About Chris Carpinello
I create solutions to optimize security operations in order to:
* Maintain business system availability
* Protect intellectual property
* Limit corporate liability
* Safeguard the corporate brand
* Ensure compliance
I achieve those business goals by embracing these security fundamentals:
* Confidentiality, Integrity and Availability
* Defense-in-depth
* Least Privilege
* Simplicity
* Education
* Information Assurance (IA)
* Network behavior analysis (NBA)
* Network intrusion prevention systems (IPS)
* Host and network intrusion detection systems (IDS)
Contents at a Glance
Social Networking
Connect with me!
Email:
Business Connections:
Friends and Family Connections:
What I'm up to right now:
Business Connections:
Friends and Family Connections:
What I'm up to right now:
Experience
Where I've made a difference
Senior Information Assurance Engineer at DataPath, Atlanta GA, 2008 - Present
Military, civilian government and commercial organizations turn to this privately held 600 person company as a global leader in creating satellite-based network solutions that solve the toughest communications challenges. Engineered information security solutions related to Department of Defense programs:
* Security Test and Evaluations (ST&E)
* Certification and Accreditations (C&A)
* Defense Information Assurance Certification and Accreditation Process (DIACAP)
* System Security Authorization Agreements (SSAA)
Directed implementation of security regulations and controls into programs and projects ensuring due diligence and due care.
Senior Software Engineer at Lancope, Atlanta GA, 2002 - 2008
Focusing on Fortune 500 customers, this privately held 60 person company consistently outperformed competitors to remain on the network behavior analysis short list of industry analysts. Prototyped new products as the primary information security specialist under the purview of the Founder and Chief Research Officer.
* Partnered with Cisco to productize their Adaptive Control Technology (ACT).
* Increased revenue through prototype development of StealthWatch Xe, which was then productized.
* Enabled federal sales by completing Common Criteria evaluation.
* Streamlined product manufacturing process, reducing time from hours to minutes.
Software Engineer at Internet Security Systems, Atlanta GA, 1997 - 2001
As a public company with 1,500 employees and $250M revenue, ISS dominated the vulnerability prevention enterprise market. Produced high quality deliverables for the System Security Scanner and RealSecure products within application development teams of five to twelve engineers. Applied highly effective problem solving skills to become a valued asset to the team and company, through commitment to quality and consistently good development habits.
* Awarded Product of the Year in 1999 and 2000 by Network Magazine for RealSecure.
Software Engineer at Nortel Networks, Atlanta GA, 1995 - 1997
Nortel Networks is a publicly owned telecomm giant catering to the enterprise and carrier markets with $15B revenue and 70,000 employees. Provided services to engineers and quality assurance teams totaling 300 people as one of two configuration management developers.
* Exceeded performance ratings, recognized by 18 "thank you" emails, 1 peer award, 1 management award in 1996.
* Lead critical migration project with a $600K project deadline penalty, delivering three weeks ahead of schedule.
System Administrator at NASA Langley Research Center, Hampton VA, 1993 - 1994
Aerospace pioneering and atmospheric sciences are the core disciplines amongst NASA LaRC's 3,300 civil service and contract employees. Administered 100 mixed-vendor Unix workstations in the Fluid Mechanics division with two IT operations personnel .
* Improved customer service satisfaction level resulted in a full-time job offer at the end of this internship position.
System Administrator at Old Dominion University, Norfolk VA, 1991 - 1994
The academic computing network at this 60-year old state institution brought together 3,000 faculty, undergraduate and post-graduate students. Overseen by Computer Science department faculty, cooperatively administered 300 campus-wide, mixed-vendor Unix workstations on a part-time basis with eleven other undergraduate students.
* Awarded highly competitive internship at NASA Langley Research Center after reducing helpdesk turnaround time and increasing uptime of computing resources.
Military, civilian government and commercial organizations turn to this privately held 600 person company as a global leader in creating satellite-based network solutions that solve the toughest communications challenges. Engineered information security solutions related to Department of Defense programs:
* Security Test and Evaluations (ST&E)
* Certification and Accreditations (C&A)
* Defense Information Assurance Certification and Accreditation Process (DIACAP)
* System Security Authorization Agreements (SSAA)
Directed implementation of security regulations and controls into programs and projects ensuring due diligence and due care.
