CARL H. ALMOND JR.
firstname.lastname@example.org or www.carl.net
Summary of Qualifications
Mr. Almond has spent over twenty years helping organizations achieve their goals by working to understand their unique issues and how the appropriate application of people, process and technology can solve their business needs. Mr. Almond has demonstrated the ability to understand and communicate the organizations security requirements at all levels so that solutions can be brought to bear in a manner that is effective and appropriate within the organization. Mr. Almond’s background includes acting as the Chief Security Officer for multiple organizations, managing and participating in the full range of organizational development and enterprise IT management; demonstrating experience with governance, policy, planning, architecture, risk management, service levels, systems management and maintenance all in a secure manner. Carl has a proven track record in highlighting and resolving issues in diverse environments and coordinating team efforts to solve organizational issues. Carl possesses excellent interpersonal, organizational, and communication skills, and is goal-oriented, diligent, and resourceful with proven management skills. Mr. Almond has presented at large public and private seminars on a wide range of topics. Over the past twenty years Mr. Almond has worked in virtually every vertical including Government/Defense, Financial Services, Healthcare, Legal, Manufacturing, Petrochemical, Retail, Transportation, Telecommunications, Travel and Hospitality, Media, Real Estate and Insurance. Mr. Almond is a co developer of three patents relating to secure electronic voting systems and authentication technologies. Mr. Almond has investigative and physical security experiences and still holds a private investigators license in the State of FL. Certifications attained include CISM, CISSP, SSCP, CEH, TICSA, IAM, MCSE, MCP+I, MCP, CNA, CCNP, CCNA, CCDP, CCDA, CCSA, Security +, Network+ and I-Net+.
November, 2001 through Present
CDPP Global Security SME: Provide security advice and solutions to all Avanade projects globally. Guide project teams in meeting Avanade, client, and governmentally mandated security/privacy requirements including HIPAA, Sarbanes-Oxley, GLBA, Computer Fraud & Abuse Act, FISMA, the patchwork of US state requirements, and global legislation. Assist projects to pass external audits thus maintaining client trust and helping to extend client contracts. Determine Avanade’s ability to comply with security requirements laid out in client contracts. Analyze security issues to better enable Avanade to understand the risk they pose to the business. Create training for employees on privacy and security legislation including HIPAA.
ASR Lead: Determine the issues surrounding Avanade’s Short Term Resources (ASR) workforce and turn the organization around. Develop process and procedures that will allow the organization to fulfill its specified function. Oversee 50 direct reports and 150 contractors. Oversee the recruiting function to provide short term workers to the business on an as needed basis.
Senior Director / Americas Security practice: Provide direction for the Americas Avanade security organization. Activities include determining the client bases need for security solutions and then working to create and communicate those solutions, developing and improving the intellectual property used by Avanade on client engagements, securing client information assets based on the organizations requirements using process, people and technology and providing internal and external security training. Projects include working with client executive leadership to understand how IT can facilitate their business goals, mentoring of client’s executive leadership, acting as the Chief Security Officer (CSO) for organizations in transition, helping clients understand and implement security governance, creation of Security Best Practices, secure system architecture design, assessment of Information Technology infrastructures, design/implementation of new secure infrastructures, policy design and compliance, operations management improvements to increase the overall security stance and vulnerability and security assessments. Management duties include mentoring technologists, developing the careers of direct reports, client satisfaction, developing and managing vendor relationships, assisting sales though the acquisition of clients and creation of statements of work.
Security and Infrastructure Architect [Secure Electronic Registration and Voting Experiment (SERVE)]: Design, develop, deploy and manage the security and infrastructure for the SERVE project (DoD FVAP) whose goal was to build an electronic voting system which would allow over 100,000 uniformed and overseas United States citizens to register and cast their ballots over the Internet for the 2004 Presidential election. My primary duties included determining and managing the risks and threats that would affect the voting system over its lifecycle. Creating the system requirements, system design/architecture, security policies and procedures for the SERVE system. Designing a hardware and software infrastructure using primarily Microsoft components that would resist identified and unidentified threats. Guiding and insuring compliance to security requirements by the development and infrastructure teams. Presenting and defending the security and infrastructure elements to panels of government security experts, computer science professors, election officials and corporate management. Performing day to day business functions including contract negotiation, scheduling and team management.
