| Contact Information | |
| Name: | jay2xra jay2xra |
| Email: | bilimokonyan (at) gmail (dot) com [email concealed] |
| Location: | Dubai, , United Arab Emirates |
| Resume | |
| Position/Title: | Penetration Engineer |
| Resume: |
Curriculum Vitae Personal Information Name: Mark Jayson Alvarez Mobile no. +971508520464 Date of Birth: 10/08/1983 Email: markjayson.alvarez<<at>>gmail.com Country: Philippines Site/Blogs: http://matat0.blogspot.com (to be updated) http://matato.blogspot.com (amateur days) Academic Information Degree: Bachelor of Science in Information Technology Place: Polytechnic University of the Philippines – Manila, Philippines Year: 2000-2004 Professional Experience Company: Scanit Middle East FZ, LLC. (www.scanit.net) Dubai, UAE Year: 2007-present Position: IT Security Engineer Duties and Responsibilities: Conduct IT security assessment/audit "black/white/gray Box" remote penetration testing internal/external network assessment wireless assessment (war driving) VOIP assessment web application assessment network device configuration review server configuration review "social engineering" (phone calls, phishing attacks, physical intrusion) security applications implementation security device deployment source code reviews computer forensic Company: Pacific Internet Philippines (www.pacific.net.ph) Year: 2006-2007 Position: Senior Security Engineer Duties and Responsibilities: network services administration and configuration (email, proxy, radius authentication, etc.) firewall device configuration and deployment (Fortinet) for manage security services network monitoring server configuration and administration (Nagios, Cacti, MRTG, Solarwinds, etc.) development of network analysis scripts/programs for parsing network devices and server log files and Cisco netfows for network traffic profiling research and implementation of various networking services (VPS, centralized authentication, centralized logging server, SNMP, load balancers Internal network security assessment Company: PREGINET ( www.pregi.net) Year: 2004-2006 Advance Science and Technology Institute (www.asti.dost.gov.ph) Position: Science Research Specialist Duties and Responsibilities: Configuration and Maintenance of network various network services: E-Mail/anti-spam, DNS, web/proxy, load balancers, LDAP directory, RADIUS, kerberos single-sign-on, network and server monitoring system, trouble ticketing system, sip/ser/pabx (voip), load balancer, intranet messaging server, database, host based intrusion detection system, host based bandwidth shaper Network outage troubleshooting and reporting Server hardening and vulnerability assessmentd Research and implementation of additional needed network services Provide trainings to clients regarding network services configuration Computer Skills Operating Systems: Windows, Linux, BSD, Mac OS X, Sun Solaris Network Devices Hands-on experience: Cisco 7200, 3600, 2200, Catalyst, ASA, Fortigate Firewall (Fortinet), Checkpoint Firewall, Sonicwall Security Assessment Tools: nessus, nmap, nikto, wireshark, tcpdump, snort, netcat, metasploit framework, hping2, kismet, aircrack-ng, kismac, netstumbler, john the ripper, ettercap, cain and abel, openssh, putty, hydra, brutus, wfuzz, paros proxy, burpsuit, dsniff, amap, acunetix, webinspect, matrix ay, sivus, sipcrack, sysinternals (tcpview, process explorer), backtrack, knoppix-std, operator, p0f, webscarab, ntop, nbtscan, openssl, lsof, ike-scan, arpwatch, rkhunter, chkrootkit, spikeproxy, fragroute, stunnel, ptunnel, scanrand, openvpn, bastille Various Applications: Cisco Access Control Server (ACS), Cisco Security Manager (CSM), Cisco LAN Management, Solution (LMS), CiscoWorks Trend Micro Control Manager, Server Protect, Office Scan, Damage Cleanup Microsoft Active Directory, ISA server, SQL Server, IIS Opensource/Misc: nagios, cacti, mrtg, cricket, flow-tools, syslog-ng, openldap, Linux IPVS (load balancer), Virtual Private Server (Linux-Xen, UML, openvz, virtuozzo. vmware), Qmail, Postfix, OpenLDAP, squid proxy server, manageengine, sawmill, arcsight, php-syslog-ng, postgresql, mysql,Apache, jabber, bdblah, maltego Programming: Perl/Shell scripting, C, PHP, Visual Basic, java script, SQL Trainings and Certification Fortinet Certified Network Security Associate (FCNSA) Structured Network Threat Analysis and Forensics HITB Security Conference - Kuala Lumpur, Malaysia, 09/2007 Significant projects in the present job: Wireless Assessment/War driving (done extensive research on wireless, can provide slides if requested) Social Engineering (Physical Intrusion connecting to Internal network pretending to be a consultant)- main branch of a bank in Dubai Implementation of CiscoWorks and Trend Micro Integration (3 weeks in Kuwait with a large financial institution) Web Application assessment (wrote a perl script that harvested over a thousand user accounts on a website found to be vulnerable to SQL injection) Configuration review of Operating systems Windows XP/2000/2003, Solaris 9, Linux, etc. Strengths: A technical guy with: a strong passion for IT and IT security can configure anything in any platform, firewall, network monitoring, dns server, email, load balancer, anti virus, RADIUS, access server, even online shopping cart application, you name it! a very strong researching skills. wireless, bluetooth, rfid, honeypot, vps, ldap or whatever other technology out there you want me to research on.. just name it. a very resourceful and patient guy, without the need for much supervision. Current Salary: I'm currently earning 8000AED but I'm willing to accept even lower than that provided that: you will pay me on time and not delay my salary for 9 times a year. few days delay in pay is acceptable but not two months you will pay my (30 DAYS)annual leave air fare before I leave the country and not 3 weeks after I came back. you will help me out a bit with my accomodation and transportation I'm willing to travel anywhere outside Dubai where the cost of leaving is cheaper. |