Sean Lavelle

I am looking for a opportunity to apply my broad technical background to the important and multidisciplinary field of Information Security. In the past several years I have worked in a more technical role and am now looking to take the knowledge I have acquired and apply it to help guide the strategic direction in Information Security that most organizations have come to realize is so important.

JP Morgan Chase Bank, Columbus, Ohio
Information Security Analyst
Feb 2006 - Present

• Responsibilities include real-time network monitoring and scanning using intrusion detection systems, security incident management and resolution, as well as policy enforcement in a network environment compamising over 200,000 users on 6 continents.
  

• Worked to integrate vulnerability scanning function and to automate the searching for over 400 gigabytes of proxy log information.
  

• Worked with the Incident Response Team and Cyber Intelligence Team to identify customers affected by phishing schemes, identified and flagged internal policy violations, and mitigate external attacks.
  

• Worked with Engineering and Line Of Business customers to develop measurable, repeatable processes for incident and event handling and escalation.
  

• Work with platform teams to monitor platforms across the Firms mainframe, midrange and desktop infrastructures and ensure the security integrity and availability of resources.
  

• Worked as part of a team that monitored security 24 hours a day, 365 days a year.
  

• Mentored team members on Unix/Linux skills.
  

• Worked to train and share knowledge locally, remotely, and on site with colleagues in Bangalore , India

Bank One / JP Morgan Chase Bank , Columbus, Ohio
Information Security Analyst - Lead
Nov 2002 - Feb 2006

• Responsibilities included Identity Management on 6000+ Unix servers (HP-UX, Linux, Solaris, AIX) and Single Sign On for Siteminder/Novell E-Directory. Working with customers and Lines of Business within the Firm to provide solutions, process enhancements, and emergency resolution of ID related issues. Provided 24 hour on-call support. Worked with internal and external SAS70 and Sarbanes-Oxley auditors to identify issues, provide proof of compliance, and mediate non-compliant systems. Led a geographically diverse team of up to 14 individuals. Provided Root Cause Analysis for issues impacting server support.
  

• Provided IT Security Management information to technology groups within the Firm. Worked as a Subject Matter Expert with the Policy and Standards Group.
  

• Worked to script tasks using Perl and LDAP, PHP, and Unix shells to automate time consuming manual work and facilitate better record keeping.

Concentus Technology Corp, Dublin, Ohio
Systems Administrator / Software Engineer
April 2000 - Sept 2002

• Responsibilities included system backup, setup of new servers and workstations, network security, server maintenance, workstation and server support. Some Oracle DBA experience. Networking with Unix (AIX, HP-UX, Linux, Solaris) and Windows (NT, 2000, XP). Switch and hub installation. Hardware and software purchasing and license enforcement. Disaster recovery planning and implementation. E-mail (POP3 and SMTP)) setup and administration. New technology evaluation.
  

• Other responsibilities included technical sales support, on-site client setup, and customer product support.
  

• Development responsibilities included design and implementation of Metaconnectors (middleware components using Microsoft Visual C++, C, and CORBA on Windows 2000 and Solaris ) between customer systems and Concentus workflow system. Responsibilities also included on-site development with client programmers, improvements to legacy Concentus middleware with JNI and CORBA, and database programming using Oracle ProC and Microsoft's DB-Library.

Operating Systems
Unix - Solaris, HP-UX, AIX
Linux - Redhat, Ubuntu, Debian
Microsoft Windows

Network Technology
Firewall Technologies (IP Tables/IP Chains)
Web Technologies (HTML / Apache Webserver)

Information Security
Attack Methodologies
Scanning Technologies (nmap, Superscan, ISS SiteProtector)
Wireless Tools
Intrusion Detection Systems - (Enterasys Dragon, McAfee Intrushield)

Programming
Perl, PHP, HTML, Shell Scripting

Interpersonal Skills
Experience in working with diverse team members in multiple locations
Public speaking and presentation experience
Experience interfacing with customers and doing on-site work

• Bachelor of Science, Computer Information Science, The Ohio State University (Sept 1995 - Aug 2000)

Certified Information System Security Professional (CISSP) (2008)
CompTIA Linux+ (2007)
CompTIA Security+ (2008)

10 Year Multiple Entry Business Visa - India (valid through 2017).