Edward Frye, CISSP - Resume

Summary

Proven information security leader with success in guiding implementation of leading-edge technology solutions while balancing security initiatives to risks, business operations and innovations. Specialties include network design, systems architecture, configuration management, and systems administration with extensive experience healthcare, financial, cloud computing, and software development industries. Volunteer for the board of directors for the Silicon Valley Chapter of the Information Systems Security Association (SV-ISSA).

Experience Highlights

  • Assessment and Risk Management
      Penetration Testing
      Vulnerability Assessment
      Risk / Compliance Assessment
  • Certifications
      CISSP 53360 GIAC GWAPT
      CEH CHFI MCP Project+
      CCNA Security CSCO12076222
  • Security Frameworks
      ISO 27001 COBIT COSO ITIL
      NIST SP 800-53, 800-30, 800-37r1
  • Compliance Experience
      FIPS FISMA PCI-DSS HIPAA
      GLBA SOX
  • Operating Platforms
      Windows Linux Unix OSX

Industry Verticals

• Healthcare • Software as a Service (SaaS) • Financial Services • Datacenter/Hosting Provider
• Government Research • Internet Service Provider (ISP) • Professional Services • Support

Education

• Masters of Science • Information Security and Assurance
• Bachelors of Science • Information Technology: Security
• Computer Communications Systems Control Specialist - U.S. Air Force
• Basic Military Training - U.S. Air Force

Employment History

Blue Jeans Network, Inc Mountain View, CA2014 - Present
Security Engineer (Acting Information Security Officer)

Developed Information Security Management System (ISMS) based on ISO270012 framework for cloud-based video conferencing solution.

  • Developed and Implemented Information Security Policies and Procedures
  • Implemented Change Management system with change verification
  • Coordinated and validate periodic 3rd party vulnerability and penetration testing
  • Implemented periodic review of access controls
  • Work with sales team on pre-sales and post-sales customer security evaluations
  • Facilitated SSAE 16 SOC 2 security audit.
  • Perform control mapping from SIGv7, COBIT, COSO, ISO27000
  • Perform company-wide risk assessment
  • Developed company-wide Risk Register

Kaiser Permanente Pleasanton, CA 2012 – 2014
Information Security Consultant Specialist

Providing Risk Management and mitigation recommendations for projects in large healthcare organization covering Kaiser's multiple regions providing Project Lifecycle Security Engagements for information technology projects.

  • Identify potential risk, consult on correcting or reducing risk, report if uncorrected
  • Assist in the development of a risk register
  • Perform Vulnerability assessments on projects
  • Perform vendor security assessments
  • Penetration Testing on projects or existing infrastructure
  • Risk assessments on new projects, identify and reduce risk
  • Consult with Security Operations Team on security events

Kaiser Permanente Pleasanton, CA 2010 – 2012
Security Operations Center Lead

Lead for team of 6 security analysts providing response and investigations into security events and incidents in large healthcare organization.

  • Developed automation for data-loss-prevention (DLP) tools, reducing workload from 16 man hours for single operation to 2 man hours / day
  • Responded to events from Security Incident Event Management (SIEM) system distilling 50 million events into a few hundred actionable items per week.
  • Perform forensic investigation and analysis using Guidance Software EnCase Enterprise.
  • Investigate cases of fraud and abuse.
  • Provide tuning recommendations for SIEM and DLP systems

Proofpoint, Inc • Sunnyvale, CA 2009 – 2010
Sr. Technical Support Engineer

Provide advanced level product support for the Proofpoint Email Protection Server to Self-Hosted as well as Proofpoint hosted customers.

  • Achieve consistent high marks on customer satisfaction surveys.
  • Sendmail, Proofpoint PPS subject matter expert.
  • Advanced Linux Systems administration, LDAP, MySQL, PERL, SMTP
  • SME in Networking and Information Security.
  • Provide policy recommendations to customers for email security and encryption.

Valley Oak Systems, Inc • San Ramon, CA 2006 - 2009
Manager of Information Security and IT

Deliver network and infrastructure support for  Valley Oak Systems' complex Java J2EE, iVOS claims management product development environment and Software as a Service (SaaS) platform. Supporting enterprise user base with offices in multiple locations as well as 25% remote workforce.

