David Hayes, MSCS, JD, CISSP, CCSP, CISA
Details
Computer Science
Rensselaer Polytechnic Institute
1983 : 1985
JD
Law
Texas A&M University School of Law
1998 : 2002
Bachelor of Arts
Computer Science / Mathematics
Ripon College
1979 : 1983
Verizon
Distinguished Engineer - Network & Information Security
Threat analysis and pre-emptive remediation of high-profile attacks disclosed at Black Hat security conference, Open Media Boston, and the Journal of Cryptography. Pioneered the use of NetFlow data for incident response, analyzing malicious communications hidden in encrypted channels. Incident reponse subject-matter expert for attacks against TLS/SSL using MD5, RC4, Poodle, Poodle-2, Heartbleed, CRIME, BEAST, CloudCracker and the Viehboeck attack against WiFi WPS. Threat intelligence against terrorist and activist groups, detecting impending DDOS attacks and hardening defenses before the attack. Provided technical response to auditors for PCI compliance. Addressed regulatory issues for the FCC, FTC, and Department of Homeland Security. Policy analysis and controls for supply-chain risks.
2006 : 2019
Verizon
Principal Member of Technical Staff
Co-lead of the Enterprise Security Task Force, responsible for drafting MCI Worldcom internal security policy and practice. Team lead for web security and PKI teams. Created an internal secure document delivery system, for which I received the Summit Club award (top 1% of engineers). Drafted the MCI response to a competitor's petition to NY Public Service Commission concerning damages to MCI for a service outage due to a virus, resulting in a $400,000 award to MCI and withdrawl of the competitor's petitions in seven other states.
1999 : 2006
MCI Worldcom
Senior Network Engineer
Created a new process for routing data in high-speed optical networks, later awarded a U.S. Patent. Planned wide-area data networks for command and control of MCI's long-distance voice switching systems. Wrote test plans to validate network stability in the face of failing hardware and circuits. Configured UNIX systems for network simulation, projecting the effects of changes in circuit configuration and placement. Co-lead of the Enterprise Security Task Force team on web security, and member of encryption security team.
1994 : 1999
MCI
Senior Engineer
Managed network of 129 UNIX workstations supporting all of DSC’s voice switching engineers. Redesigned network file system configuration to improve software build times. Created network boot procedures to automate new system installation.
1993 : 1994
DSC Communications Corporation
Unix Systems Manager
Skills
ATM networks, Business Requirements, CISSP, Communication, Computer Science, Computer Security, Cryptography, DNS, Encryption, Ethernet, Firewalls, Incident Response, Information Security, Internet Protocol Suite (TCP/IP), IPv6, Linux, Network Architecture, Network Design, Network forensics, Network Security, Open-source software, Perl, PKI, Remote authentication, Routers, Routing, Security, Security Architecture Design, Security Controls, Security Policy Development, Security Training, Shell Scripting, SIP, Solaris, TCP/IP, Technical Specs, Threat Modeling, Unix, VoIP, VPN, Vulnerability Assessment, Vulnerability Management, Wireless
About
Versatile security professional with expertise in IP network security, Linux, firewalls, intrusion detection, incident response, encryption, IT governance and public policy. Master of Science Computer Science, Juris Doctor, CISSP, CCSP, CISA.