| Contact Information | |
| Name: | Archer Cao |
| Email: | cao_wl (at) hotmail (dot) com [email concealed] |
| Location: | GuangZhou, Guangdong, China |
| Resume | |
| Position/Title: | Security Product Manager |
| Resume: |
Basic Information --------------------------------------------- Name: Wen Liang Cao (CN), Archer (EN) Born: 12/12/1981 Gender: Male Mobile: +86 15915766343 E-Mail: cao_wl (at) hotmail (dot) com [email concealed] (MSN) Working Experiences: 5 Years (3 Year Security Engineer + 2 Year Project Manager) Overseas Experiences: Yes (US,Germany,PH) --------------------------------------------- Education Background --------------------------------------------- 2005,9-2007,7: South China University of Technology Major: Business Administration 2002,9-2005,7: Zhong Shan University Major: Computer Science and Technology --------------------------------------------- Present Employer& Position --------------------------------------------- Employer: Wrigley Confectionary (China) Co, Ltd Date: 2006,9-2009,9 Position: Global Information Security Engineer Global Security Engineer develops,implements, monitors and maintains global information security policies, standards, guidelines, and procedures that are in alignment with the corporate strategic plan. This position is primarily responsible for maintaining and monitoring security for Wrigley’s computing environments and perimeter security devices (firewalls, IDS/IPS, Vulnerability Analysis, Anti-Virus). While this position has no direct reports it is responsible for providing direction and coordination of information security in all regions through regional security specialists. Principal Activities Performed by the Incumbent 1. Ensuring that security technologies are well integrated into global systems. 2. Provides day to day support for security technologies to ensure the smooth operation of the Company’s information systems. 3. Develops selection criteria for global Security technologies. Provides expertise and oversight of selection process to maintain Company standards. 4. Develops security standards and procedures derived from information security policies and guiding principles. 5. Maintains an awareness of the global technology strategy for ensuring appropriate security measures are embedded into Wrigley systems. 6. Maintains and monitors the global and regional IT security architecture in alignment with the IT security policies and guiding principles to ensure the integrity and security of the organization’s information contained on and transferred within all computing operating systems and applications. 7. Develops and implements global security solutions to meet business requirements while balancing acceptable risk to Wrigley’s information assets. 8. Research security web sites, CERT advisories, publications, vendor, correspondence on application patches, updates and version releases and the media for recent exposures and their appropriate fix or resolution. 9. Continuous involvement with external security groups. 10. Identify risks and ensure that appropriate controls are implemented to address these risks. 11. Participate through authoring or presenting relevant topics to support Wrigley’s campaign to heighten information security awareness. 12. Provides assistance with Help Desk problems within established service level agreements, particularly problems related to firewall, anti-virus and IDS/IPS administration. 13. Trains users in security operations and procedures; trains other IT staff in security troubleshooting and problem solving and as appropriate, updates training material. 14. Follows established security-monitoring processes of day-to-day networking and management tasks to ensure the Company’s information security policies and technical solutions are maintained at acceptable levels. Follows a routine of security audits of systems based on industry standards, and participates in providing recommendations for corrective actions based on findings. 15. Performs special projects at the request of the Global Information Security Architect or the Global Information Security and Compliance Manager or other members of IT management. --------------------------------------------- Foregone Employer& Position --------------------------------------------- Employer: Trend Micro Inc Date: 2005,8-2006,9 Position: Technical Support Specialist Responsibilities: Provide Trend Micro Gateway Product (Interscan Messaging Security Suite, InterScan Virus Wall, Network Virus Wall, InterScan Web Protect for Microsoft ISA and Trend Micro Mobile Security) support services for EMEA customer in all English communication environment Employer: Guangzhou CSS Information Technology Co., Ltd Date: 2003,11-2005,8 Position: Project Manager and Information Security consultant Responsibilities 1. Presale technical support- Find out customer's security demand, Assess current security status and provide security solution 2. Implement security project and grope for popular security technology 3. Keep trace of new found security vulnerability and virus and then notify customer 4. Vulnerability assessment based on BS7799,ISO17799 and OCTAVE method 5. Compose network security polices for enterprise Outstanding Achievement Implement numbers of large-scale security projects independently; Pile up some experiences on large-scale security project implementation and management; Compose some security service documents; Build good relationships with customers --------------------------------------------- Working Experiences --------------------------------------------- I have been working in Network/Information security realm for almost 5 years, during the time I have mastered various kinds of Network/Information security skills and piled up some experiences on project management. In these 5 years, I have designed and implemented independently lots of large-scale network security projects, major in China Telecommunication、China Southern Power Grid,government and troops and the like; I work as a project manager and implementer in these projects. All projects are excellently completed. I received project management training in 2005, with 3 years' project management experiences in network security projects,I am good at IT project management now. --------------------------------------------- Network/Information Security Project Experiences --------------------------------------------- P1. Hui