Experience:

• Consultant, Ecija, November 2011 - January 2012.

  I worked freelance as external consultant in Ecija in the proyect BSI|Implantaciones with installation of systems, configuration of log collection and correlation and event analysis.

• Consultant, TCP Sistemas e Ingeniería, July 2008 - now.

  I have worked for TCP Sistemas e Ingeniería, subcontracted to Ericsson, formerly Telefónica I+D (R&D). I worked as system engineer on Altamira, the real-time rating system used by the Telefónica Group with installation and certification of systems for mobile operators, primarily O₂ in Europe.

• Consultant, Tecnocom, May 2008 - July 2008

  Subcontracted to IBM, I worked as Transition Manager, responsable for managing and coordinating the implementation of new services for their client, ENDESA.

• Consultant, Forbes Sinclair, January 2008 - March 2008.

  I was involved in a European project, MASTER, working with risk analisys and security analisys for a use case.

• Consultant, Safelayer, June 2006 - December 2007.

  I worked as technical consultant at Safelayer providing technical support for the integration of Safelayer products, principally TrustedX. Also I have developed Java applets for integration with the product.

• Senior software developer, Atos Origin, December 2004 - May 2006.

  I have been involved in European projects under the European Community FP6 program developing core security components. I have implemented biometric authentication and digital signatures on Java Card to be integrated on mobile devices supporting PKI for the SecurePhone project. Other projects have been investigation and development of distributed systems to detect and contain security incidents.

• Consultant, freelance, September 2003 - December 2004.

  I have been working on a set of administrative utilities for Linux and FreeBSD in Perl which integrates databases in system administration. Also, I have worked on various security projects and PKI.

• Programmer, Forbrugerinformationen, January 2002 - August 2003.

  I maintained and developed the CMS, PubliCMS (LAMP platform). Also, I improved the server setup, in particular I improved security, installed firewall and name server and prepared the setup for planned expansion.

• Consultant, freelance, December 2002 - January 2003.

  I developed security solution consisting of firewall based on OpenBSD 3.2 with IP-Filter and anti-spoofing daemon blocking traffic from clients not known to the network.

• Security consultant, UNI-C, April 2001 - January 2002.

  The security department decided to develop a security solution based entirely on Open Source products, OpenBSD with IP-Filter. For this project I developed an system in Perl for maintaining IDS rules for Snort.

• Network administrator, Department of Mathematics, University of Copenhagen, September 2000 - January 2001 (vacancy).

  I had the responsibility of running and maintaining the institutes servers, mainly Digital Unix, common system administration tasks, user support and investing in new hardware.

• Network administrator, Studentergaarden, January 1998 - February 2002 (voluntary work).

  I have developed administrative tools in Perl, configured firewall (IP-chains) and installed DHCP, DNS, web (Apache), mail (Postfix) and database (MySQL) servers.

Education:

• M.Sc. Mathematics, University of Copenhagen, December 2001. I graduated with a thesis in algebraic topology titled Vector Fields on the Sphere. As part of my master degree studies I have written two minor papers on the Einstein equation and on compact Lie groups.

• B.Sc. Physics, University of Copenhagen, June 1998. I wrote a bachelor project on spherical harmonics, the Dirichlet problem in three dimensions.

Technical curriculum:

• Standards, methodologies and legislation: I have knowledge of best practices, methodologies and international standards as well as European legislation.

  • Management: Knowledge of ITIL Service Strategy, Service Design and Service Transition. I am currently studying ITILv3.
  • Security standards: Knowledge of international standard of information security management, ISO-17799:2005, risk management BS 7799-3 and business continuity, BS 25999-1:2000. Knowledge of the MAGERIT methodology.
  • Legislation: Knowledge of EU legislation regarding privacy and data protection, 95/46/EC and 2002/58/EC, digital signatures, 1999/93/EC, e-Commerce, 2000/31/EC, and data retention, 2006/24/EC.

• Network and protocols: I have knowledge of both the OSI- and TCP/IP stack and common network protocols at all layers of the TCP/IP stack.

  • Network technologies: I have good experience deploying Ethernet and wireless networks, including wireless networks with WPA2 Enterprise authentication (EAP-TLS).
  • Network protocols: I have good experience with internet protocols, IP, IPSec, TCP, UDP and others, traffic analysis and filtering.
  • Application layer protocols: I have experience with SMTP, HTTP protocols and data analysis.

• Systems: I have good experience of Unix system maintenance and administrative tasks, remote administration and experience planning and completing migration of servers.