  • Successfully completed SAS/70 type 2 audits on time and budget, without exceptions or qualifications required. (SSAE16 SOC1 and AT101 SOC2 type 2 reports).
  • Re-architected the network infrastructure and re-numbered the entire network with zero customer or internal impact in a single change window.
  • Introduced change management policies and procedures for infrastructure changes reducing the number of unscheduled or unplanned outages by 75%.
  • Reduced non-staff IT costs by 20% while maintaining key metrics through VMware virtualization, application rationalization, legacy system retirement, and SAN storage consolidation.
  • Implemented a new operating system deployment scheme for all new Linux and windows servers using PXE boot and Kickstart / Slipstream which reduced time to deploy by 25%.
  • Re-architected SaaS infrastructure to provide high-availability using Linux Cluster services and Global File System (GFS) along with Oracle Real Application Clustering (RAC) providing for 99.99% up time.
  • Managed 9 direct reports with differing focuses including Linux Systems Administrators, Windows Systems Administrators, Network Engineers, Database Administrators, and Information Security.
  • Managed capital budget of $1.7M and completed all documented projects on time, and within budget.
  • Created a capacity planning model for internal facing systems and virtualization as well as hosting architecture to predict spending needs.
  • Successfully implemented centralized log management and intrusion prevention systems increasing auditability of network infrastructure.
  • Managed Private Branch eXchange (PBX) supporting analog and digital systems (SIP / H.323)
  • Deployed private Jabber / XMPP system for internal instant messaging

Performant Financial Corp • Livermore, CA 2006 - 2006
Senior Information Security Engineer
Worked directly with executive management to develop and implement information security policies and procedures for regulatory compliance.

  • Introduced content management using squid and squidguard proxy servers followed by Blue-Coat systems to allow internal end users internet access while still being able to monitor and report on usage.
  • Performed system and network audits against FISMA and FIPS200 regulatory requirements
  • Managed Juniper Netscreen Firewalls and Intrusion Prevention and Detection (IDP) Devices

Ellie Mae Inc • Dublin, CA 2004 - 2005
Senior Information Security Engineer
Provided company-wide risk and exposure assessments to meet regulatory requirements for the finance, financial services, and mortgage industries including FDIC, PCI, and Privacy Regulations such as SB1386, HIPAA. Managed IT Security Devices.

  • Lead engineer for company-wide risk and exposure assessment and audit.
  • Performed quarterly infrastructure audits and penetration testing for mortgage software ASP
  • Deployed and Maintain firewalls and multi-platform VPNs creating highly available secure network.
  • Collaborated with IT, development, and MIS to implement company wide security measures and business continuity planning.

PaymentOne, Inc. • San Jose, CA 2003 - 2004
Senior Information Security Engineer
Developed and Implemented corporate security policy based on industry standard best practices to meet regulatory requirements for financial institutions such as VISA's CISP now PCI-DSS.

  • Facilitated Successful completion of SAS70 Type 1 and 2 external audits.
  • Successfully re-architected key components of the Network Architecture including DNS increasing both reliability and security for hosted financial application.
  • Successfully implemented new Sun Solaris / Oracle cluster environment.

Navisite, Inc. (Formerly Conxion), • San Jose, CA 2001 - 2003
Senior Information Security Engineer
Security group lead, managing and assigning tasks across multiple data centers for management security services for co-location hosting services.

  • Developed and executed datacenter migration plan for all managed security services such as firewalls, IDS, VPNs and authentication servers with no impact to production environments.
  • Responsible for maintenance of DNS, DHCP, Sendmail, Checkpoint Firewall-1, and Juniper Netscreen managed services.

Interliant, Inc. • Burlingame, CA 1999 - 2001
Senior Information Security Engineer  - Professional Services Consultant
Provided Network Security and Unix Systems administration as work force augmentation. Customers included: Apple Computers, Lawrence Berkeley National Labs, Palo Alto Internet Exchange (PAIX), Life-Chart, Daimler, many others.

  • Direct Customer Interface from Engineering / Architecture to Management of engagement.
  • Successfully migrated VLSI environment from Solaris 5.1 to 6.2
  • Managed large cluster environment for Genome project.
  • Successfully obtained Checkpoint Certified Security Engineer (CCSE) certification
  • Successfully managed professional services engagements
  • Maintained greater than 75% billable hours.

Coho.Net, Beaverton, OR 1995 - 1999
Principal Architect
Designed a Internet Service Provider from the ground up. Growing the operations from a single fractional T-1 and a handful of analog phone lines, brought the company to a competitive boutique ISP to support over 2000 users, dozens of servers and hundreds of digital channels of ISDN and digital circuits. Managed Telephone technical support users with two direct reports. Managed Linux servers and Cisco switches and routers.

United States Air Force 1993 - 1994
Computer Communications Systems Control Specialist
(Network Engineer)
Successfully completed Department of Defense, military data communications including Narrowband, Broadband analog and digital networking technology training. Held Department of Defense Top Secret security clearance. Trained in basic encryption and Mandatory Access Control methodologies. Helped maintain base-wide data communications.