Resume

Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) and Microsoft Certified Systems Engineer Plus Security (MCSE) with 14 years experience in Windows and Internet systems management. Strong skills in security, operations, integration engineering, project management, risk management, supporting mission critical business systems, documentation, staff training, sales engineering, and tools development. Wrote numerous magazine articles, coauthored several books, served as technical editor for many other titles and featured speaker at numerous conferences including the RSA Conference, TechEd, Microsoft Worldwide Partner Conference, Microsoft Federal Security Summit, and the Microsoft Global Briefing.

Experience

  • Independent Author and Consultant (October 2007 – Present)
    Since moving to Argentina launched a sole proprietorship focuses on providing information security consulting and technical writing services.

    Co-authored two books, the “Windows Server 2008 Security Resource Kit” and “Windows Server 2008 Administrator's Companion,” from Microsoft Press; Microsoft’s Windows Server 2008 Security Guide; and numerous smaller papers. Consulting with the National Institute of Standards and Technology (NIST) to assist creating and supporting guidance to federal agencies for the Federal Desktop Core Configuration (FDCC) mandate issued by the Office of Management and Budget in 2007. Additionally, has been a contributor and reviewer of numerous NIST documents including several recent Special Publications.

Consulting with the National Institute of Standards and Technology (NIST) to assist creating and supporting guidance to federal agencies for the Federal Desktop Core Configuration (FDCC) mandate issued by the Office of Management and Budget in 2007. Additionally, has been a contributor and reviewer of numerous NIST documents including several recent Special Publications.

Working with NIST to create and maintain Security Content Automation Protocol (SCAP) content for Windows XP, Windows Vista, and Windows Server 2008 security baselines in support of the FDCC mandate.

Program manager for Microsoft’s System Center Configuration Manager Extensions for SCAP, a suite of tools that utilize the desired configuration management (DCM) feature in Configuration Manager 2007 to scan computers and generate reports in SCAP formats documenting compliance with the FDCC mandate.

Contributing author to Microsoft’s Security Compliance Management Toolkit Series which provides information technology professionals with the tools and guidance needed to plan, deploy, and monitor security baselines for Microsoft Windows operating systems and Microsoft Office 2007.

  • Program Manager, Sales Solutions Specialist - Security (November 2000 – September 2007), Microsoft Corp.
    One Microsoft Way, Redmond, WA 98052.

    Built collaborative working relationships with agencies responsible for setting information security policies for the US government such as the Office of Management and Budget (OMB), the National Institute for Standards and Technology (NIST), the National Security Agency (NSA), and the Defense Information Systems Agency (DISA). As part of this responsibility helped to articulate and implement Microsoft’s response to the OMB memos (07-11 & 07-18) requiring all federal agencies to implement a standard configuration for computers running Microsoft Windows.

    Strategic responsibility for sales of Microsoft security products to US federal government agencies, increased revenue by more than 100% over the previous year in FY06 and by 500% in FY07.

    Established and maintained strategic connections with C-level security executives across multiple US government agencies.

    Conceived of, created, and launched Microsoft’s Government Systems Hardening Program (GSHP). GSHP is a collaborative effort with government agencies to create and publicize common baseline configurations for hardening Windows 2000, Windows XP, and Windows Server 2003. Participants include information security experts from the NSA, NIST, DISA, DHS, Bundesamtes für Sicherheit in der Informationstechnik (BSI, Germany’s security agency), NATO, and CESG (the United Kingdom’s security agency).

    Author of numerous Microsoft Security Guidance Center, TechNet, and Knowledgebase documents and articles.

    Key contributor to the Microsoft QuickStart for Operating Secure Servers, a service offering that combines technology and process to help enterprises secure their existing computing environments and maintain them in a secure manner going forward.

    Created and delivered various workshops on information security, Active Directory, and group policies to customers around the world.
  • Senior Windows NT Platform Architect (July 1999 – November 2000), GENUiTY.
    3 Van de Graaff Drive, Burlington, MA 01803.

    Member of a cross-departmental team to evaluate the Application Service Provider market and GENUiTY’s roll as an Application Infrastructure Provider for ASPs. Developed a project plan and schedule to ensure GENUiTY’s leadership as an AIP by expanding our product line to target the requirements of ASPs while developing more effective marketing and sales strategies.

    Collaborated with account executives and sales engineers to develop custom solutions for prospective customers with complex hosting requirements. Helped to close many major deals that generated several million dollars in additional revenue.

    Lead engineer for the team responsible for designing and implementing GENUiTY’s web-hosting platform based on Windows 2000. Created the project plan, created and maintained the schedule, proactively managed project risks, ensured that the final product was of the highest quality possible while completing the 6 month project several weeks early.

    Designed and helped to implement the Windows 2000 infrastructure including Active Directory, enterprise management, and software distribution for GENUiTY’s web hosting business.

    Wrote educational materials and delivered training on the Windows 2000 hosting platform and Active Directory design to the operations staff, product management, and sales engineers.
  • Senior Consultant (December 1997 – July 1999), Collective Technologies.
    9433 Bee Caves Road, Austin, TX 78733.
  • Network Administrator, (March 1996 – December 1997), iMAGINE Studios.
    8015 Shoal Creek Boulevard, Suite 100, Austin, TX 78757.
  • LAN Administrator (August 1994 – March 1996), 'Go-Go Studios.
    1307 East 38 ½ Street, Austin, TX 78722.

Credentials

  • B.A. in History with a minor in Economics from The University of Texas at Austin.
  • Certified Information Security Manager (CISM) from the Information Systems Audit and Control Association.
  • Microsoft Certified System Engineer Plus Security on Windows 2000 Server and Windows Server 2003 (MCSE).
  • Certified Information Systems Security Professional (CISSP) from the International Information Security Systems Certification Consortium (ISC)2
  • Information Systems Security Architect Professional (ISSAP) from the International Information Security Systems Certification Consortium (ISC)2