Mr. Almond has spent over eighteen years in the Computer Sciences industry helping organizations achieve their goals by working to understand their unique issues and how the appropriate application of People, Process and Technology can solve their business needs. Mr. Almond has demonstrated the ability to understand and communicate the organizations security requirements at the Executive level so that solutions can be brought to bear in a manner that is effective and appropriate within the organization. Mr. Almond’s background includes acting as the Chief Security Officer for multiple organizations, managing and participating in the full range of Organizational Development and Enterprise IT Management; demonstrating experience with governance, policy, planning, architecture, risk management, service levels, systems management and maintenance all in a secure manner. Carl has a proven track record in highlighting and resolving issues in diverse environments and coordinating team efforts to solve organizational issues. Carl possesses excellent interpersonal, organizational, and communication skills, and is goal-oriented, diligent, and resourceful with proven management skills. Mr. Almond has presented at large public and private seminars on a wide range of security topics. Over the past eighteen years Mr. Almond has worked in virtually every vertical including Government/Defense, Financial Services, Healthcare, Legal, Manufacturing, Petrochemical, Retail, Transportation, Telecommunications, Travel and Hospitality, Media, Real Estate and Insurance. Mr. Almond currently is a co developer of a number of patent relating to secure electronic voting systems and authentication technologies. Certifications attained include CISM, CISSP, TICSA, IAM, MCSE, MCP+I, MCP, CNA, CCNP, CCNA, CCDP, CCDA, CCSA, Network+ and I-Net+.
Professional Experience
November, 2001 through Present
Director / Americas Security Practice:
Provide direction for the Americas Avanade security organization. Activities include determining the client bases need for security solutions and then working to create and communicate those solutions, developing and improving the intellectual property used by Avanade on client engagements, securing client information assets based on the organizations requirements and risk posture and providing internal and external security training. Projects include working with client executive leadership to understand how IT can facilitate their business goals, mentoring of client’s executive leadership, helping clients understand and implement security governance, creation of Security Best Practices, secure system architecture design, assessment of Information Technology systems/implementation of new secure systems, policy design and compliance, operations management improvements to increase the overall security stance and vulnerability and security assessments. Management duties include mentoring technologists, developing the careers of direct reports, client satisfaction, developing and managing vendor relationships, assisting sales though the acquisition of clients and creation of statements of work.
Security and Infrastructure Architect: [Secure Electronic Registration and
Voting Experiment (SERVE)]: Design, develop, deploy and manage the security, systems
application and infrastructure for the SERVE project (DoD FVAP) whose goal was to
build an electronic voting system which would allow over 100,000 uniformed and overseas
United States citizens to register and cast their ballots over the Internet for the
2004 Presidential election. My primary duties included determining and managing
the risks and threats that would affect the voting system over its lifecycle.
Creating the system requirements, system design/architecture, security policies and
procedures for the SERVE system. Designing a hardware and software infrastructure
using primarily Microsoft components that would resist identified and unidentified
threats. Guiding and insuring compliance to security requirements by the development
and infrastructure teams. Presenting and defending the security and infrastructure
elements to panels of government security experts, computer science professors, election
officials and corporate management. Performing day to day business functions
including contract negotiation, scheduling and team management.
Acting Chief Security Officer (CSO): [Accenture eDemocracy Services (AeS)]
Report directly to the CEO to fulfill all CSO functions required. Assess current
policies, procedures and processes as they relate to security. Work with AeS
staff to modify or create policies, procedures and processes where needed to enhance
the overall security stance. Assess/audit corporate network infrastructure (including
services and applications) for adherence to security best practices and corporate
standards. Provide guidance on the security elements of current and planned
applications and systems. Assist AeS in responding to external queries about
their security and infrastructures. Identify protection goals and objectives
consistent with the corporate strategic plan. Assist AeS in maintaining or developing
relationships with local, state, federal and foreign law enforcement and other related
government agencies. Oversee/assist with the investigation of security breaches
and assist with disciplinary and legal matters associated with such breaches if necessary.
Work with outside entities to allow for independent security audits.