Zhou Power Supply Bureau Security Project Date: 2005,6-2005,7 Software Environment: Checkpoint,Symantec antivirus Hardware Environment: Nokia IP 710,Cisco PIX 515/525/535,Cisco catalyst 3500/4506/6509 Description: Deploy 2 clustering Nokia/checkpoint firewalls in front of all enterprise application servers; Deploy Cisco PIX firewall at network perimeter to connect to Internet and Branch office; Deploy security policy for enterprise network Responsibilities: Project Manager and Security Engineer P2. Yang Jiang Telecom DCN Network Security Evaluation Service Date: 2005,1-2005,3 Software Environment: Retina Security Scanner,Symantec Net recon 3.6,NetIQ Security Analyzer,Sniffer v4.75,Open View,Solaris,Oracle 8/9i,SQL server 2000 Hardware Environment: Cisco catalyst 6509,Sun Enterprise 3500/4000/6000 Description : Provide security consultant, vulnerability assessment and protocol traffic analysis service; compose analysis report and security solution Responsibilities: Project Manager and security consultant P3. China Southern Power Grid security project Date: 2004,11-2004,12 Software Environment: Checkpoint NG FP3,Symantec Antivirus,Symantec Manhunt,Solaris 8.0,Redhat Linux Hardware Environment: Sun V880,IBM PC Server Description: Install checkpoint on Sun v880, establish site-to-site VPN connection among headquarter and branch office; Install Symantec Manhunt on Red Hat Linux; Deploy Symantec antivirus system. Responsibilities: Security Engineer P4. Guangzhou Country Resource and House Management Ministry Security Consultant Service Date: 2004,10-2004,10 Software Environment: Internet Scanner,Shadow Security Scanner Description: Provide overall security solution and consultant service Responsibilities: Security consultant P5. Guangzhou IDC Web Server Load Balance and Firewall System Date: 2004,6-2004,8 Software Environment: Windows 2000 advance server, IIS 5.0 Hardware Environment: IBM X series 250,Cisco PIX firewall Description: Implement web servers load balance and configure Cisco PIX firewall to protect web servers Responsibilities: Security Engineer P6. TLH Technology Business Network Security Project Date: 2004,3-2004,3 Software Environment: Checkpoint,Interscan Virus wall Hardware Environment: HP DL380 G3,DL360 G2,Cisco 2611,Nokia IP330,3COM 4400 Description: Deploy Nokia+Checkpoint firewall at network perimeter and configure firewall to protect enterprise network Responsibilities: Security Engineer P7. Guangdong Province Data communication bureau security project Date: 2003,11-2003,12 Software Environment: Windows 2K Advance Server Cluster,Checkpoint,CA IDS,ISS Internet Scanner,Veritas backup exec Hardware Environment: HP Net server lxr 8500,EDI 6600LL,Nokia IP650/330,F5 BIG-IP switch 5000 Description: Compose security architecture design and implementation solution; Implement security project, configure security devices; Compose technical and maintain documents; Vulnerability assessment; Operating system enhancement; Configure data backup system for data storage and recovery; Deploy and configure IDS on the network; implement application server load balance. Responsibilities: Project Manager and Security Engineer P8. Zhu Jiang Industry Realty Investment Stock Co., Ltd project Date: 2003,10-2003,10 Software Environment: Windows PDC and ISA server 2000 Hardware Environment: Cisco catalyst 3500 and Compaq server Description: Implement primary domain controller, deploy and configure ISA server to connect to Internet Responsibilities: Security Engineer --------------------------------------------- Training Experiences --------------------------------------------- 1. Team Adventure Training Training Date: 2006/05/19 Period: 1 Day Authorized: Gung HO Management Consultant Co., Ltd Certificate: Team Adventure 2. Computer Information System Project Manager Training Training Date: 2005/01/01 Period: 7 Days Authorized: Information Industry Ministry of China Certificate: Project Manager Qualification Certificate 3. Security Technology Training Training Date: 2004/04/01 Period: 7 Days Authorized: Shanghai Hua-Tech development Co., Ltd 4. Symantec Enterprise Security Manager Training Training Date: 2002/12/01 Period: 3 Days Authorized: Symantec Certificate: Symantec ESM --------------------------------------------- Certificates --------------------------------------------- China National Information Industry Ministry:Project Manager China National Personnel Ministry:Network Engineer Network Security Operator Symantec ESM Nokia NSA CET-4 CCNA Kaspersky Data System Engineer Team Adventure --------------------------------------------- Professional Skills --------------------------------------------- 1.OS Skills Windows 2000/2003 Server AD,LDAP,CA,IIS,Cluster,NLB,MAIL technologies Linux/Solaris Network Configuration and Application 2.Network Skills Cisco Switch& Router,VLAN,HSRP,TRUNK technologies 3.Troubleshooting Skill Sniffer,Ethereal,IRIS 4.Network Management SolarWind, HP OpenView 5.Security Skills Firewall Net screen,Nokia/Checkpoint,Cisco PIX,Microsoft ISA 2000/2004 IDS Symantec Manhunt,Link Trust,ISS Real Secure VPN Checkpoint,Net screen,Cisco PIX,Windows 2000/2003 VPN,ISA VPN technologies Content Filter SurfControl Web Filter Encryption Pointsec for PC Authentication RSA SecurID systems,Windows LDAP and Radius technologies Vulnerability Assessment Microsoft Baseline Security Analyzer,Eeye Retina Security Scanner,Shadow Security Scanner,Symantec Net recon. Patch Management Microsoft SUS,SMS Antivirus Symantec endpoint protection,Trend Micro Enterprise Antivirus System Protocol Skills HTTP,FTP,SMTP,POP3,HTTPS etc Mail Skills Mail Flow: SMTP Relay,Mail Bridgehead,Mail Security --------------------------------------------- Language skill --------------------------------------------- Good spoken and written English,Mandarin and Cantonese --------------------------------------------- Character --------------------------------------------- Active,Aggressive and Optimistic,Strong self-work,team-work and self-management abilities,Expert and quick learning abilities,Excellent work attitude under great pressure --------------------------------------------- Interests --------------------------------------------- Network/Information security technologies,Enterprise Management,Strong ability on Sociality,Doings,Reading,Music and Sport --------------------------------------------- |