Eric B. Cole
-------------------------------------------
www.securityhaven.com
Work:
(703)-298-3005
Education:
Pace University
Completing doctorate degree in Network
Security.
Expected
graduation 2002.
George Mason
University
Major: Ph.D. (all but dissertation) in Computer Security (intrusion detection and steganography)
GPA: 3.85/4.0
Member of the Center for Secure Information Systems.
Course work, exams and proposal completed.
M. S., New York Institute of Technology
Major: Computer Science
GPA: 4.0/4.0
Honors: Harry Schure Graduate Memorial Award (awarded to one graduating senior)
B.S., New York Institute of Technology
Major: Computer Science
Minor: Business
GPA: 3.7/4.0
Honors: Graduated Magna Cum Laude, Dorothy Schure Memorial Award, Jules Singer Award,
Grace Hopper Award from Computer Associates, Presidential Academic Award (4.0
semesters), Presidential Service Award, Dean’s List, Member of Who’s Who Among
Students in American Universities, and Member of Nu Ypsilon Tau Honor Society.
Activities: President of Nu Ypsilon Tau Honor
Society, Treasurer of ACM
CISSP (Certified Information Systems Security Professional), MCSE (Microsoft Certified Systems
Engineer), CCNA (Cisco Certified Network Associate) and ISS Internet Scanner and Real Secure
Certification. Created several of the GIAC certification programs and exams. Member of ACM, IEEE,
International Who’s Who in Information Technology, CSI Computer Security Institute), ISSA
(Information Systems Security Association), and ICSA (International Computer Security Association).
Member of the editorial board for CVE (Common vulnerability and exposures), member of the HoneyNet
project. Both are invitation only memberships. Author and speaker for SANS Institute.
Author of “Security Essentials Toolkit”, published by Que 4/02
Author of “Hacker’s Beware”, published by New Riders 8/01
Contributing author of “Know Your Enemy: Revealing the Secret Tactics of the Blackhat
Community” published by Addison-Wesley, 9/01
Technical Skills Summary:
Computer Cryptography, Steganography, Intrusion detection, NT security, Unix security, TCP/IP
Security: and Network security, Internet security, Router security, Security assessment, Penetration testing, Firewalls, Secure web transactions, Electronic commerce, SSL, TLS, IPSEC, Information Warfare, Ethical hacking.
Internet: Java, HTML, CGI, TCP/IP, HTTP, SMTP, Various other Internet and routing protocols,
Protocol analysis, Routers, Sockets, Various Internet browsers.
Programming: C/C++, Java, Perl, Delphi, Visual C++, Visual Basic, Powerbuilder, Pascal, Level IV,
Fortran, Basic, Assembly, LISP, Prolog, Modula2.
Operating Windows 95/98 Windows NT 3.5 and 4.0 (server and workstation), Windows 2000, Systems: UNIX (Linux, BSDi, Solaris), Windows 3.1, DOS, OS/2.
Security Clearances:
Top Secret clearances and Sensitive Compartmented access (TS/SCI/ISSA).
Employment History:
Consulting Services
Stays current and maintains an
excellent understanding of security holes, hacker techniques, security alerts,
bugs, vulnerabilities, exposure points, security products, emerging
technologies, security policies, and industry best practices. Performs a variety of research and trending
on new technology and products. Acts as
an expert witness for several government and commercial companies. Invited speaker at a variety of security
events around the world.
SANS Institute
Lead instructor for several security courses. Highest rated instructor and one of the few instructors that teaches a variety of courses. Contributed to the development of several of the GIAC certifications including GIAC Certified Security Essentials (GSEC), GIAC Certified Advanced Incident Handling Analysts (GCIH) and GIAC Certified Firewall Analysts (GCFW). Responsible for staying up on technology and developing new course material that teaches students the state of the art in networking and security. Started and in charge of several key efforts including the Levelone Notebook, top 10/20 vulnerability list and the Cyber defense initiative. Developed business plans for and created new technological initiatives. Constantly researched, tested and evaluated new security products and research efforts
American Institutes for Research
Reports directly to the COO and responsible for all technical issues for
the entire company. Redesigned entire
network (1000 users with 5 remote locations) from the ground up, to include
integrated security. Designed and build
several secure networks for communication with clients. Performed penetration testing for several
highly secure web sites. Provided
technical support for DARPA sponsored research projects.