Acting Chief Security Officer (CSO) [Accenture eDemocracy Services (AeS)] – Report directly to the CEO to fulfill all CSO functions required. Assess current policies, procedures and processes as they relate to security. Work with AeS staff to modify or create policies, procedures and processes where needed to enhance the overall security stance. Assess/audit corporate network infrastructure (including services and applications) for adherence to security best practices and corporate standards. Provide guidance on the security elements of current and planned applications and systems. Assist AeS in responding to external queries about their security and infrastructures. Identify protection goals and objectives consistent with the corporate strategic plan. Assist AeS in maintaining or developing relationships with local, state, federal and foreign law enforcement and other related government agencies. Oversee/assist with the investigation of security breaches and assist with disciplinary and legal matters associated with such breaches if necessary. Work with outside entities to allow for independent security audits.
March, 2000 through October 2001
Senior Internetwork Solutions Engineer:Consult on the possible future investment value of organizations based on the People, Process and Technology used to fulfill the business requirements. Design, secure, manage and install client’s major Internetwork infrastructure projects. Including the roles of Lead Designer/Technician, Project Manager, Lead Security Engineer, Primary Technical Resource and Educator. Projects including Internet Infrastructure design and redesign, ASP Server farm installation, ISP Co-location farm infrastructure installation and design, Routing configuration and design, hardware analysis and selection, Firewall installation and testing, Intrusion Detection Scanner installation, Security assessments/policy creation, Interface to ISPs and NAPs, Large-scale documentation creation, training of customer personnel and customer relations. Projects include network/security review and redesign of the largest e-mail provider in the world, IP redesign and analysis for a major oceanic transit provider, NAP design review, Installation and securing of major Co-location providers infrastructure, redesign (security and infrastructure) and migration plan for the largest European satellite based Internet provider, CLEC DSL installation and configuration projects, major ASP/CSP server farm design and installation and advisor role to one of the big 5 investment firms to assess possible investment opportunities.
Lucent Netcare (Previously INS, International Network Services)
July, 1999 through February, 2000
Network System Engineer:Design, secure and manage clients Internetwork infrastructure projects. Including the roles of Lead Designer/Technician, Lead Security Engineer, Project Manager and Educator. Projects including Internet Infrastructure design and redesign, Security assessment and design, Server farm installation and training of customer personnel, Installation and configuration of Network Management Systems, Routing configuration and design, hardware analysis and selection, Firewall installation and testing, Interface to ISPs and NAPs, Large-scale documentation creation, and customer relations. Specific project types include lead designer on ground up design of national ISP carrier class networks layers 1 3; lead designer and project manager on redesign of the network and security design for large Internet and traditional based merchant sites; lead technician on operations procedure, security process and network infrastructure documentation projects and ASP and CSP server farm infrastructure design and review as well as technical white paper creation to help startups receive further investor funding.
IBM Global Services Networking Services (Formerly Advantis)
April, 1997 through July, 1999
Senior Internetworking 1.1/CSN Access Designer and Backbone and Infrastructure Designer:Design, approve and certify infrastructure and customer connections to IBMs US and International commercial wide area network (the IBM Global Network) using frame relay, leased lines, ISDN, switched 56, X.25 (non US); Cisco and IBM routers; IP: BGP, OSPF, RIP, Static routes; IPX: RIP; SNA: DLSW, RSRB and any other required technologies. Design and approve distributed service architectures (Web, FTP, DNS, SMTP, etc) including the WAN interconnections and the LAN infrastructure, including the commercial network connections into IBMs premier Universal Server Farms. Provide top level networking, security, consulting and troubleshooting expertise to customers and internal technical and sales staff. Consult and train staff members in advanced network design, security and related technologies. Test in labs or have tested new networking and security technologies for possible addition to IBMs networks and provide configuration examples and initial help to enablement personnel for the new technologies. Check new connections for security compliance and redesign networks and connections to meet or exceed required security standards. Design and enable new backbone or infrastructure connections to IBMs customer network. Design, enable and maintain out-of-band Frame Relay and ATM switch management network for IBMs US Layer 2 infrastructure. Takeover and cleanup the IP address administration for IBMs US customer network. Train new personnel to maintain IP address databases. Develop and help set policy for Internetwork and security issues. Participate in on or off site internal or customer meetings, as lead designer, to design or redesign the wide area networks and wide area network connections. Provide and present technical solutions directly to customers in Critical Situation meetings to improve the customer relationship and save the account. Create ISO9000 department documentation to document quality and meet audit requirements.