  • FreeBSD 4.x - 8.x: I have more than 8 years experience with FreeBSD servers, and experience with PXEBoot, Jumpstart installation and diskless clients.
  • Red Hat Enterprise Linux: 4.x and 5.x: I have installed and configured Red Hat Enterprise Linux on HP Proliant servers and blades for high performance and high availability applications.
  • OpenBSD 3.2, Digital Unix and Solaris.

• Servers: I have experience with and currently deploy and maintain common network services, web, mail and dns.

  • Web: Apache v. 1.3, 2.x with SSL, PHP 4.x and mod_perl. I started building dynamic web sites with PHP more than 10 years ago, I currenlty use Perl.
  • DNS: BIND v. 9.x, 8.x and 4.9. I currently run and maintain DNS servers using BIND v. 9.6 on FreeBSD. I have previously used BIND v. 8.x on Linux and BIND 4.9 on OpenBSD.
  • Mail: Postfix v. 2.x, QMail v. 1.03, Cyrus-IMAP 2.x. I have good knowledge of setting up Postfix as a replacement for Sendmail and configuration of anti-spam filters. I have good experience with Cyrus-IMAP and have migrated from Unix mbox to Cyrus-IMAP's BerkelyDB based storage. I currenlty use Postfix and Cyrus-IMAP.
  • DHCP: ISC-DHCP v. 2.0, 3.x. I have migrated a network with more than 100 clients from using static IPs to a setup using DHCP. I currently use ISC-DHCP.
  • SQL: PostgreSQL 8.x, MySQL v. 3.23 - 4.1. I have good knowledge of MySQL and PostgreSQL, which I have used as database back-end for dynamic web pages and for administrative tasks. I currently use PostgreSQL.
  • Other: OpenSSH (v. 2.x - 5.x), Cyrus-SASL (v 2.x), OpenLDAP (v. 2.3), NTP (v. 4.2), FreeRADIUS 2.x, CVS (v. 1.10), pure-ftpd (v. 1.0), vsftpd (v. 1.1, 1.2), racoon (v. 0.6.5), FreeBSD ftpd, FreeBSD tftpd, NFS, Oracle WebLogic 11gR1, Sun One Directory Server 7, BEA Tuxedo v. 9.1, Samba (v. 2.x), INN (v. 2.x), LPRng (v. 3.8)

• Security tools and applications:

  • PKI: Experience with TrustedX and KeyOne (Safelayer) and OpenSSL. I currently maintain a PKI with OpenSSL.
  • Firewalls: Design and implementation of firewalls based on Packet Filter and IP-Filter. Also, experience with IP-chains on RedHat. I have developed scripts for anti-spoofing, administrating firewall rule sets, anti-spoofing and traffic accounting.
  • IDS: I have good knowledge of Snort and developed a system for managing databases of Snort rule signatures and customising rule sets to specific systems and local networks in order to reduce false alarms.
  • Anti-spoofing: Advanced anti-spoofing on local networks to prevent drive-by hacking. I have developed a script which monitors for ARP packets and use these to identify the client. Unknown clients are blocked in the firewall.
  • Security utilities: I have good experience with a wide range of security and encryption utilities such as nmap, snort, tcpdump, gnupg and OpenSSL.

• Programming: I have more than 10 years experience of script programming, in partiuclar Perl.

  • Perl: Advanced programming in Perl (5.6 - 5.12), I have programmed scripts and modules in Perl for adminitrative and security utilities and other tools as well as web programming.
  • Java: Programming for Java Card 2.1/2.2, I have created applets for Java based smart cards. Development of web applets for Java 6.
  • C/C++: Basic knowledge.
  • PHP: Development of dynamical web pages and administrative systems with integration with MySQL databases.
  • Pascal: I have made programs for real-time computing in connection with physical experiments and measurements. Also I have implemented mathematical models to compare against experimental results.
  • Shell: Scripts for various system administrative tasks, such as backup, monitoring and scheduled tasks (cron).
  • CVS: For all larger developing projects, I use CVS.
  • Markup: I have experience with a number of common markup and macro languages such as SGML/HTML/XHTML/CSS and XML as well as LaTeX.

• Databases:

  • MySQL: I have used MySQL for a wide range of tasks from creating dynamical web pages to system administration.
  • PostgreSQL: I have migrated from MySQL to PostgreSQL.
  • BerkeleyDB: I have used BerkeleyDB as for distributing non related data to independent servers.

Languages:

• Danish: Native.
• English: Fluent writing/speech.
• Spanish: Fluent writing/speech.
• Italian: Good.
• German: Basic.

Other:

• Personal web site

Posted: 2008-02-25 22:11:52 UTC+01, Updated 2012-02-04 12:13:27 UTC+01.