| Contact Information | |
| Name: | Michael Krygier |
| Email: | mkrygier (at) hotmail (dot) com [email concealed] |
| Location: | London, , United Kingdom |
| Resume | |
| Position/Title: | Security Engineer |
| Resume: |
MICHAEL KRYGIER, CISA, CISSP, SSCP Chemin des Deux Communes 29 1226 Geneva, Switzerland Mobile: 079 863 6790 Email: mkrygier (at) hotmail (dot) com [email concealed] Canadian Citizen – Swiss B Permit SECURITY ENGINEER Ambitious and challenge-driven information security professional. Team builder who interacts well with all levels, thrives in a fast-paced environment of ongoing change. Resourceful, project-driven, highly organized and efficient. Articulate communicator and negotiator, simplifies technology language; exudes energy and confidence. Visionary, sees the big picture while critically analysing the details. Core expertise includes: * Network Security * Systems Security * Network Management * Network Design * Documentation, Diagrams, Reports * Data Centre Operations TECHNICAL ENVIRONMENTS Firewalls CheckPoint NGX, Checkpoint UTM-1 Edge, Juniper Netscreen (ISG 1000, NS500, SSG540), Cisco ASA, Cisco PIX, Provider-1, Nokia IP Firewalls (IPSO), Proventia IDS, Microsoft ISA 2004/2006, BlackICE, Symantec SGS Firewall Operating Systems Windows Server 2008/2003/2000, Windows Vista/XP, Linux, AIX, Solaris 8/9/10, FreeBSD, OpenBSD Security Tools Ethereal/Wireshark, Nessus, Metasploit, MBSA, tcpdump, Nmap, netcat, John the Ripper, LC5, Nikto, Retina, Network Stumbler, SSH, Windows Security templates, Norton Ghost, HFNetChkPro, RSA SecurID, PointSec, ActiveScout IDS Networking & VOIP Cisco Routers, Catalyst 6500 switches, Nortel Contivity VPN, TCP/IP, IPSec, QoS, MRTG, Solarwinds, Packeteer Packetshaper, Cisco CSS, ACLs, VLANs, ATM, T1, Avaya S8700/G650, Avaya CMS/BCMR Antivirus Symantec Corporate AntiVirus, McAfee VirusScan, Symantec Mail Security, Sophos Antivirus, Sybari Antigen, NOD32, TrendMicro Windows Services Active Directory, Group Policy, DNS, Terminal Services, DHCP, RRAS, WSUS Back-Up Legato Networker 7.x, Backup Exec, Arcserve, Retrospect Languages and Scripting BASH, Awk, Sed, Grep, Windows Batch, Visual Basic .Net, C, PHP, HTML, SQL Databases & Software Remedy, MS SQL 2000, FileMaker, Sage MAS 90, SAP Business One, Crystal Reports, MS Office, MS Visio, VMware ESX, Citrix Presentation Server 4.5 PROFESSIONAL EXPERIENCE Penta Consulting SA, Geneva, Switzerland July 2008 – present NETWORK SECURITY ENGINEER * Administered 4 core CheckPoint NGX firewalls and 60 CheckPoint UTM-1 Edge client firewalls. * Created detailed physical and logical network diagrams, fully documented network details. * Developed a user account and password policy, implemented least privilege and identification concepts for operator accounts. * Designed a secure isolated multi-layered network for a financial services client. * Implemented Microsoft ISA 2006 as a reverse proxy to protect a cluster of web servers. * Worked with compliance team on SAS70 audit preparations. * Managed and monitored an ActiveScout IDS. Accenture, London, England November 2007 – June 2008 NETWORK TEAM LEAD LONDON * Supervised a team of two network engineers administering 10 firewalls (Netscreen, Checkpoint, Cisco ASA), 115 routers, switches, vpn concentrators, packetshapers and 40 WAN circuits at a globally strategic network POP handling traffic for 200 of global projects. * Successfully planned and executed an upgrade of a critically important Nokia IP350 firewall from IPSO 3.7 and Checkpoint NG FP3 to IPSO 4.1 and NGX R60. * Carried out a firewall rule and service review and consolidation project on a 7,000 rule Juniper Netscreen NS-500 core firewall policy reducing the policy count by removing 500 redundant and overlapping policies. * Created BASH scripts and Excel templates to carry out firewall rule-base additions and modifications. * Cooperated with an internal ISO 27001 audit and executed a remediation plan to implement security standards, policies and procedures in preparation for ISO 27001 certification. * Enabled connectivity for clients by utilising Netscreen Virtual Systems, Virtual Routers, source-based routing, NAT/PAT, MIPs, DIPs and GRE tunnels inside of IPSec connections. * Managed a data centre with 50 server racks hosting 250 servers. * Reviewed and amended data backup configuration, upgraded backup software. * Identified and corrected Computer Room physical security