Over ten years experience in the IT industry, with emphasis in Banking, Healthcare Insurance, and Military industries.
Expert at root cause analysis, troubleshooting and facilitating relationships.
Skilled at effective, large scale presentations.
Tools: Tripwire, snoop/tcpdump, Ethereal/Wireshark, iptables, TCP Wrappers, File ACLs, Veritas Volume Manager, PowerBroker, Perl, Korn Shell, Bash.
Technologies: Configuration Management, Credential Management, Web Servers, Application Servers, Mail Servers, Name Servers, LDAP, SQL, Single Sign On (SSO), Public Key Infrastructure (PKI), DMZ, RBAC/DAC, Volume Management, SAN, Veritas Cluster, Sun Jumpstart, Red Hat Kickstart, PXE.
Platforms: IBM WebSphere; Apache/IHS, Perl/PHP, Oracle, MS-SQL, MySQL, SunOne Directory Server, Red Hat Directory Server.
Operating Systems: Solaris/SunOS, Linux, Vmware ESX 3.x, Windows Server 2003.
Educational and Certifications Summary
Senior Network Specialist/Senior Network Instructor, North American Communication Systems Engineers (NACSE)
Certified Information System Security Professional (CISSP), International Information System Security Certification Consortium.
Certified Adjunct Instructor, State of Florida.
Master of Science Information Systems, Hawaii Pacific University.
Published author – over 50 articles on Linux, system programming, and training.
Freelance Consultant @ DHS/FEMA; Center for Internet Security; Take One Ltd; TriStar Media; NaturOli, Standard Printing Company
2007 – present
Freelance consultant delivering security training, consulting and deploying state-of-the-art solutions.
- Deployed new VMware infrastructure in a data center and joined it to the existing office network using VPN technology. Migrated servers in the office to the data center. Said infrastructure hosts the bill presentment portal for over 100 municipalities.
- Implemented clustered SiteMinder solution for Federal Emergency Management Agency (FEMA). Led three separate training and knowledge-sharing sessions.
- Designed/deployed high availability web/mail/file Linux cluster for international toy manufacturer and validated security using industry standard security scanning tools.
- Redesigned network and server infrastructure for graphics arts company using Linux name server, file server and remote replication solutions.
- Lead Developer for three Center for Internet Security Benchmarks (RHEL, SuSE, AIX).
WITHHELD (Financial Industry) - Lead Technical Architect
12/2007 - Present
Lead technical architect for networked mainframe technologies, such as Directory Services, TN3270, and SSL. Midrange security SME for Linux, zLinux, Solaris and AIX. Cheerfully swings audit finding battle-axe and bludgeons people into compliance with corporate standards.
- Architected/Engineered Active Directory Bridging solution to enable user to use Active Directory to log into Unix servers.
- Demonstrated drop-in replacement of Oracle Directory Server with Red Hat Directory Server (389DS) saving the company over $1million.
- Implemented LDAP interface for RACF using Tivoli Directory Server. When overcoming obstacles (dataset profiles and user catalogs), IBM told us we were the first ones to ever do this without a third-party product.
- Drove decommissioning of Sun E25K's saving the company $2.4million.
- Created ad-hoc application-based virus scanner to enable customers to upload documents.
- Reduced risk footprint by increasing standards-compliance or decommissioning violating servers.
- Conducted Proofs-of-Concept and Evaluations for various technologies.
- Defined the Reference Architecture for Linux-based application servers and defined the Linux image for Fortune 500 company.
Spherion Corporation – Technical Architect @ American Express (Contractor)
10/2006 - 12/2007
Worked as part of the Technology Infrastructure Engineering team and Mainframe Security Engineering team. Made decisions as the Linux subject matter expert for American Express' Infrastructure Engineering. Drove new Linux image engineering across the company's global infrastructure and delivery channels.
- Identified zLinux crypto performance improvement and initiated implementation activity.
- Re-engineered development infrastructure for a $1.6M/year save.
- Implemented Reference Architecture (RA) where none previously existed. Developed RA materials for VMware, Linux/zLinux, Apache and WebSphere.
- Evaluated/Developed/Tested solutions for resolving audit maps. Developed standardized test plan to evaluate proposed solutions.
- Created PXE boot kickstart server for instant provisioning of RHEL3/4/5 systems.
- Saved estimated $360K in first year through re-engineering using VMware ESX.
- Drove Unix/Linux environment standardization from internal audit finding, resulting in dramatic increase in environmental consistency, thereby driving down support costs.
AGD, LLC dba My IT Department - Consultant @ Various Clients
IT service provider to small businesses and a subcontractor to IBM Global Services.
- Consulted with mid-sized clients to enhance existing infrastructures and implement incident response, change control and problem management procedures.
- Conducted Risk Assessments for HIPAA and GLBA compliance.
- Performed vulnerability assessments and Zero-Knowledge Penetration Tests.
- Established/implemented firewall rules. Validate rules with vulnerability scanning tools.
- Automated system monitoring to leverage administrator effectiveness. IBM adopted the system for its entire Linux eBusiness platform.
- Drove troubleshooting application and environmental issues with teams on bridge calls.
- Applied operating system patches. Verified patches were applied to all Linux servers via automation and reporting tool.
Blue Cross Blue Shield of Florida - Senior Computer Security Tech
Worked in the Computer Security Department under Audit and Compliance for a major healthcare insurance company. Team was responsible for maintaining the Privilege Management Infrastructure, and integrating applications into the infrastructure.
- Provided technical guidance on corporate secure architecture. Advised developers and Unix administrators on computer security best practices.
- Successfully troubleshot and resolved LDAP/SiteMinder/Code/Data issues.
- Created and executed comprehensive regression testing plan.
- Provide technical guidance on corporate security architecture (SiteMinder).
Thor Group Inc - Unix Integration Engineer @ American Express
Worked in the Global Integration Engineering team in charge of the Utilities web server cluster.
- Resolved 100% of all server instabilities by executing a structured troubleshooting framework for locating problems.
- Provided Level 3 support on High Availability web cluster integration and performance issues.
- Reduced service disruptions to Client's key services by 99%.
Content Copyright © 2003-2014 George Toft
- The Center for Internet Security - CIS
- International Information System Security Certification Consortium - (ISC)2
- League of Professional System Administrators - LOPSA
- Phoenix InfraGard - FBI/InfraGard