Daniel B. Holzman, CISSP

Certifications and Professional Affiliations

CISSP # 27329, awarded December 2001

NSA IAM certification awarded July 2002

PCI QSA certification awarded January 2006

Member of CSI since 2000

Member of ISSA since 2003

 

Key Accomplishments

An IT career spanning 19 years, 12 of them in security featuring:

  • Creation of production corporate and e-commerce architecture, corporate security policies, secure data centers, and.
  • Execution of data center build-outs invisibly to the user community.
  • Reduction of personnel requirements through automation of critical security functions.
  • Consolidation of under-used resources.
  • Project management.

Experience

2004 – present:  Jefferson Wells

99 Park Ave., New York, NY 10016
Position:  Professional

 

    Designed, managed, and performed audit projects to meet evolving customer needs in the following areas:
  • Electronic & Internet banking
  • PCI Data Security Standard
  • Information security
  • Database and application securityty
  • E-mail and interprocess messaging
  • Sarbanes Oxley IT compliance
  • Vulnerability Assessment
  • Risk Assessment
  • General Computer Controls
  • Outsourced Labor Controls
    		•

2001 – 2004:  Sony Electronics, Inc.

123 Tice Blvd Woodcliff Lake, NJ 07675
Position:  Network Security Specialist

 

  • Reduced personnel requirements through secure automation of: virus detection, validation, and response; management of security change requests; corporate credit card transaction clearing; customer and reseller order processing.
  • Reduced maintenance costs through consolidation of legacy firewall, proxy, and VPN, and other internet service architectures.
  • Provided security awareness and training to business unit IT managers.
  • Increased security level through design and implementation of multi-layer network security architectures for regional infrastructures.
  • Implemented security and business measures resulting in elimination of web defacements.
  • Coordinated corporate anti-virus effort, with operational groups managing distributed LANs, WANs, and NOCs matrixed to report to me.
  • Project management and development of security measures for North and South American B2B and B2C architectures; security assessments for regional and partner architectures; development of secure global outsourcing architecture for the enterprise customer call center; and regional security policy development.

1999 - 2000:  Webley Systems, Inc. 

570 Lake Cook Rd. Deerfield, IL 60015
Position: Senior Security Administrator
  • Created the company's initial security policy and procedure structure with minimal disruption of the corporate culture.
  • Created corporate internet and extranet services upon separation from the parent company.
  • Expanded corporate disaster recovery plan as the company grew.
  • Established technical and cultural anti-virus defenses.
  • Implemented Network Intrusion Detection Systems.
  • Designed and implemented multi-layer security architecture for corporate and production networks.
  • Successfully promoted security consciousness among the firm's employees.
  • Administer security services such as firewalls, PKI, and VPN.
  • Conducted physical, host, and network security assessments.
  • Provided incident response and forensic analysis of security events.
  • Researched emerging technologies and identified opportunities for the company to improve its security.
  • Report state of security to senior management.
 

July 1996 - November 1999: The Hull Group

11 S. Wacker Drive, Suite 1400 Chicago, IL 60606
Position:  Systems Administrator
  • Planned and supervised a secure data-center expansion conducted with total invisibility to our customers.
  • Perform Y2K compliance projects for security and e-mail system audits and remediation transparently to the users.
  • Implemented migration of corporate e-mail to an SEC compliant solution.
  • Developed an 8-hour recovery plan.
  • Designed, installed and administered electronic trading systems between Hull and various counterparties throughout the system's entire life-cycle.
  • Project management of Y2K compliance project auditing production trading systems and code-base.
  • Enforced corporate acceptable use policies.
  • Administered network security architecture.
  • Provided incident response and forensic analysis of security events.
  • Mentor junior systems administration staff.

April 1995 - June 1996: G-Bar Limited Partnership

440 S. LaSalle, Ste 2900 Chicago, IL 60605
Position: Systems Administrator
  • Designed and performed a complete redesign of the network, migrating from Thinnet to Twisted Pair wiring, and upgrading obsolete network hardware.
  • Designed, installed, and administered the company's Internet connection and firewall security system.
  • Specified architecture for remote access systems for developers and support personnel.
  • Administered a Macintosh, PC, and Sun WAN and LAN to meet or exceed the uptime requirements of live options trading.
  • Performed server and network monitoring and capacity planning.
  • Managed network security services.

August 1993 - April 1995:  Practi-Col Services

823 Emerson St. Evanston, IL 60201
Position: MIS Manager
  • Planned and performed migration from a single-server to LAN architecture.
  • Implemented EDI procedures, cutting revenue collection times and overhead costs.
style='margin-left:.5in;text-indent:-.25in'>        Designed and installed distributed computing architecture and procedures permitting account managers to use their PC workstations tools such as Excel and Paradox, for better reporting, analysis, and presentation capabilities than provided by the database server application. style='margin-left:.5in;text-indent:-.25in'>        Administered the firm's core business, a medical billing database.

January 1993 - July 1993:Self Employed

Clients included a mass transit company and a nationwide consulting firm.  Projects included programming (using C and embedded SQL), Oracle screen design, hardware and software testing, and writing software documentation.

May 1991 - December 1992: Fermilab

500 Batavia Rd. Batavia, IL 60610 
Position:  Software Librarian and System Administrator

Organize, create and distribute over 100 software libraries (including ongoing upgrades) to the D0 experimental collaboration (over 30 laboratory and university VAX and Unix nodes worldwide). Manage security of the libraries. Provide helpdesk and system administration support for local users. Supervise library distribution operators. Key accomplishments include rewriting the distribution software for increased efficiency and ease of later modifications.

September 1986 - October 1990:  Cooperative Education

As a requirement for graduation, Antioch students must successfully complete a minimum of six quarters of work experience in the cooperative education program; I completed seven.  My employers were:
  • Bellevue Hospital (New York, NY)
  • InfoWorld Magazine (Menlo Park, CA)
  • Lamont-Doherty Geological Observatory of Columbia University (New York, NY)
  • Nevis Labs (Ardsley on Hudson, NY)
  • Fermilab(Batavia, IL) 

Duties varied widely throughout these positions and included database management, help desk support, hardware and software testing, program development (using C and Pascal), database development, and software conversion between operating systems. Projects were consistently completed under deadline.


Key accomplishments include:

  • Single-handedly performing a product review for InfoWorld normally assigned to an entire technical team.
  • Establishing proper data collection procedures in a hospital setting.
  • Developed of a PostScript compiler/decompiler in the Macintosh environment. Improved data storage algorithms for Nevis Labs, saving them $10,000 in hardware costs.
  • Develop a cross-platform GUI for character-based terminals.

Education

1990: B.S. in Physics from Antioch College, Yellow Springs, OH
2007: M.S. in Information Techology from Capella University, Minneapolis, MI