March, 2000 through October 2001
Senior Internetwork Solutions Engineer:
Consult on the possible future investment value of organizations based on the People, Process and Technology used to fulfill the business requirements. Design, secure, manage and install client’s major Internetwork infrastructure projects. Including the roles of Lead Designer/Technician, Project Manager, Lead Security Engineer, Primary Technical Resource and Educator. Projects including Internet Infrastructure design and redesign, ASP Server farm installation, ISP Co-location farm infrastructure installation and design, Routing configuration and design, hardware analysis and selection, Firewall installation and testing, Intrusion Detection Scanner installation, Security assessments/policy creation, Interface to ISPs and NAPs, Large-scale documentation creation, training of customer personnel and customer relations. Projects include network/security review and redesign of the largest e-mail provider in the world, IP redesign and analysis for a major oceanic transit provider, NAP design review, Installation and securing of major Co-location providers infrastructure, redesign (security and infrastructure) and migration plan for the largest European satellite based Internet provider, CLEC DSL installation and configuration projects, major ASP/CSP server farm design and installation and advisor role to one of the big 5 investment firms to assess possible investment opportunities.Lucent Netcare (Previously INS, International Network Services)
July, 1999 through February, 2000
Network System Engineer:
Design, secure and manage clients Internetwork infrastructure projects. Including the roles of Lead Designer/Technician, Lead Security Engineer, Project Manager and Educator. Projects including Internet Infrastructure design and redesign, Security assessment and design, Server farm installation and training of customer personnel, Installation and configuration of Network Management Systems, Routing configuration and design, hardware analysis and selection, Firewall installation and testing, Interface to ISPs and NAPs, Large-scale documentation creation, and customer relations. Specific project types include lead designer on ground up design of national ISP carrier class networks layers 1 3; lead designer and project manager on redesign of the network and security design for large Internet and traditional based merchant sites; lead technician on operations procedure, security process and network infrastructure documentation projects and ASP and CSP server farm infrastructure design and review as well as technical white paper creation to help startups receive further investor funding.IBM Global Services Networking Services (Formerly Advantis)
April, 1997 through July, 1999
Senior Internetworking 1.1/CSN Access Designer and Backbone and Infrastructure Designer:
Design, approve and certify infrastructure and customer connections to IBMs US and International commercial wide area network (the IBM Global Network) using frame relay, leased lines, ISDN, switched 56, X.25 (non US); Cisco and IBM routers; IP: BGP, OSPF, RIP, Static routes; IPX: RIP; SNA: DLSW, RSRB and any other required technologies. Design and approve distributed service architectures (Web, FTP, DNS, SMTP, etc) including the WAN interconnections and the LAN infrastructure, including the commercial network connections into IBMs premier Universal Server Farms. Provide top level networking, security, consulting and troubleshooting expertise to customers and internal technical and sales staff. Consult and train staff members in advanced network design, security and related technologies. Test in labs or have tested new networking and security technologies for possible addition to IBMs networks and provide configuration examples and initial help to enablement personnel for the new technologies. Check new connections for security compliance and redesign networks and connections to meet or exceed required security standards. Design and enable new backbone or infrastructure connections to IBMs customer network. Design, enable and maintain out-of-band Frame Relay and ATM switch management network for IBMs US Layer 2 infrastructure. Takeover and cleanup the IP address administration for IBMs US customer network. Train new personnel to maintain IP address databases. Develop and help set policy for Internetwork and security issues. Participate in on or off site internal or customer meetings, as lead designer, to design or redesign the wide area networks and wide area network connections. Provide and present technical solutions directly to customers in Critical Situation meetings to improve the customer relationship and save the account. Create ISO9000 department documentation to document quality and meet audit requirements.Computer Management Consultants (Assigned to IBM/Global Services Networking Services)
January, 1997 through March, 1997
Consultant
: Redesign and Secure internal network and external connections to allow remote access, wide area access from any worldwide IBM internal location and Internet access with the major application being Lotus notes and Domino. Design wide area connectivity for labs in the US. Manage internal IBM servers (Windows NT on Intel and Alpha; AIX on RS/6000 and Power PC; and Solaris on SUN Sparc). Prioritize and manage projects for Principles; Provide top-level technical advice to other technicians and programmers in the unit. (Note: This was a 3 month project as the senior engineering resource that lead to the senior position directly held with IBM.)DataSolutions (WAN Services, Outsourcing )
