David LaPorte, CISSP

david@davidlaporte.org

http://www.davidlaporte.org

PGP Key ID: 0x4DC3E508

 

INDUSTRY EXPERIENCE

 

HARVARD UNIVERSITY – NETWORK AND SERVER SYSTEMS		Cambridge, MA
Network Services Architect	July 2009 to Present

·       Deployed and managed QRadar SIEM monitoring over 5Gbps of traffic and ~1500 events/second

·       Implemented highly-available and modular authentication architecture for 802.1x, NAC, and VPN interfacing with University identity management system

·       Consolidated NOC resources using virtualization, automation, and configuration management technologies

 

HARVARD UNIVERSITY – NETWORK AND SERVER SYSTEMS		Cambridge, MA
Security Manager	February 2005 to July 2009

·       Facilitated creation of NOC Customer Portal – a unified, role-based interface to NOC services, statistics, and data

·       Deployed network access control (NAC) across student networks

·       Coordinated incident response and forensics within NSS

·       Co-chair of ABCD Security Working Group

·       Recipient of three “Harvard Hero” awards (2003 to Present)

·       Architected PCI DSS compliant infrastructures to facilitate e-commerce and point-of-sale transactions

·       Integrated two-factor authentication into existing business processes

 

HARVARD UNIVERSITY – NETWORK OPERATIONS CENTER		Cambridge, MA
Senior Network Security Engineer	November 2000 to February 2005

·       Provided security audits and vulnerability scans to University community

·       Evaluated and deployed 802.11 wireless networking

·       Implemented change management system for all network device configurations

·       High-bandwidth, asymmetric anomaly and signature-based network IDS deployment

·       Implemented and administered Harvard IPv6 demonstration network

·       Technical contact on University VoIP pilot program

 

TAOS		Cambridge, MA
Systems Administrator	August 2000 to November 2000

·       Audited and secured UNIX systems.

·       Defined and implemented initial system build procedures

·       Mentored junior consultants and created training materials to enhance knowledge transfer

 

HARVARD UNIVERSITY – NETWORK OPERATIONS CENTER		Cambridge, MA
Systems Engineer	November 1997 to August 2000

·       Created security policies and procedures for Network Operations Center

·       Wrote and maintained software to administer e-mail aliases for all Harvard employees

·       Designed, implemented, and maintained university-wide IDS infrastructure

·       Deployed VPN solution to Harvard community

·       Built RedHat kickstart and Sun Jumpstart build environments

·       Developed DNS zone management system for Harvard namespace

 

TEACHING EXPERIENCE

 

NORTHEASTERN UNIVERSITY	Boston, MA
Lecturer
IA-5130: Computer Systems Security (in-class and on-line)	September 2009 to Present

 

HARVARD UNIVERSITY – EXTENSION SCHOOL	Cambridge, MA
Teaching Fellow
CSCI E-170: Security, Privacy, and Usability	September 2006 to Present
CSCI E-132: Advanced Topics in Data Networking	January 2003 to Present
CSCI E-135: Computer Networks and Network Programming	September 2002 to January 2003
CSCI E-131b: Communication Protocols and Internet Architectures	June 2002 to January 2003

EDUCATION

 

NORTHEASTERN UNIVERSITY	Boston, MA
College of Computer Science	September 2006 to May 2009

Masters in Information Assurance

 

NORTHEASTERN UNIVERSITY	Boston, MA
College of Computer Science	September 1995 to June 2000

Bachelor of Science in Computer Science, 2000

 

TECHNOLOGIES

 

Languages:	Perl, UNIX shell scripting, HTML, PHP, SQL
Operating Systems:	RHEL/CentOS, OS X, IOS, Windows Server 2003/2008, Solaris
Software:	Apache, MySQL, Postfix, Cisco Network Registrar, ISC DHCP/BIND, Infoblox DNS/DHCP, MRTG/RRD, RANCID, VMware ESX/vSphere, KVM, Puppet
Security Devices/Software:	Snort, Q1Labs QRadar, Splunk, Cisco WCS/WLC, Cisco ASA/FWSM/PIX, OpenLDAP, RADIUS/TACACS+ (Cisco ACS, Radiator), Arbor Peakflow, Nessus, RSA Authentication Manager, ModSecurity
Networking:	OSPF, BGP4, IPv6 deployment, high-performance network monitoring, wired/wireless 802.1x, PCI DSS-compliant architectures, network access control (NAC), Cisco Nexus 1000v, Cisco routing/switching hardware

 

PROJECTS

 

PacketFence	Open-source network access control (NAC) solution
http://www.packetfence.org	Co-creator and lead architect
	Acquired by Inverse Inc., May 2008

 

CERTIFICATIONS

 

Certified Information Systems Security Professional

Red Hat Certified Engineer

 

PROFESSIONAL AFFILIATIONS

 

ISSA	(Information Systems Security Association)
InfraGard