GraceIC
Responsible for establishing GraceIC as a leader in the network security
arena. Created the product line that
the company is offering and provided the expertise to build the services. In-charge of delivery and technical skills
of security employees. Built the proper
internal security infrastructure within Grace such as secure email, proper
protection of data and security policies.
Presented at several national and international conferences and wrote
several articles. In addition performed
research into the area of future applications and solutions to the network
security problem that exists in the current market. Trained sales people, program managers and engineers on how to
sell, manage and deliver security services.
Acting as CTO providing technical and strategic direction for the
consulting practices. Maintained a
pulse on technology in the market place to produce trending and markets plans.
Vista Information Technologies
Started and in-charge of the Enterprise Security Services Group and responsible for all internal and external security issues. Tracked and managed separate P&L (profit and loss) center for security. Grew the team from one person to 6 people with several million in annual revenue in less than a year. Setup the security and other monitoring services for the NSOC. Created all of the security services offerings and generated all necessary materials. Responsible for business plan and financial tracking of security group. Perform security assessments and consult on all areas of security. Design, implement and monitor security solutions including firewall design, intrusion detection, vulnerability assessment and penetration testing. Designed new networks and redesigned existing networks to make sure they properly address security. Have extensive experience on several of the commercial security products and assessment tools and have written several customized programs. Tracks and stays current on a large number of security and hacker tools. Key presenter at Cisco sponsored security seminars around the country.
Georgetown University
Adjunct Professor
Teach a variety of courses including: C++, programming, TCP/IP, Network Design, and Security related courses. Responsible for all aspects of teaching the class including generation of course material.
Teligent
Created and in charge of IT Corporate Security Department. Central point of contact for all security concerns. Evaluate strategic plans and operational activities by performing risk assessment and determine how it might impact corporate security. Architect and design security solutions to meet operational needs. Integrated security and help create NOC to provide for proper monitoring of network. Developed the company’s security policy and several security guidelines. Evaluated, audited, and red teamed entire network of NT machines, Unix machines, and Cisco routers. Setup intrusion detection system for critical components of the network. Designed, setup and maintain perimeter network with PIX and Gauntlet firewalls. Setup security lab to properly test and enhance the security features of the network. Worked on several computer investigations with HR. Assisted legal on researching laws, regulations, and policies relating to computer and information security. Evaluated several secure email solutions and installed PGP company wide. Setup web traffic monitoring and password tracking systems.
Central Intelligence Agency
Received 6
Exceptional Performance Awards.
Program
Manager / Technical Director for the Internet Program Team with Office of
Technical Services
Senior Officer in charge of a 20 person Internet Program Team. Responsible for the creation of the Internet Program Team. The team specializes in rapid development and in exploiting the latest Internet technologies to meet customer’s requirements. The team designs, develops, tests, and deploys products in 3 to 6 month intervals. Designed and developed several secure communication systems. Responsible for technical direction, technical design, security assessment, and programming modules. Setup and maintained several servers (NT and Unix) and routers (Cisco 2500 and 3600 series). Secured internal servers, continually perform intrusion detection, and reviewed audit logs. Performed independent security reviews and penetration testing of (World Wide Web) servers for other offices. Identified several weaknesses and ways to fix those problems and secure the system. Currently, the team has had several successful deployments. Received letter of appreciation from the DCI (Director of Central Intelligence) and several Exceptional Performance Awards for this project.
Artificial Intelligence (AI) Software Engineer
Technical lead for several AI based systems which utilized rule base, neural network, and genetic algorithm technologies. Responsible for the design, development, coding and testing of the system. Received an Exceptional Performance Award for this project.
Created programs using artificial intelligence techniques. Developed user-interfaces and analytical programs in C++. Designed and developed a software filter that would identify different file types. Received an Exceptional Performance Award for this project.
Computer Engineer
with Office of Security
Member of the information security assessment team. Evaluated and performed security assessment of network operating systems. Identified potential vulnerabilities and ways to secure the holes. Designed a large scale auditing system with automated review capability. Worked on several virus investigations. Extracted data from disk platters using the optical disk reader (ODR) to reconstruct the bits. Tested and troubleshot hardware and network problems. Installed and administered the division’s network (30 workstations and 3 routers).
New York Institute of Technology
Adjunct Professor
Taught various classes, created new curriculum for the courses, and member of the team that designed a new Computer Science curriculum for the Bachelors Degree program.