January, 1996 to December, 1996
Senior Network Technician
: Convert DataSolutions and clients wide area networks from standard leased line or multidrop configurations to Frame Relay using Cisco, Motorola, and 3-Com routers and FRADs providing backup where needed. Design and manage the TCP/IP configuration for the DSI WAN and numerous customers wide area and local networks. Install and manage Internet services and connectivity internally and for clients (HTML, Mail, News, DNS and FTP servers) this includes firewalling the internal WAN and filtering the customers out of each others WANs. Design, implement and maintain wide area networks for customers; using Frame Relay, X.25, Leased Lines, wireless, TCP/IP, IPX and SNA. Set up and manage a Network Control Center that automatically alerts technicians of line and router problems. Build, configure and manage internal and customer Windows NT servers, Novell servers and Firewalls. Provide and maintain AS/400 connectivity to numerous customers (TN5250 and printer emulation) over TCP/IP occasionally using NT SNA gateway or directly to V3R1. Install UNIX LPD/LPR printing functions on dissimilar systems to allow UNIX printing to WAN Hosts. Test and incorporate new technologies into the DataSolutions and customers local and wide area networks.SC DHEC (Information Resources Management)
January, 1995 to December 1995
Information Resource Consultant:
Install, maintain and troubleshoot the DHEC wide area network. Increase levels of security throughout the infrastructure by policy creation and application of that policy. Build Novell servers and install Multi Protocol Router to be used as routers at remote agency offices. Install and configure routing of TCP/IP and IPX over WAN and local links. Install and teach users how to use multiple Internet tools including browsers, FTP, Telnet, etc. Interconnect routers using Radio Links, Frame Relay, ISDN, and conventional 56k and T1 links using CSU/DSU's and NT1's. Manage the personnel and equipment in three multi-county districts in relation to WAN connectivity; Administer and install Novell 3.11, 3.12, 4.x, WFW, Windows 95, Windows NT servers and Mainframe gateways. Provide technical support to county network support personnel and selected local technical personnel. Install, maintain and demonstrate to users software packages such as Excel, Quatro Pro, Windows, DOS, Microsoft project, Groupwise, etc. Test new hardware and software for possible integration into wide and local area networks.B.T.I. Consultants, Inc
.June, 1992 to January, 1994
Head of Computer Operations
: Purchase and maintain all company computer equipment; locate new sources of online information for investigators; perform consultation for clients regarding computer security issues; perform upgrades to client's software, machines and networks. Set standards for computer hardware and software.January, 1989 to Present
Independent Contractor:
Provide expert advice to one of the largest SPAM (UCE) operators on how to defend against the full array of network attacks as well as create a solid hosting facility that provided functionality while minimizing attack points. Install and maintain multiple Internet Service Providers WAN infrastructure and their clients router based connections using Cisco, ascend and Intel routers over leased lines, frame relay, ATM or POTS. Review installed WAN, LAN and Server architecture for possible improvements in efficiency and security. Assess current security stance, repel hackers and tighten networks to reduce the likelihood of further successful assaults. Installed and designed Local and Wide Area Networks including wiring plants, network software and hardware, and all resulting utilities and programs for clients. Performed upgrades to clients computers and software. Consulted Business and Individual clients on hardware and software purchasing decisions. Instructed clients on the use of virtually all types of software and hardware. Connected clients to the Internet and educated them on the use of the services available. Performed time management and billing functions. Implemented the NO DOS BBS, the only windows based BBS in Central Missouri at the time, Acted as a U.S.R. and Hayes modem Beta tester.Technical Skills
Processes, standards and Models used and studied - PFIRES (Policy Framework for Interpreting Risk in eCommerce Security), ASF (Avanade Security Framework), DITSCAP DoD Information Technology Security Certification and Accreditation Process), TCSEC (Trusted Computer Security Evaluation Criteria), ITSEC (Information Technology Security Evaluation Criteria), NIST (National Institute of Standards and Technology) security related policies, ISO 17799 (BS7799), SANS Security Policies, etc
Security Technologies – PKI, Encryption, Identity and Access Management, Firewalls,
Intrusion Detection/Prevention, Anti SPAM, Network Discovery/Assessment, Web Filtering,
Anti Spyware/Virus, Patch Management, Secure Access and Forensics and Investigation.
