| Contact Information | |
| Name: | Gabriel Mino |
| Email: | info (at) gabrielmino (dot) info [email concealed] |
| Location: | Rockaway Beach, New York, United States |
| Resume | |
| Position/Title: | Security Consultant |
| Resume: |
Gabriel C. Mino. GCIA, GCIH, GREM, Security+, Linux+ 314 Beach 87th Street | Rockaway Beach, NY 11693 | 646.824.5800 | info (at) gabrielmino (dot) info [email concealed] Experience The Goal (for Cybertrust/Verizon Business), New York, New York Senior Security Consultant, February 2006 to Present Working within the professional services division, carried out a wide variety of assessments for organizations in both the private as well as public sectors. Performed security scanning of W2K, XP, HP-UX, NCR & AIX hosts in support of PCI-DSS, HIPAA, GLBA & FISMA compliance. Designed and delivered training to support review of findings resulting from scans. Headed QA team to perform testing and aid in design of PCI scanning product. Performed vulnerability assessments and/or penetration tests against applications and internal/external/wireless networks. Based on the data collected during the vulnerability and/or penetration testing phases, prepared client deliverables which, not only explained findings discovered and their potential impact but, also identified the severity of the issue within the context of the client environment. Guidance was offered to clients on mitigation options as well as contrasted organization security policies and controls against industry best practices. Presented results of analysis with key observations and recommendations for remediation. Valis Solutions, Brooklyn, New York Security Analyst, October 2003 to February 2006 Monitored firewall and IDS logs for suspicious activity as well as any evidence of unauthorized intrusions and attacks and forwarded all findings to the incident response team. Provided network system audits using Snort open source IDS in conjunction with Nessus open source vulnerability scanner, Metasploit framework as well as other various tools. Using data from audit tools combined with information received through interviews of key staff, worked with administrators to determined system baselines. Prepared documentation outlining these baselines which also included recommended steps to improve network efficiency through proper network management. Carried out forensic and malware analysis of compromised systems to ascertain depth and criticality of incident. Contained and eradicated compromises and documented findings. Performed wireless site surveys and outlined additional hardware and configurations to be implemented to improve both coverage as well as security. Assisted in writing security and acceptable use policies in support of secure corporate operations. Adhered to CERT "best practice" guidelines when building hardened servers and workstations. Primary Consulting Services, Ltd., New York, New York Senior Network Consultant, October 2002 to October 2003 Provided remote network management and monitoring using wi-fi/Bluetooth enabled Sharp Zaurus handheld running OpenZaurus OpenEmbedded Linux to manage client and internal application/file/mail servers, routers, firewalls and hosted servers. Used ssh suite, Windows Terminal Server and FreeS/WAN to provide 24/7 support of internal as well as client’s LANs, WANs, WLANs and VPNs. Relieved customer “bottle-necks” through the use of Gigabit Ethernet solutions and open-source packet shaper. Maintained ISDN and T1 services for group and clients. Performed Blackberry roll-out of 30 handhelds integrating with Exchange server as well as web application integration. Migrated Exchange 5.5/NT to 2K/2K. Implemented Linux based “exchange killer” IMAP server. Built UnixWare cluster and nightly WAN replication via cron job to co-located disaster recovery server using rsync over ssh tunnel. Installed and configured Open-Source heuristic Spam filter, client and server. Installed and configured an Open-Source PHP/PostGreSQL web-based (Apache) call tracking system. SCO OpenServer/UnixWare, Sonicwall Firewall/VPN, RedHat, Windows workstations/servers and Cisco routers/switches. New York City Technical College, Brooklyn, New York Lab Administrator, July 2002 to September 2002 Installed and configured workstations and wireless peripherals. Maintained users, file permissions and workstation firewalls. Maintained and monitored Snort IDS. Using data obtained from Snort, created and implemented security policy for workgroup. Assisted students on the use of Windows XP, Office XP and internet technologies. 