Computer Management Consultants (Assigned to IBM/Global Services Networking Services)
January, 1997 through March, 1997
Consultant: Redesign and Secure internal network and external connections to allow remote access, wide area access from any worldwide IBM internal location and Internet access with the major application being Lotus notes and Domino. Design wide area connectivity for labs in the US. Manage internal IBM servers (Windows NT on Intel and Alpha; AIX on RS/6000 and Power PC; and Solaris on SUN Sparc). Prioritize and manage projects for Principles; Provide top-level technical advice to other technicians and programmers in the unit. (Note: This was a 3 month project as the senior engineering resource that lead to the senior position directly held with IBM.)
DataSolutions (WAN Services, Outsourcing )
January, 1996 to December, 1996
Senior Network Technician: Convert DataSolutions and clients wide area networks from standard leased line or multidrop configurations to Frame Relay using Cisco, Motorola, and 3-Com routers and FRADs providing backup where needed. Design and manage the TCP/IP configuration for the DSI WAN and numerous customers wide area and local networks. Install and manage Internet services and connectivity internally and for clients (HTML, Mail, News, DNS and FTP servers) this includes firewalling the internal WAN and filtering the customers out of each others WANs. Design, implement and maintain wide area networks for customers; using Frame Relay, X.25, Leased Lines, wireless, TCP/IP, IPX and SNA. Set up and manage a Network Control Center that automatically alerts technicians of line and router problems. Build, configure and manage internal and customer Windows NT servers, Novell servers and Firewalls. Provide and maintain AS/400 connectivity to numerous customers (TN5250 and printer emulation) over TCP/IP occasionally using NT SNA gateway or directly to V3R1. Install UNIX LPD/LPR printing functions on dissimilar systems to allow UNIX printing to WAN Hosts. Test and incorporate new technologies into the DataSolutions and customers local and wide area networks.
SC DHEC (Information Resources Management)
January, 1995 to December 1995
Information Resource Consultant:Install, maintain and troubleshoot the DHEC wide area network. Increase levels of security throughout the infrastructure by policy creation and application of that policy. Build Novell servers and install Multi Protocol Router to be used as routers at remote agency offices. Install and configure routing of TCP/IP and IPX over WAN and local links. Install and teach users how to use multiple Internet tools including browsers, FTP, Telnet, etc. Interconnect routers using Radio Links, Frame Relay, ISDN, and conventional 56k and T1 links using CSU/DSU's and NT1's. Manage the personnel and equipment in three multi-county districts in relation to WAN connectivity; Administer and install Novell 3.11, 3.12, 4.x, WFW, Windows 95, Windows NT servers and Mainframe gateways. Provide technical support to county network support personnel and selected local technical personnel. Install, maintain and demonstrate to users software packages such as Excel, Quatro Pro, Windows, DOS, Microsoft project, Groupwise, etc. Test new hardware and software for possible integration into wide and local area networks.
B.T.I. Consultants, Inc.
June, 1992 to January, 1994
Head of Computer Operations: Purchase and maintain all company computer equipment; locate new sources of online information for investigators; perform consultation for clients regarding computer security issues; perform upgrades to client's software, machines and networks. Set standards for computer hardware and software.
January, 1989 to 01/2005
Independent Contractor:Provide expert advice to one of the largest SPAM (UCE) operators on how to defend against the full array of network attacks as well as create a solid hosting facility that provided functionality while minimizing attack points. Install and maintain multiple Internet Service Providers WAN infrastructure and their clients router based connections using Cisco, ascend and Intel routers over leased lines, frame relay, ATM or POTS. Review installed WAN, LAN and Server architecture for possible improvements in efficiency and security. Assess current security stance, repel hackers and tighten networks to reduce the likelihood of further successful assaults. Installed and designed Local and Wide Area Networks including wiring plants, network software and hardware, and all resulting utilities and programs for clients. Performed upgrades to clients computers and software. Consulted Business and Individual clients on hardware and software purchasing decisions. Instructed clients on the use of virtually all types of software and hardware. Connected clients to the Internet and educated them on the use of the services available. Performed time management and billing functions. Implemented the NO DOS BBS, the only windows based BBS in Central Missouri at the time, Acted as a U.S.R. and Hayes modem Beta tester.
