Michael Endrizzi

Security Evolution, Inc.
Information Security Engineer

5641 Audrey Ave

Inver Grove Heights, MN 55077

Email: mje@secev.com

Professional Focus

Information security consulting - bridging the gap between business requirements, policy/process and actual implementation in enterprise environments.

Skills Inventory

InfoSec Project Lead Experience

·         Founded two information security consulting firms with up to 15 employees

·         Retainer based CSO and security architect of various clients

·         Led many teams on various Infosec projects

Auditing Experience

·         Have implemented and audited management-oriented controls found in security regulations such as HIPAA, GLBA, NIST, FCA, FFIEC, SOX, PCI, ISO17799, ISO27001/2

Security Technology

·         Firewalls: Check Point, Sidewinder, PIX

·         Assessment: Nessus, nmap, Nikto, hacking penetration skills, GFI, Netstumbler

·         Identity: Active Directory

·         IDS: ISS

·         PKI: Verisign, Entrust

·         URL Filtering: WebSense, Bluecoat

·         Log Correlation: RSA enVision, developed custom SQL tool

General

Technology

·         Perl, C, C++, sh, bash, awk, sed, Ada, SQL, embedded systems

·         Strict software engineering full life cycle methodologies

·         VMWare

·         Unix, Windows server and workstation

·         Sharepoint administration

Networking

·         LAN/WAN configuration, DNS, IP, SNMP, SMTP

Security Training

·         Developed and presented training in: Hacking, firewalls, VPNs, PKI, IP networking

Sales

·         Currently responsible for sales management at Security Evolution

·         Largest contributor to the sales effort for many years through industry contacts and speaking engagements

Employment

Employment

Information Security Engineer - Founder of Security Evolution, Inc.

April 2003 -  present

·         Founder of Security Evolution, Inc. information security consulting firm

·         Check Point firewall admin and developed team policy/process improvements

·         Developed rule review Perl/SQL tools and processes for 150+ firewall environment

·         Verisign PKI policy development and administration

·         Sharepoint Administration

·         Premier customer support for large security OEM and their email filtering solution; debugging FreeBSD Unix email filtering platform, developing Perl reporting scripts, managing customer expectations.

·         Work with executive management and boards to align security strategy with business requirements

·         Retainer based (Chief Security Officer) CSO for various clients

·         Retainer based internal IT Auditor for various clients

·         Business focused risk assessments and architecting risk management strategies

·         Compliance audits; HIPAA, ISO17799, PCI, FCA, FFIEC, NIST, SOX

·         Project Management: Security deployments, audit efforts

·         Security architectures

Information Security Engineer - Founder of InterSec Communications, Inc.

May 1995 – April 2003

·         Founder InterSec Communications, Inc., a 13 person security integration and training firm

·         CTO principle responsibility for technology team

·         Security architecture for various clients; firewalls, wireless, IDS, authentication systems (Active Directory, X.500, LDAP), single sign-on systems

·         Firewall and Internet Architecture and deployments: Check Point and Sidewinder

·         Developer of security training curricula

Security Software Engineering and at Secure Computing Corporation

June 1988 – May 1995

·         Developer on Sidewinder Internet firewall team.

·         Unix kernel, device driver and application developer working in C, C++, Perl

·         Followed strict software engineering development standards with formal methods and verification

·         Key Developer/Team Lead of military grade Internet firewalls for National Security Agency (NSA) for 5 years

·         Secured multiple ARPA grants to study security issues associated with SNMP network management stations

Software Engineer at Unisys Corporation

June 1983 – June 1988

·         Developer of top secret network security systems for US Navy

·         Developer of hardware simulation languages written in Ada

·         Developer of hardware fuzzy search engines

·         Research in computer security, Artificial Intelligence (AI) and Expert Systems

Education

·         Masters in Computer Science – 1991-University of Minnesota, Minneapolis, MN

(Software Engineering and Neural Net SQL Databases)

·         Bachelors of Computer Science - 1983 University of Wisconsin, Oshkosh, WI

Teaching Experience

·         Adjunct faculty instructor 2000-2002 term – St. Thomas University, St. Paul, MN: Teach courses in security awareness

·         Developed “A Day in the Life of a Hacker” to demonstrate the importance of security awareness to non-technical audiences

Professional Orgs

·         ISSA – Computer Security Professionals

·         IEEE – International Engineering Professionals

·         EntCon – Entrepreneurial Professionals

·         ISC2 Certification

Certifications

·         ITIL Certification

·         CISSP – Information Systems Security Professional

·         CCSA, CCSE Check Point Certification

·         Sidewinder Certification