Chris Christian

13865 SW Park WayBeaverton, OR 97005-0940 ● (503) 641-3077 ● wiredforsound@gmail.com

 

Objective

 

Provide secure, sustainable and energetic technology solutions for corporate perimeter network environments. Engage with technical innovators to measure the underlying pulse of current emerging security and vulnerability related threats.

 

Employment History

 

Network Security Engineer                                                                                                                             April 2000 – Present

Intel Corporation, Hillsboro, Oregon

 

Network operations lead for large Corporate Application & Utility DMZ, Enclave & Trusted Zone architecture. Network Engineer for multi-layered network segmentation designs for secure Internet accessible application deployments. Extensive experience securing MS-SQL, Oracle, Micro Strategy, PeopleSoft, SAP Enterprise Portal, DCOM, TIBCO, FTP, HTTP/S, MOM, OMS, Foglight, VERITAS. Frequent attendee of security conventions such as DefCon, ToorCon, Security Opus & CanSecWest to keep current with recent technology vulnerabilities

 

Technical Accomplishments:

  • Managed unfunded solo project to secure all internal E-Business systems communicating with Application DMZ platforms. Required parley with dozens of application project managers to arrange unscheduled downtime, virtual migrations of hundreds of servers and generation of thousands of lines of Router Access Control Lists and Firewall Policies to complete.
  • Architected and deployed comprehensive multi tier Application DMZ network design requiring integration with all exiting and future platform owners to author internally written software to support the defense in depth model of network segmentation between public-tier web servers, middle-tier web services and back-tier database storage.
  • Network enclave lead for all Sarbanes-Oxley compliant documentation, process, audit response and remediation.
  • Key author for comprehensive DMZ and trusted zone policy documentation, risk assessment and exception process.
  • Project lead for regular deployment of network software revisions upgrades requiring coordination with all B2B and B2C applications change control and negotiation of downtime windows in order to provide the most current and secure versions.
  • Championed the replacement of Telnet with SSH for all perimeter network device remote administration and management.
  • DMZ Lead for DNS segregation into external and internal BIND databases for the entire corporation.
  • Owner and technical operations lead for corporate FTP server utilized to share content with external vendors.
  • Lead incident responder for numerous Virus & Worm excursion onto internal corporate networks leading to the creation of a Risk Assessment and Rapid Response teams that are now used to combat the issue proactively rather than reactively.
  • Engineered, developed and deployed first IDS products utilized within corporation on perimeter DMZ networks. IDS product was used to perform forensic analysis for the single corporate web defacement occurring during the products tenure.

 

Technical Skills:

  • Cisco CATOS 6.1.2/7.1.5/8.4.1, VLAN, PVLAN, Trunk, Ether Channel, STP, SNMP, TACACS+
  • Cisco IOS 12.19.EA(A1),Native/Hybrid, TCP/ IP, SNMP, TACACS+, Access-List.
  • Cisco 2500, 2616-XTG, 2948G, 3550, 3560, 4006, 6506/9/13, 7200
  • Juniper DX 5.2.5, 3680, Clusters, Forwarders, SSL Certificates, Application Rules
  • F5 BigIP & 3DNS 4.0/4.5, F35, D5000. D51000, VIP’s, Pools, SNAT, Persistency
  • UNIX – Immunix 7/+, Red Hat Linux 7/8/9, SUSE 9
  • Nokia Firewall, IP530, IP1220, NG/AI, Provider1, Policies
  • Entuity EOTS 4/4.5 Network Monitoring
  • DNS 8/9 – Add/Modify/Delete - A, PTR, TXT, CNAME, MX Records
  • Perl 5, RCS, WU-FTPD 2, Apache 1.5/2, Syslog, SMTP 8/9

 

UNIX Security Engineer                                                                                                                  June 1996 – April 2000

Intel Corporation, Beaverton, Oregon

 

Operations lead for a diverse computing infrastructure of interconnected UNIX workstations and file servers. Support for development of world’s first Teraflop super computer ASCII Red debuted on December 11, 1996. Developed and deployed common workstation builds, with extensive patch management, data backup and recovery. Built, maintained and managed common tools suites utilized across multiple platforms with version controls.

 

Technical Accomplishments:

  • Engineering Computing lead for the Year 2000 compliance non-event requiring comprehensive integration and patching effort across a heterogeneous deployment of UNIX servers, Microsoft clients and numerous software packages.
  • Drafted to performing social engineering and threat assessment against corporate Physical Health & Safety process which succeeded in interfering with EMT and Fire Response teams during a drill so effectively that the entire process was scrapped and re-authored in order to properly handle flaws discovered in the Emergency Response process.
  • Proposed, designed and executed small corporate campus-wide migration from publicly routable to RFC1918 private IP space for several thousand client systems.
  • During staged third-party Sendmail 8 security penetration test was the only assessed target to discover and successfully repel attackers. As a result, was inducted into a corporate wide team to generate minimums security standards for Sendmail and deploy regular updates to a client list in the order of 10000+ unique devices across several dozen flavors of UNIX.
  • Identified password quality issues with enterprise deployment of NIS accounts on UNIX and developed a comprehensive program to ensure password strength, account expiration and integration with the corporate employment database.

 

Technical Skills:

  • Transarc AFS 3.4 & 3.5
  • SPARC ELC/SLC/IPC/5/10/20
  • Auspex File Servers (NFS)
  • DNS, NIS
  • SunOS 4.1.3/4, Solaris 2.4/9.0, HPUX 9.05/10.20, AIX 3.1.4/4.0, Red Hat Linux 6.0, BSDI 4
  • CLI Shells - csh/ksh/bash/sh

 

Education

 

Undergraduate Student                                                                                                                      September 1991 – May 1996

Purdue University, West Lafayette, Indiana – Bachelor of Science – Management Information Systems - GPA 3.19

 

Outside Interests

 

Electronic Music Promotion                                                                                                              January 1992 – January 2003

 

Sonic-Boom Magazine – Underground electronic music resource for music reviews, interviews and scene news.

Doppler Effect Records – Independent forum for the release of cutting-edge harsh electronic music world wide.

Wired For Sound – College radio DJ on KPSU 1450 AM promoting all facets of ground-breaking electronic artists.