Senior Software Engineer at Lancope, Atlanta GA, 2002 - 2008
Focusing on Fortune 500 customers, this privately held 60 person company consistently outperformed competitors to remain on the network behavior analysis short list of industry analysts. Prototyped new products as the primary information security specialist under the purview of the Founder and Chief Research Officer.
* Partnered with Cisco to productize their Adaptive Control Technology (ACT).
* Increased revenue through prototype development of StealthWatch Xe, which was then productized.
* Enabled federal sales by completing Common Criteria evaluation.
* Streamlined product manufacturing process, reducing time from hours to minutes.
Software Engineer at Internet Security Systems, Atlanta GA, 1997 - 2001
As a public company with 1,500 employees and $250M revenue, ISS dominated the vulnerability prevention enterprise market. Produced high quality deliverables for the System Security Scanner and RealSecure products within application development teams of five to twelve engineers. Applied highly effective problem solving skills to become a valued asset to the team and company, through commitment to quality and consistently good development habits.
* Awarded Product of the Year in 1999 and 2000 by Network Magazine for RealSecure.
Software Engineer at Nortel Networks, Atlanta GA, 1995 - 1997
Nortel Networks is a publicly owned telecomm giant catering to the enterprise and carrier markets with $15B revenue and 70,000 employees. Provided services to engineers and quality assurance teams totaling 300 people as one of two configuration management developers.
* Exceeded performance ratings, recognized by 18 "thank you" emails, 1 peer award, 1 management award in 1996.
* Lead critical migration project with a $600K project deadline penalty, delivering three weeks ahead of schedule.
System Administrator at NASA Langley Research Center, Hampton VA, 1993 - 1994
Aerospace pioneering and atmospheric sciences are the core disciplines amongst NASA LaRC's 3,300 civil service and contract employees. Administered 100 mixed-vendor Unix workstations in the Fluid Mechanics division with two IT operations personnel .
* Improved customer service satisfaction level resulted in a full-time job offer at the end of this internship position.
System Administrator at Old Dominion University, Norfolk VA, 1991 - 1994
The academic computing network at this 60-year old state institution brought together 3,000 faculty, undergraduate and post-graduate students. Overseen by Computer Science department faculty, cooperatively administered 300 campus-wide, mixed-vendor Unix workstations on a part-time basis with eleven other undergraduate students.
* Awarded highly competitive internship at NASA Langley Research Center after reducing helpdesk turnaround time and increasing uptime of computing resources.
Affiliations
Information Systems Audit and Control Association (ISACA)
Information Systems Security Association (ISSA), specifically the Metro Atlanta chapter.
Infragard, specifically the Atlanta chapter.
Information Systems Security Association (ISSA), specifically the Metro Atlanta chapter.
Infragard, specifically the Atlanta chapter.
LinkedIn Answers
I routinely contribute to the LinkedIn Answers community. Below are responses that have been recognized as "Good Answers" and "Best Answers".
Career Management
I have a 4+ years of Technology experience as a Software Engineer in Wireless domain and now I am pursuing MBA. What kinds of opportunities I should be targetting once I complete MBA (three years from now)?
5 Secrets to Strengthen Your Brand
Computer Networking
Surviving a denial-of-service attack, what are your options?
Where can someone volunteer to do computer networking in the NY/NJ area to gain CCNA experience?
What are some of the more important and recognized IT certifications at present (MCSE, CCNA, etc...)?
Education and Schools
What subject do you think should be added to the school/college curriculum?
What changes would you like to see in entrepreneurship education?
Enterprise Software
With Sun's OpenOffice, Google Apps, and IBM's Lotus Symphony being free, does this pose a threat to MS office dominance?
Job Search
Tough times for commuters
Do services like LinkedIn prove the adage: 'it's not what you know but who you know' thats gets you ahead in your career, in life?
Should your boss be surprised to find that you have an account with Monster.com, Dice.com or the likes?
What are people's thoughts on the privacy issues surrounding Facebook profiles potentially appearing on Google results? What effect do you think this will have on the growing number of people, and organisations, using the site for recruitment purposes?
Information Security
What are the top 10 required features when selecting a network security product?
