Scott Roberts
Information Science & Technology graduate from Penn State University. Currently working as Security Consultant at Mandiant.
| Headline: | Engineer |
| Website: | http://www.togafoamparty.com |
| Industries: | Information Technology |
| Skills: | C/C++, Java, Languages and Platforms, Python, SQL, System Administration, Unix, Web Development, Windows |
| Location: | San Francisco, CA |
| Interested in: | Brainstorming, Career advice, Consulting opportunities, Creating a group, Employment opportunities, Finding mentors, Finding team mates, Joining a startup, Meeting new people, Offering Expertise, Participating in a competition, Partnering with other groups, Providing services to startups, Recruiting, Trading services |
| Schools: | Penn State University |
WORK EXPERIENCE
| Employer: | Mandiant |
| Position: | Security Consultant |
| Time period: | May 2008 - Present |
| Description: | •Worked with large enterprise client to create an end to end security operations center for networks security monitoring, incident response coordination, and threat management unifying the security operations of 14 nation wide enterprise centers.
•Advised clients n policy and procedure development as well as taking a decision making role in hiring and technology selection. •Developed Threat Management capability including building a comprehensive research capability and tiered reporting for audiences ranging from C-level executives to incident responders to SOC analysts. •Built a multi year analyst training and personal development program, including in house training and interfacing with external training organizations in order to create a well rounded, industry best practice based analysis program. |
| Employer: | Symantec: Managed Security Services |
| Position: | Threat Analyst |
| Time period: | December 2006 - May 2008 |
| Description: | •Conduct threat analysis and managing world wide response for Symantec Managed Security Services three global analysis teams, spanning 450+ enterprise customers, ranging from financial services to national infrastructure.
•Responsible for daily tuning of global analysis engine including signature normalization and managing analysis logic. •Provide documentation, research analysis, handling instructions, as well as customer facing threat analysis. •Serve as a functional conduit between regional analysis teams and Symantec’s world wide information security intelligence group, DeepSight, conducting specific customer and industry analysis to support DeepSight research and findings. •24x7 On Call Tier 3 resource for emerging threats, analysis logic, and business continuity. •Redeveloped six week security analyst training curriculum and mentoring program. |
| Employer: | Symantec: Managed Security Services |
| Position: | Security Analyst |
| Time period: | April 2006 - December 2006 |
| Description: | •Performed advanced network security analysis, validating attacks and assessing impact for Fortune 500 and private enterprise clients of various industries.
•Provided appropriate tactical and strategic recommendations to client security teams, third party consultants, and Symantec in-house engineering for incident remediation and proactively preventing future attacks. •Researched current vulnerabilities, attacks, and appropriate countermeasures, as well as producing internal documents to educate other analysts. |
| Employer: | NSA Center for Information Security Excellence at Penn State University |
| Position: | Distinguished Researcher |
| Time period: | December 2003 - November 2006 |
| Description: | •Developed teaching materials under a grant from the National Science Foundation for hands-on laboratory exercises used in Information Security classes.
•Proctored lab sessions for information security classes, leading exercises, providing guidance, and extending the educational experience for students. •Completed multiple juried research papers submitted to various academic Information Security conferences. |
EDUCATION
| University: | Penn State University |
| Degree: | Information Science & Technology, BSc |
PUBLICATIONS
| Papers: | •Shmoocon III Speaker - OLPC Panel: An Examination of OLPC Security and the Impact on Society.
•Form Follows Function: Information Assurance Network Design for Problem Based Learning - Published white paper and presentation at the ninth Colloquium for Information System Security Education. •Adding When, Where, And Why To How: Providing Ethical Context in Aggressive Information Security Labs - Presented at the seventh Workshop for Education in Computer Security. •Lead writer for Vulnerable Minds Blog, a noted think tank information security blog. |
INFORMATION
| Memberships: | •SANS GIAC Certified Incident Handler: Silver
•ArcSight Certified Security Analyst •Published blogger with Symantec’s Security Response Blog •Paper Review Committee Member - 10th & 11th Colloquium for Information System Security Education ‘06 & ‘07. •Board Member of College of IST Undergraduate Student Government. •Founder and President of the Penn State IST Information Assurance Club. •Attack Team Captain of the Penn State IST Information Assurance Competition Team. •Teachers Assistant for the School of Information Science and Technology Network Security class IST 451. •Speaker, Security Genius, and Leadership Team member for the Penn State Mac Users Group. |
Scott is Following (6)
View all-
Panda Security
Panda Security is an anti-virus software provider, with millions of clients in more than 200 countries and products available in 23 languages
-
Core Security
Core Security Technologies develops solutions that help security-organizations worldwide develop and maintain a proactive process for securing their IT infrastructure
-
NitroSecurity
NitroSecurity is a supplier of Unified Information Security solutions that provide Edge-to-Core network security for enterprises across many vertical markets, including healthcare, education, financial services, government, retail, hospitality, and manage
-
Voltage Security
Voltage offers encryption technologies for large companies to protect valuable data