10 workstation WLAN. IT Systems, Inc., Brooklyn, New York Consultant, July 2001 to July 2002 Installed and configured new hardware and peripherals. Monitored scheduled backups, log files and usage levels. Maintained users, file permissions and cron jobs. Implemented, configured and maintained Tripwire IDS. Used vi editor to modify shell scripts. Trained students on use of Cisco internetworking equipment. Directed systems administration classes and conducted hands on step-by-step lab instruction on configuration, use and troubleshooting of Solaris 2.x, Linux and Windows heterogeneous network as well as how to resolve various system issues. 10 workstation LAN, Sparc 10/20, Ultra 1/2/5, StoreEdge libraries, 430 Server Fat Beats, Inc., New York, Atlanta, Los Angeles, Amsterdam Operations Manager-Technical/Finance, May 2000 to June 2001 Implemented an integrated ERP information system, which included an Access POS system with multiple locations, a Palm based warehouse inventory management system and a Cold Fusion E-Commerce system, all writing to a shared SQL 2000 database. Administered Windows NT 4.0 LAN, Windows 2000 Advanced Server WAN and Blackice firewall. Managed accounts receivable/payable. Provided budgeting & planning strategies for future growth. Trained office staff to use various accounting modules and follow specific business logic procedures. Worked with vendors for purchase/finance of office technology needs. 30 workstation LAN, PowerEdge servers, Rackmount servers Skills Operating Systems - DOS, Windows 3.x, Windows 9x, Windows NT, Windows 2000 Professional, Windows 2000 Advanced Server, Windows XP, UNIX, Solaris 2.x, Linux, Palm OS, RIM/Blackberry, Embedded Linux Hardware – ARM, Intel based PCs, RISC, HP, Compaq, Dell, IBM, Toshiba, Gateway, Macintosh, Sun, IDE, SCSI, PCI, RAID 0, 1, 3 & 5 Certifications – Comptia Linux+ and Security+, GIAC GCIA (#880 w/honors), GCIH (#2021 w/honors), GREM (#79), SSP-DRAP (#9) and SSP-MPA (#119) Database Technologies - Access, Btrieve, Crystal Reports, FoxPro, M$ SQL Server, MySQL, PostGreSQL Network Management Abilities - Administration, Analysis, Capacity Planning, Connectivity Testing, Diagnostics and Monitoring, Equipment Install and Configuration, Equipment Testing, Firewall Setup and Support, Hardware Planning, Management Tools, moves-adds-changes, Performance Tuning, Protocols, Remote Access Services, Standards & Procedures, Troubleshooting, Virus Protection Network Protocols & Standards - AppleTalk, ARP, BGP, CDP, DHCP, DNS, Ethernet, FastEthernet, EIGRP, FTP, Gigabit Ethernet, HDLC, HSRP, HTTP, ICMP, IGRP, IMAP, IPX/SPX, NAT, NetBEUI, NetBIOS, OSPF, PHP, PVC/SVC, PPP, PAP/CHAP, RARP, RIP, SNMP, SSH, STP, TCP/IP, UDP, WEP Network Technologies - 3Com, Appleshare, Checkpoint FW-1/VPN, Cisco IOS, Cisco Routers, Hubs, IDS, LAN, Microsoft Active Directory, NAS, nCircle, Nessus, NFS, NIS, PC Anywhere, Routers, Switches, Snort, Tripwire, VLAN, VPN, WAN, WLAN, WebInspect Soft Skills –Documentation, Presentation, Planning Systems Administration Abilities - Console Operations, Hardware Configuration, Security and User Administration, Intrusion Detection, Security Policies and Procedures, Security Testing and Auditing, Software Installation & Upgrade, Storage Management, Troubleshooting, Web Security & Encryption Systems Management Utilities - Veritas Backup Exec, vi Editor, crontab Telco Technologies - Coaxial Cable, DSL, Frame Relay, ISDN, RJ-11/45, SMS, T1 / T3, Twisted Pair, WAP Training Abilities - Delivery with Classroom Instruction, Instructional Design, Program Management, Technical Course Development Web, Application & Messaging Servers - Apache, Cold Fusion, Exchange, IIS, IMAP, Microsoft Outlook, POP3, Sendmail, SMTP, Verisign Affiliations Member, NYC Zaurus User Group Member, NYC Wireless - http://www.nycwireless.net Member, Information Systems Security Association - NY Metro Chapter - http://www.nymissa.org Member, GIAC Advisory Board – http://www.giac.org Education & Training Mastering the Network with Scapy, CanSecWest Meeting the Minimum: Standard for Protecting Credit Card and Other Private Information PCI CISP: The Visa Digital Dozen, SANS Institute Hacker Techniques, Exploits & Incident Handling, SANS Institute Advanced Network Worm and Bot Analysis, SANS Institute Stay Sharp: Metasploit for Penetration Testers, SANS Institute Stay Sharp: Mastering Packet Analysis, SANS Institute Stay Sharp: Combating Spyware, SANS Institute Stay Sharp: Introduction to Bots and Worms, SANS Institute Network Forensics Day, Interop Reverse-Engineering Malware, SANS Institute Stay Sharp: First Responder - Unix/Linux, SANS Institute Intrusion Detection In-Depth, SANS Institute Stay Sharp: Defeating Rogue Access Points, SANS Institute Checkpoint Firewall-1 Administrator, Orion Technology Services Sun Solaris Systems Administrator, Orion Technology Services Cisco Certified Network Associate, Orion Technology Services Training the Trainer, Fred Pryor Seminars Orange County Community College, GPA: 4.0 |