Intrusive testing professional tools
What is the biggest problem a CIO/CTO faces?
Anti-virus testing
Intellectual Property
How do you best contact a 'domainer' about a domain name that you believe infringes or is confusingly similar to your brand name?
Professional Networking
Credibility of members on social networking sites. How much do you consider that?
Resume Writing
Are IT resumes different?
Does earned LinkedIn "Expertise" belong on a resume?
Software Quality
How do you measure software quality?
Software Security
What does the phrase secure coding practices mean to you?
Wireless
Online course on Wireless LAN fundamentals: I'm looking for a good provider that can provide training on wave theory and antenna / radio application.
Career Management
I have a 4+ years of Technology experience as a Software Engineer in Wireless domain and now I am pursuing MBA. What kinds of opportunities I should be targetting once I complete MBA (three years from now)?
5 Secrets to Strengthen Your Brand
Computer Networking
Surviving a denial-of-service attack, what are your options?
Where can someone volunteer to do computer networking in the NY/NJ area to gain CCNA experience?
What are some of the more important and recognized IT certifications at present (MCSE, CCNA, etc...)?
Education and Schools
What subject do you think should be added to the school/college curriculum?
What changes would you like to see in entrepreneurship education?
Enterprise Software
With Sun's OpenOffice, Google Apps, and IBM's Lotus Symphony being free, does this pose a threat to MS office dominance?
Job Search
Tough times for commuters
Do services like LinkedIn prove the adage: 'it's not what you know but who you know' thats gets you ahead in your career, in life?
Should your boss be surprised to find that you have an account with Monster.com, Dice.com or the likes?
What are people's thoughts on the privacy issues surrounding Facebook profiles potentially appearing on Google results? What effect do you think this will have on the growing number of people, and organisations, using the site for recruitment purposes?
Information Security
What are the top 10 required features when selecting a network security product?
Intrusive testing professional tools
What is the biggest problem a CIO/CTO faces?
Anti-virus testing
Intellectual Property
How do you best contact a 'domainer' about a domain name that you believe infringes or is confusingly similar to your brand name?
Professional Networking
Credibility of members on social networking sites. How much do you consider that?
Resume Writing
Are IT resumes different?
Does earned LinkedIn "Expertise" belong on a resume?
Software Quality
How do you measure software quality?
Software Security
What does the phrase secure coding practices mean to you?
Wireless
Online course on Wireless LAN fundamentals: I'm looking for a good provider that can provide training on wave theory and antenna / radio application.
Networking and Security
Optimizing security and network operations is what I've done for almost a decade. These are the best technical titles I've come across.
Network Warrior by Gary Donahue
One of the best technical books I've ever read.0 points
The Tao of Network Security Monitoring: Beyond Intrusion Detection by Richard Bejtlich
Definitive work on why network behavioral analysis more...0 points
TCP/IP Illustrated Volumes 1-3 Boxed Set (Addison-Wesley Professional Computing Series) by W. Richard Stevens
The legend lives on.0 points
Software Engineering
Essential components of any software developer's reference library.
Software Security
Building Security In!
Put software security into practice with these excellent books.
Writing Secure Code, Second Edition by Michael Howard
Keep black-hat hackers at bay with the tips and te more...0 points
Unix Software Development
POSIX is your friend!
Invaluable technical references for all things POSIX and Unix.
The Zone
Music to code by
Mostly trance, techno, industrial and dance with high beats per minute and few lyrics.
Career Management
It's not who you know or what you know, but who knows what you know.
I highly recommend all of these books!
Challenge the way you think!
Productivity, Organization, Simplicity and Interaction
Fundamental books that have changed the way I think.
Favorite Strategy and Social Games
Do you want to play a game?
My favorite way to enjoy time with friends and family.
Blokus Strategy Board Game
Europe's 2003 game of the year! Develops logic and more...0 points
Tigris and Euphrates Board Game
Step back to the dawn of recorded time. Take comma more...0 points
The Settlers of Catan
New card art, new tiles, and a full-color rule boo more...0 points
Ticket to Ride
Tickets, please -- all aboard for this cross-count more...0 points
My kind of funny
Ninjas > Pirates
When I need to unwind, I spin up one of these for a good laugh.
