- no title specified

MICHAEL FOUNTAIN, CISSP CISA

(866)302-5777

Enterprise Security Engineer/Auditor

Information security architect, engineer and command line technical expert with 18 years experience. Specializing in acquisition, repair, renewal or re-design of technology and technological controls to meet security and/or compliance requirements. Long track record of successful “hands-on” engineering and audit success.

CHRONOLOGY

SENIOR SECURITY ARCHITECT

(June 2001- present) Blue Sky Global Inc.

Architecture, and secure information systems design where detailed, specific and precise technical engineering is required. See the technical addendum.

INFORMATION TECHNOLOGY SENIOR TECHNICAL PROJECT MANAGER

(November 1999-June 2001) Cisco Systems

The Cisco Customer Advocacy-Interactive Internet Team (CA-IIT)was responsible for evaluation and process development for rollout of new technology within Cisco. My responsibility was training CA-IIT engineers and Project Managers in the deployment of VoIP/ECRM applications and the specifics of supporting VoIP for the Cisco Technical Assistance Center.

DIRECTOR OF TECHNICAL OPERATIONS

(April 1999-November1999) ThinkLink

ThinkLink was a start-up Competitive Local Exchange Carrier (CLEC ) They were positioned as an Application Service Provider in the Unified Messaging space. Their unique combination of co-marketing a Voice over IP long distance offering with an added value web GUI anchored their technology. I was brought on board to build the voice, data and customer use WAN for a net-new CLEC.

SENIOR NETWORK ARCHITECT

(September 1998-April 1999) Liquid Audio

This company was the industry leader in proprietary Internet music sales and rights tracking. They retained my services for the build of a global public-private distribution backbone. The real time requirement of the audio stream combined with the global nature of this business demanded my wide scope of experience in design of communications, and my expertise in building corporate information systems infrastructure.

V.P. SYSTEMS AND SITE OPERATIONS
(1997-1998) InsWeb

Recruited by this first-ever vertically integrated insurance marketplace on the Internet, providing in-depth insurance information and resources to consumers and a direct line to insurance agents, brokers and companies.
• Re-designed the IS infrastructure including Network architecture, Data security infrastructure, service desk, engineering task structure, and intra-company relationships.
• Maintained a 7x24 support tree.
• Redesigned the UNIX (Solaris/BSD) Internet services (WWW servers, Name Servers, Pop and SMTP mail servers), including BGP4 peering and restructured the internal NT domain model.

WIDE AREA NETWORK ARCHITECT
(1996-1997) Insurance Corp of British Columbia, Canada

I was selected for the Technical Architecture Team on the Next Generation of Insurance Project. As the senior architect the evaluation, design, and implementation of a 900 router, two time zone wide-area network was my responsibility.

SENIOR NETWORK ENGINEER

(1993-1996) U of Wa Facilities Services

Conducted systems programming and analysis in a multi-protocol, multi-mission three-tiered Client-Server environment. Supported EMS and SCADA technology for the University of Washington Power plant.

NETWORK SUPPORT ENGINEER

(1993) Microsoft

Worked under contract to this industry leader in the Product Support Services Division, a group of 70 network specialists who provided mission critical phone support to priority customers.

___________________

EDUCATION

B.A., Zoology/Biomedical History, University of Wash

Graduate Study, Computer Science Dept., University of Pennsylvania

Published author of peer reviewed scientific articles

Military: Decorated USMC Reconnaissance Officer

Publications/Reference list available on request

___________________________________________

Technical Addendum

I employ my engineering skills (command line script, server/router/firewall/NIDS-HIDS configuration design, test, and deployment (Solaris, Windows 2Kx, or Linux), to train indigenous engineering teams in high reliability assured operations. For example I will often build a Tripwire implementation, configure a Cisco MARS server, or write automatic script to capture and parse Windows Active directory logs. I do this at the onset of an engagement to show the engineering team how the detailed tracking of changes can quickly improve Mean Time to Recovery. I can build, debug and run technical script on any architecture.

EXAMPLES OF SUCCESSFUL TECHNICAL ACCOMPLISHMENTS

Provided information security engineering, integration and design for a Moss Adams enterprise project team. This was a $300m international corporate merger. Major initiatives included program management of the IT Governance and Control structure redesign using a blended ISO 27002/ITIL/COBIT Framework.

Designed and implemented risk management, compliance evaluation, and security guidelines during a transitional period at The City of Hope Hospital. Introduced and implemented OCTAVE vulnerability assessment and published NIST 800-30 risk planning documentation in accordance with HIPAA (45CFR 160,162,164)requirements.

Re-engineered and mentored the IT Governance working teams as an Information Technology Policy and Risk management consultant at New Jersey based NRG Energy. NRG is a power generator who has received approval for the first two United States nuclear power generation plants in 30 years. Implemented newly adapted CoBIT controls. Piloted a new methodology for NERC CIP compliance control evaluations.

Produced a functional mapping of the 2006 Amendments to th e Federal Rules of Civil Procedure to IT best practices for the Portland, Maine based All Computer Solutions (ACS) a market leader in forensic computing. Specifically, structuring the ongoing IT IS0 17799 pre-audit practices to include correlation to FRCP rules 26,33,34,37,and 45, providing subsequent reduction in e-Discovery risk.

Security Planner for Wells Fargo Home Mortgage Risk Management. Evaluation, project management and design of secure financially significant banking solutions for Tier 1 projects.

Internal Audit support for Washington Mutual Bank, including design and execution of enterprise audit and control evaluation of the DNS/DHCP environment.

SOx audit documentation of the designated BOEING Financially Significant Application Matrix FSAM manufacturing controls. This including control design evaluation and executing tests. Manufacturing process programs tested included the Design and Control of Aircraft Configuration (DCAC) Manufacturing control process, and I was personally responsible for evaluating change management for the z/OS, HP-UX , DYNIX and MPE 3000 systems.

Security vulnerability remediation and SNMP management control design for Enterprise switch control at ATT Wireless.