Documente Academic
Documente Profesional
Documente Cultură
Wilson
3961 Via Marisol, Unit 317 mw-resume@mgwilson.org
Los Angeles, CA 90042 Cell (818) 403-1497
OBJECTIVE
I would like to continue to work in the fields Computer forensics and
Computer security. I would like to work with a small team of like minded
individuals that know more than me in some areas, and less than me in
others, allowing for a constant learning experience. I have found Expert
Testimony very challenging, and would like to do much more of it, both in
State and Federal venues.
CERTIFICATIONS
GIAC GCFA Gold #128
EnCE
PUBLICATIONS
GCFA Practical, 10/05/2004
http://www.giac.org/certified_professionals/practicals/gcfa/128.php
SUMMARY OF QUALIFICATIONS
. Extensive experience with computer forensics, electronic discovery,
and incident response
. Testified as an Expert Witness in the field of Digital Forensics in
both State and Federal courts
. Testified as an Expert Witness in the field of Web Hosting in the
California state courts
. Extensive Experience with litigation support
. Extensive experience with network and computer security principles,
design, and implementation
. Extensive experience with project and personnel management
. Fourteen years experience in the design, implementation, and support
of Unix and MS Windows workstation and server systems
. Experience with malware analysis, penetration testing, and system
security assessments
. Experience with the creation and implementation of security policies
and procedures in a global computing environment
. Experience with administration of Window 95-2003, Linux-based, and
Solaris operating systems
. Experience with network packet analysis
. Experience with IDS/IPS implementation and administration
. Experience with SOX compliance issues and solutions
. Experience with Unix mail and DNS administration
. Extensive experience with shell, Perl and Python scripting
. Experience with network services design, implementation, and
administration
. Experience providing system administration support for enterprise
level applications
. Extensive experience with operational and customer support
. Highly motivated, self-starting, team player, with a strong desire to
learn and excel
SOFTWARE SKILLS SUMMARY
. Forensic analysis software including EnCase 5-6, EnCase Enterprise,
EnCase eDiscovery 2-4, Forensics Toolkit 1.7, Netanalysis, Discovery
Attender for Exchange, Quest, Transcend Mail Migrator, Autopsy, TCT,
and Sleuthkit
. Security software including Blink, Retina, REM, Nessus, Tripwire,
IPchains, Snort, Nmap, Metasploit, Tcpdump, and Spector CNE
. BigFix Enterprise Suite Patch and configuration management
. UNIX system components including DNS, FTP, NFS, NIS, NTP, SMTP, SSH,
TCP/IP, and Samba
. Email software including Qmail, Postfix, Courier IMAP, CommunigatePro,
and Sendmail
. Windows system components including DNS, DHCP, WINS, Domain Control,
and AD
. Solaris operating systems including Solaris 7, 8, and 9
. Scripting languages including bourne shell, c shell, Perl, Python, and
awk
. Web services including Apache and IIS
HARDWARE SKILLS SUMMARY
. Forensic acquisition hardware such as write blockers, disk imagers,
and Forensic Acquisition PCs
. Various PC workstations, and servers, including Compaq, Dell, Gateway,
and HP systems
. Various Unix based workstations and servers, including HP, IBM, Sun,
and SGI
. Tippingpoint IPSs
. YellowJacket 802.11b/g Wi-Fi Analyzer
. Ironport A50 Mail Gateway Appliance
. Radware Web Server Director Load Balancer
. Network hardware including routers, switches and hubs for Ethernet
networks
EXPERIENCE
Guidance Software Inc.
Position: Senior Forensic Consultant (11/08 to Present)
Senior Forensic Consultant (05/08 to 08/08)
Forensic Consultant (08/07 to 05/08)
I am responsible for leading implementations of the company's EnCase
Enterprise product, leading forensic examinations, and conducting large
scale electronic discovery projects, both internally and for GSI clients.
As one of the few consultants with Expert Testimony experience, I am also
called in for ongoing and upcoming cases that have a high potential for
deposition and/or court testimony.
Specific responsibilities include:
. Expertise in computer forensic examinations for clients following
industry standard processes and procedures
. Conduct electronic discovery collections using the EnCase eDiscovery
suite, as well as Discovery Attender for Exchange
. Provide expert witness testimony and depositions in Digital Forensics,
and reasonable and proper investigative procedures
. Provide expertise in the EnCase Enterprise investigative
infrastructure and possess the ability to discuss its capabilities
with customers
. Work independently or as part of a team on large-scale projects at
client sites and in the lab
. Provide project management and technical leadership on mid and large
scale electronic discovery projects
. Deploy and interpret the results of network related analysis tools
. Understanding of network configurations and the ability to quickly
assess network vulnerabilities
. Provide first responder support of incident response investigations
. Provide on-site installation and orientation services relating to
EnCase, EnCase Enterprise, and EnCase eDiscovery products
. Ensure the integrity of original electronic evidence so it is
admissible in a court of law
. Train customers and GSI personnel in the use of Encase Enterprise and
Encase Command Center products
. Mentor Forensic Consultants and Lab Technicians in GSI technology,
methodology, policies, and procedures