weaknesses. Accenture, Toronto, Canada April 2006 – October 2007 Rapidly promoted through the following two progressively responsible positions within 6 months in a process that normally takes over 1 year: NETWORK LEAD CANADA * Administered 5 firewalls and 55 network devices including routers, VPN concentrators, switches, proxy servers, intrusion detection devices, to provide connectivity to 400 employees and 40 client facing projects. * Designed and implemented a remote access VPN service that securely enabled users to access network resources from outside of their office. * Worked closely with the Global IT Security Lead to implement security standards, policies and procedures in preparation for ISO 27001 certification. * Performed RSA SecurID setup and administration. * Worked on deploying PointSec Hard Disk encryption to 400 computers. LEAD SECURITY ENGINEER III * Led a four person 3rd level security team charged with resolving complex and critical issues on 400 globally deployed Checkpoint (Nokia, SPLAT, Solaris, Linux), Netscreen and Cisco ASA/PIX firewalls, Nortel VPN concentrators and Microsoft ISA proxy devices. * Ran a project to design, configure and deploy three Netscreen firewalls, two Cisco ASA firewalls, and 4 Nortel VPN concentrators for two new Accenture offices. * Performed a firewall conversion from Checkpoint NG on Nokia to a dual Netscreen/Cisco ASA configuration. * Conducted technical interviews of potential new employees. Trained new employees on the network security architecture; created a new employee handbook. X-COPPER Legal Services Inc., Markham, Canada August 2004 – April 2006 IT MANAGER * Designed a corporate WAN using Symantec Firewall/VPN devices to securely enable inter-branch communication and sales software data transferral, providing increased sales, and improved administration for agents, clients and personnel. * Led the I.T. component during the company’s expansion, opening three new offices at geographically distant locations across the province of Ontario. Accountable for IT strategy, budget preparation, equipment and service procurement. Oversaw the installation and testing of all technology. * Designed and built out a server room to securely house servers. * Facilitated an inventory audit of all I.T. assets to allow the company to optimise its technology infrastructure and vendor support contracts, and to prepare capital for replacements and future expansion. Developed a strategy to gradually replace outdated equipment. Thomson Research Associates, Toronto, Canada June 2002 – July 2004 I.T. ADMINISTRATOR * Instrumental in upgrading server and workstation security, created a formal password policy, implemented centralised virus scanning and patch deployment. * Administered two Netscreen firewalls providing remote office site to site and client to site VPN connectivity. * Purchased Sybari Antigen antivirus and anti-spam software for MS Exchange to provide layered infection defences. * Updated the data backup process, implemented offsite tape storage. * Designed and built out a new server room to securely house computers. EDAN Search Group, Toronto, Canada February 1999 – June 2002 NETWORK ADMINISTRATOR * Implemented Netscreen firewalls to secure branch internet access and designed a WAN using IPSec tunnels to provide secure branch office and roaming user connectivity. * Designed and implemented a data backup process that included offsite tape storage. * Deployed Symantec desktop and server antivirus software that prevented Love bug and Klez infections. EDUCATION Ryerson University, Toronto, Canada 2004 CERTIFICATE – INFORMATION SYSTEMS MANAGEMENT Intellectual Property Law Course 2007 Packeteer Packershaper Level 1 Course 2008 Hold the following certifications: ISC2 Certified Information Systems Security Professional (CISSP) 2009 ISACA Certified Information Systems Auditor Exam (CISA)Highest score - Toronto ISACA chapter 2007 ISC2 Systems Security Certified Practitioner (SSCP) 2004 I.T. Service Management Foundation Certificate (ITIL) 2006 Check Point Certified Security Administrator NG (CCSA) 2005 MS Windows 2000 Server and Active Directory Certified Professional (MCP) 2004 CompTIA A+ Certified Professional 2003 MS Windows 2000 Professional Certified Professional (MCP) 2002 Linux Professional Institute LPI 100 2000 LANGUAGES English - Native speaker French – Upper intermediate reading and listening, basic speaking |