Security Tools - ISS, NESSUS, SAINT, Whisker,
Shadowscan, AntiSniff, War Dialers, NTOP, Ethereal, Sniffer Pro, tcpdump, snoop, snort,
nmap, crack, John the Ripper, etc.
Firewalls - Cisco PIX and IOS firewall feature
set, CheckPoint, Microsoft ISA (Internet Security and Acceleration server) Server,
Axent Raptor, Borderware Border Guard, etc.
Diagnostic Equipment/ Software - Network
Associates, WG, Net X-Ray, EtherPeek, TokenPeek, LinkView, Fluke, SolarWinds, AntiSniff.
Networking Hardware - Cisco: Routers &
Switches (120xx, 7xxx, 64xx, 65xx, 60xx, 5xxx, 4xxx, 3xxx, 2xxx, 1xxx). Bay/ODS hubs
& switches. Lucent/Ascend networking hardware CBX, BSTDX, DSL Concentrators, Routers,
LAN and WAN switches. IBM 2210 6611 router
Networking Software and Protocols - Cisco
IOS, HP Openview (NT), (MCSE) NT Server 3.51/4.0/2000, (CNA) Novell 3.1x – 4.x, AppleTalk,
TCP/IP, IPX, BGP, OSPF, RIP, EIGRP, IGRP, NLSP, IPX WAN; SNA: DLSW, RSRB; SSH, SSL,
RSd, PictureTel.
Operating Systems - Windows NT 3.X, 4.0,
2000, 2003 and XP, Linux and Solaris
Project Management Tools - MS Office, MS
Project, Excel, Word, Visio, Lotus Office Suite, WordPerfect office suite, IBM VM
based PM tools.
Education
Professional
Accelerate - Situational Leadership, AKLS
Leadership Rally - Effective Management, AKLS
Effective Negotiating, KARRASS
Principals of Architecture II, Avanade
Designing, Deploying, and Managing Microsoft Identity Integration Server(MIIS) 2003,
CESC
Think Like a Manager, NPP
Lean to Listen, NPP
Introduction to Cisco Router Configuration, Information Management Systems
Advanced Cisco Router Configuration, American Research Group
Install & Maintenance of Cisco Routers, American Research Group
Cisco Internetwork Troubleshooting, American Research Group
Cisco Internetwork Design, American Research Group
Cisco SNA (SNAM), American Research Group
CISCO ATM SOLUTIONS, American Research Group
Catalyst 5X00 Switch Family, American Research Group
OSPF Design and Configuration, American Research Group
Border Gateway Protocol Configuration, American Research Group
Certified NetWare Engineer training, Astron Educational Services
Network Support and Introduction to the IBM 2210, IBM
Configuration and Management of IBM 2210/2216/6611 Routers, IBM
IBM Global Frame Relay WAN Design, IBM
Troubleshooting Ascend(Cascade) Frame Relay Networks Training, Ascend
Ascend NMS Fundamentals and Frame Relay Training, Ascend
CBX 500 ATM Configuration & Operations, Ascend
Troubleshooting with the Expert Sniffer Analyzer, Network Associates
Ethernet Network Analysis and Troubleshooting, Network Associates
Internetwork Analysis and Troubleshooting, Network Associates
College
One year towards B.S. in Business
Columbia College in Columbia Missouri.
University
Three years towards B.A. in Computer Science
The university of Missouri in Columbia Missouri.
Down load my resume in Microsoft word format or RTF.
ReturnThis page and all its contents Copyright 2005
Carl H. Almond Jr. All rights reserved. Please make links to index.html! Last modified 09/28/05.