* Processes, standards and Models used and studied - PFIRES (Policy Framework for Interpreting Risk in eCommerce Security), ASF (Avanade Security Framework), DITSCAP DoD Information Technology Security Certification and Accreditation Process), TCSEC (Trusted Computer Security Evaluation Criteria), ITSEC (Information Technology Security Evaluation Criteria), NIST (National Institute of Standards and Technology) security related policies, ISO 27001/2 (BS7799), SANS Security Policies
* Security Technologies – PKI, Encryption, Identity and Access Management, Firewalls, Intrusion Detection/Prevention, Anti SPAM, Network Discovery/Assessment, Web Filtering, Anti Spyware/Virus, Patch Management, Secure Access and Forensics and Investigation.
* Security Tools - ISS, NESSUS, SAINT, Whisker, Shadowscan, AntiSniff, War Dialers, NTOP, Ethereal, Sniffer Pro, tcpdump, snoop, snort, nmap, crack, John the Ripper, etc.
* Firewalls - Cisco PIX and IOS firewall feature set, CheckPoint Firewall, Microsoft ISA (Internet Security and Acceleration server) Server, Axent Raptor, Borderware Border Guard, etc.
* Diagnostic Equipment/ Software - Network Associates, WG, Net X-Ray, EtherPeek, TokenPeek, LinkView, Fluke, SolarWinds, AntiSniff.
* Networking Hardware - Cisco: Routers & Switches (120xx, 7xxx, 64xx, 65xx, 60xx, 5xxx, 4xxx, 3xxx, 2xxx, 1xxx). Netgear/IBM/Bay/etc hubs & switches. Lucent/Ascend networking hardware CBX, BSTDX, DSL Concentrators, Routers, LAN and WAN switches. IBM 2210 – 6611 routers
* Networking Software and Protocols - Cisco IOS, HP Openview, (CNA) Novell 3.1x – 4.x, AppleTalk, TCP/IP, IPX, BGP, OSPF, RIP, EIGRP, IGRP, NLSP, IPX WAN; SNA: DLSW, RSRB; SSH, SSL, RSd, PictureTel.
* Operating Systems - Windows NT 3.X, 4.0, 2000, 2003, 2008, Linux and Solaris
* Project Management Tools - MS Office, MS Project, Excel, Word, Visio, Lotus Office Suite, WordPerfect office suite, IBM VM based PM tools.
· Accelerate - Situational Leadership, AKLS
· Leadership Rally - Effective Management, AKLS
· Effective Negotiating, KARRASS
· Principals of Architecture II, Avanade
· Designing, Deploying, and Managing Microsoft Identity Integration Server(MIIS) 2003, CESC
· Think Like a Manager, NPP
· Lean to Listen, NPP
· Internetwork Analysis and Troubleshooting, Network Associates
· Ethernet Network Analysis and Troubleshooting, Network Associates
· Troubleshooting with the Expert Sniffer Analyzer, Network Associates
· Introduction to Cisco Router Configuration, Information Management Systems
· Advanced Cisco Router Configuration, American Research Group
· Install & Maintenance of Cisco Routers, American Research Group
· Cisco Internetwork Troubleshooting, American Research Group
· Cisco Internetwork Design, American Research Group
· Cisco SNA (SNAM), American Research Group
· CISCO ATM SOLUTIONS, American Research Group
· Catalyst 5X00 Switch Family, American Research Group
· OSPF Design and Configuration, American Research Group
· Border Gateway Protocol Configuration, American Research Group
· Aironet Technical Training, Cisco Systems
· Certified NetWare Engineer training, Astron Educational Services
· Network Support and Introduction to the IBM 2210, IBM
· Configuration and Management of IBM 2210/2216/6611 Routers, IBM
· Troubleshooting Ascend(Cascade/Lucent) Frame Relay Networks Training, Ascend
· Ascend NMS Fundamentals and Frame Relay Training, Ascend
· CBX 500 ATM Configuration & Operations, Ascend
B.S. Information Technology
Summa Cum Laude
Down load my resume in Microsoft word format.
This page and all its contents Copyright 2011 Carl H. Almond Jr. All rights reserved. Please make links to index.html! Last modified 5/02/11.