Alek B. Murray
(859) 509-2317
535 McCubbing Drive
Lexington, KY 40503
SKILLS, TECHNOLOGIES & PROJECTS
- Knowledge of common business practices pertaining to information technology and network security.
- Knowledge of open source systems pertaining to enterprise information technology and interaction with commonly implemented Microsoft systems.
- Group facilitation in high-profile situations where uptime was critical.
- Extensive knowledge of operating system and application concepts, with focus on enterprise server and desktop application operation within a secure environment.
- Comprehensive experience troubleshooting LAN and WAN connectivity issues encompassing the full OSI model.
- Extensive knowledge of many applications used by the Commonwealth of Kentucky and their performance within a secure environment.
- Exceptional knowledge of IEEE 802.11 wireless standards with a focus on security (WEP, WPA, Radius) and the exploitation thereof.
- Understanding of Bugtraq and Vulnwatch mailing lists.
- Extensive personal experience in exploiting wireless and wired network technologies in controlled environments and in the wild.
- Exceptional comprehension of information technology concepts with the ability to learn quickly and the desire to test new technologies in legacy applications.
- Exemplary skills in Unix/Linux administration on most open source and some proprietary distributions.
EXPERIENCE
12/2009 - Present
Frankfort, KY
Commonwelth Office of Technology
Network Engineer
- Provide incident response for organizations supported
by the Commonwealth Office of Technology.
- Utilize Frontrange ITSM ticketing system to resolve network and firewall related incidents.
- Create and implement test cases for evaluation of Intrusion Prevention Systems.
- Maintain a system of Snort sensors with an Aanval frontend and ensure transmission of alerts to Symantec Monitored Services.
- Maintain and implement Nortel networking equipment, including switches, routers, and VPN equipment.
- Provide and investigate data from networking equipment to ensure connectivity to clients.
- Design and implementation of redundant one-off routing and firewall systems for the Kentucky Horse Park, to be utilized for the 2010 Rolex 3-Day Event and the 2010 World Equestrian Games.
- Maintain communication with multiple entities for the response to internal and SAS70 security audits.
4/2008 - 12/2009
Frankfort, KY
Commonwelth Office of Technology
Security Consultant
- Provide incident response for organizations supported by the Commonwealth Office of Technology.
- Utilized Frontrange ITSM ticketing system to resolve security related incidents.
- Utilized Symantec DeepSight to identify and manage possible viral and vulnerability outbreaks.
- Utilized Symantec Monitored Security services to detect and resolve issues flagged by Intrusion Detection Systems.
- Provided data forensics for COT customers in a manner consistent with security industry standards.
- Performed wireless audits and provide detailed reports to facilitate resolution of possible policy breeches.
- Performed vulnerability assessments and penetration tests using nessus.
- Provideed compliance reporting from vulnerability and penetration assessments.
- Performed compliance audits using Symantec Control Compliance Suite.
- Designed and implemented a system of Snort sensors with a Sguil frontend as lead for the Enterprise Snort Deployment and Training project.
- Implemented a nessus infrastructure as lead analyst for the Production Server Assessment prject.
- Analysed and verified baseline builds used for servers and workstations within the Commonwealth.
- Audited surplus and off lease systems to verify compliance to Commonwealth sanitization standards.
- Designed and implemented an IDS system based on Snort, Sguil, BASE, and Aanval.
- Compiled and implemented large rainbow tables for password complexity audits used with L0phtcrack 6.
3/2007 - 4/2008
Frankfort, KY
Cabinet for Health and Family Services.
Network Analyst 3
- Provided Level 1, 2, and 3 user support to the Cabinet for Health and Family Services.
- Implemented and troubleshoot new network hardware including installation and configuration of state-of-the-art switches with Power over Ethernet for Voice over IP systems in LAN and WAN settings.
- Troubleshoot multi-site network issues, including CSU/DSU, DSL, Active Directory, and VPN problems.
- Troubleshoot complex systems on varying operating systems, including Windows XP, 2000, Server 2003, Server 2000, and proprietary UNIX.
- Recovered mission-critical information from malfunctioning hard discs via Linux-based forensics systems.
- Performed desktop and server troubleshooting in sensitive areas, including those under strict HIPAA regulations.
- Analyzed and designed automatic deployment of Checkpoint PointSec software for hard drive encryption for all machines rolled out into the cabinet, including an initial deployment of approximately 200 PCs.
- Facilitated investigations with the CHFS Security Officer by utilizing various imaging tools (Several versions of ghost and Unix `dd`) and applying chain of custody.
- Analyzed and diagnosed traffic via Wireshark/Ethereal for public safety applications. Facilitated communication with the Commonwealth Office of Technology to whitelist the correct addresses in netcache.
