User:Eric Sternberg

Over 15 years of experience in all aspects of Information and system security, including analyzing, developing, designing, installing, and establishing operational controls for hardware, software, peripherals, and network infrastructures.

•	Security Architecture:  Primary security architect for three-tier DMZ datacenters The external tier-internet browsing uses Lancope Stealtwatch, an Anomaly-Behavior based IDS system and Bluecoat Proxies. The inner tiers are being monitored by a combination of Network Signature-based Intrusion detection sensors and Hosts-based intrusion detection systems. The network-tier utilizes netflow collectors to monitor all traffic from routers and Layer3 switches.

•	Compliance and Vulnerability Management Involved in ADP’s recent ISO 270001 certification. Implemented a corporate-wide governance compliance infrastructure utilizing Symantec ESM-CCS This involved designing security controls and hardening guidelines for: Web applications: •	IIS, and Apache, Windows operating systems and applications, DNS systems, Red Hat Linux, Suse Linux, AIX, Solaris and Oracle. Scheduled compliance audits, to coincide with our Qualys security scans and Patch Management installations.

•	Incidence Response and Log Management: Developed a proactive remediation strategy which enabled us to avert a variety of recent attacks including DNS Cache Poisoning attacks. Some of our primary sources of information are Deepsite and RSA  Deepsite is a portal based system which allows us to create custom alerts through xml feeds tailored to our particular systems and applications. Lead security analyst on all of recent Microsoft out-of band patch releases.

•	Endpoint Security: Led a Proof of Concept project to evaluate Data Leakage vendors. The finalists were Port Authority and Vontu. The eventual vendor chosen was Vontu which was later purchased by Symantec. Our current implementation is Vontu version 10 using eight egress points, monitoring both SMTP and Web browsing traffic. Our endpoint solution covers 40,000 desktop and laptop systems. We also utilize Symantec for our compliance and are in the process of integrating Vontu with the CCS compliance suite.

•	Malware Analysis Management: Coordinated Monthly Patch Management meeting to coincide with the Microsoft “Patch Tuesday” releases. Prior to meeting, was responsible for analyzing, documenting all listed vulnerabilities and providing assistance to Server and Desktop groups regarding the severity of specific vulnerabilities and recommended actions.