I am an information assurance research engineer at the Center for Education and Research in Information Assurance and Security (CERIAS) at Purdue University. I started work at the Center in August 2002. As an undergraduate in Computer Sciences, I volunteered my time to work in the Computer Operations, Audit, and Security Technologies (COAST) laboratory for Professor Spafford. I am currently managing advanced security research projects in security architecture, biometrics, and digital forensics.
After I received my B.S. degree from Purdue in 1997, I joined Sun Microsystems, Inc. and held several positions involving computer and network security. During my time at Sun Laboratories, I co-developed the Sun Enterprise Network Security Service, a secure, distributed execution framework that just happened to audit systems and networks. I was also a project engineer for the consulting division of the company, Sun Professional Services. In this role, I continued work on SENSS, created security methodology to build secure servers for customers, wrote detailed documents on Solaris security, and consulted with customers from the military, finance, and insurance sectors. Some of the security documents I wrote are available from the Sun BluePrints program. I was also the product manager for Solaris network security. In this role, I planned the future of the Solaris Operating Environment, worked with public relations and the security coordinator when vulnerabilities were found in Sun products, and argued with Solaris engineering teams and steering committees to improve the product (not always successfully).
I am a Certified Information Systems Security Professional (CISSP), awarded in December 2001. Most recently, I became a Certified Information Systems Auditor (CISA) in October 2007.
Information Assurance Research Engineer
|CISA [logo unavailable]|