using IPSec tunnels to provide secure branch office and roaming user connectivity.
* Designed and implemented a data backup process that included offsite tape storage.
* Deployed Symantec desktop and server antivirus software that prevented Love bug and Klez infections.
Ryerson University, Toronto, Canada 2004
CERTIFICATE INFORMATION SYSTEMS MANAGEMENT
Intellectual Property Law Course 2007
Packeteer Packershaper Level 1 Course 2008
Hold the following certifications:
ISC2 Certified Information Systems Security Professional (CISSP) 2009
ISACA Certified Information Systems Auditor Exam (CISA)Highest score - Toronto ISACA chapter 2007
ISC2 Systems Security Certified Practitioner (SSCP) 2004
I.T. Service Management Foundation Certificate (ITIL) 2006
Check Point Certified Security Administrator NG (CCSA) 2005
MS Windows 2000 Server and Active Directory Certified Professional (MCP) 2004
CompTIA A+ Certified Professional 2003
MS Windows 2000 Professional Certified Professional (MCP) 2002
Linux Professional Institute LPI 100 2000
English - Native speaker
French Upper intermediate reading and listening, basic speaking