- Underwent rigorous background check and fingerprint analysis by the Kentucky State Police and FBI to facilitate compliance with the Boni Frederick Bill (KRS 194A.065).
- Established a personal relationship with many government administration executives to obtain a detailed list of needs and expectations.
1/2006 - 3/2007
Frankfort, KY
Desktop Support
- Provided Level 1, 2 and 3 network support to the state laboratory for the Cabinet for Health and Family Services.
- Responsible for maintaining uptime for the Kentucky Newborn Screening database, milk safety screening laboratory, virology laboratory, serology laboratory, fluoride and water safety laboratory, as well as other public health related programs.
- Workstation support for Windows XP and server support for Windows Server 2000, 2003.
- Troubleshoot Windows Server 2000 and 2003 to prevent downtime for critical applications, including maintaining current official Microsoft patches.
- Supported various pieces of laboratory equipment and the servers and applications that controlled them.
- Troubleshoot multi-site network issues, including CSU/DSU, DSL, Active Directory, and VPN problems. This includes troubleshooting slow network links on the LAN and WAN level, preventing and repairing downed fiber links with the Commonwealth Office of Technology, and maintaining LAN switch health and performance via reconfiguration and physical maintenance.
9/2005 - 12/2005
Accent Systems
Frankfort, KY
AIX Support
- Performed 2nd stage of AIX server/hardware upgrade for the Education Cabinet.
- Responsible for migrating all data from old server to new, and administering install process of new OS and software.
- Tested new AIX hardware and software to maintain quality control.
- All AIX upgrades were done by remote control via UNIX command line access. Required knowledge of bourne shell scripting and detailed UNIX system functionality.
- Traveled to remote locations for PC troubleshooting and repair.
- Maintained complex networking environments for UNIX servers for all Kentucky school districts and connectivity to the Department of Education WAN throughout the upgrade process.
3/2005 - 9/2005
Frankfort, KY
Desktop Support
- Facilitated the migration of users for CHFS to Active Directory by performing desktop upgrades to Windows XP from Windows 2000 and NT 4.0.
- Created Symantec Ghost images and rolled out new systems to users with a Windows XP image. Image creation required extensive knowledge of Windows XP customization via the registry and OEM tools including Microsoft's Sysprep.
- Troubleshoot and designed complex install procedures for custom and mainstream applications including, but not limited to, Kentucky MARS, Twist, Bridge, Microsoft Office XP, Adobe Products, and various Microsoft products and utilities.
- Troubleshoot multi-site network issues, including CSU/DSU, DSL, Active Directory, and VPN problems. Many migrations were done at remote sites which required constant uptime and connectivity to the main Cabinet for Health and Family Services WAN.
- Assisted Network Engineers in troubleshooting and repairing slow and disconnected links to remote sites, required for proper propagation of Group Policy data across the CHFS WAN.
- Other responsibilities ranged from Level 1 Desktop Support to general server and Active Directory maintenance.
- Analyzed and investigated infractions of Cabinet and State security policies by way of open source network and forensics tools. Includes penetration testing via NMAP and Nessus, data recovery using various Linux-based forensics utilities, and reporting utilizing standardized chain of custody for sensitive data.
3/2004 - 3/2005
Montgomery Medical Services
Mount Sterling, KY
A Medical Services Facility.
IT Manager
- Design and implementation of network structure for transfer of sensitive data, including HIPAA compliance with patient information.
- PC troubleshooting and support.
- Maintain and troubleshoot PPTP VPNs between multiple health care facilities.
- Implemented Linux based routing system for use with wireless tablet PCs.
- Prepared for implementation of electronic medical records system.
- Designed and implemented a secure wireless network for use by medical staff via handheld tablet PCs.
7/1999 - 3/2004
Alek B. Murray Consulting
Lexington, KY
Various Clients
Owner/Consultant
- Developed a business plan for a small IT consulting firm.
- Solicited clients in the Lexington, KY area in order to gain a firm clientele.
- Provided PC, server, and network design, implementation, and troubleshooting for small to medium sized businesses throughout Kentucky and Tennessee.
- Provided network security services and penetration testing services to businesses throughout Kentucky and Tennessee.
- Developed, implemented, and troubleshoot small- to medium-sized enterprise wireless networks for clients including hotels, apartment complexes, and small business.
- Wireless network security evaluation and design for 64- and 128-bit Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), and Radius authentication.
EDUCATION & INTERESTS
- Currently pursuing Bachelor of Science in Information Technology from Sullivan University
- Interest and thorough understanding of security principles, focusing on social engineering and network exploitation in technology environments.
- ITILv2 certified in Information Technology Service Management.
References available upon request.
HTML version | E-mailable HTML version | Plain Text (.txt) version.
Valid XHTML 1.1 / CSS 2.0