Gene Meltser
CISM, CRISC, QSA, PA-QSA
34 Hidden Oaks Dr. 
Avon, CT, 06001
gmeltser@gmail.com
M (617)501-3240
H (617)466-9698

Qualification Highlights:

  • Results-oriented and high energy Information security leader with a proven record of directing and delivering a broad range of security initiatives
  • Excel in a variety of business environments, from startups to established enterprises
  • 15 years of progressive and diverse responsibilities with measurable results
  • Significant experience in building and deploying consulting services methodologies, building and managing consulting delivery teams
  • Significant expertise in management, oversight, organization and delivery of client focused technical and strategic projects from end to end. Services included application and endpoint penetration testing, vulnerability analysis and research, secure architecture design and assessments
  • Significant experience with building information security programs
  • Development of risk assessment management strategies & methodologies
  • In depth experience with industry standards such as PCI, HIPAA, ISO27001/2/5, COBIT, and others 

Technical Qualifications:

  • In depth experience and skills with application security concepts, strategies, vulnerabilities and countermeasures
  • In depth experience and skills with application & network security testing methodologies, penetration testing, tools, and methods
  • Programming skills in C, Perl, Python

Professional and Industry Skills:

  • Extensive experience solving complex business/technical problems and meeting needs on all levels, strategic and tactical
  • Proven ability to work with demanding, diverse internal and external customer bases to meet differing and often competing needs
  • Pragmatic, customer-oriented, requirements-driven approach to technology solutions that support the business needs of stakeholders


Professional Experience: 
2008-Present    Neohapsis, Inc.  Chicago, IL
Technical Director, Neohapsis Labs

  • Defined, organized and led Neohapsis Labs research activities in areas of IoT, network and application security, tools development and methodology development
  • Led the penetration testing center of excellence, which included development of service definitions, supporting sales collateral, internal methodologies and delivery processes
  • Closely involved in business development for the region, including relationship management, scoping and service definitions
  • Developed and lead multiple strategic and tactical security advisory and risk management consulting services for Neohapsis clients and partners
  • Lead and delivered pre-sales and business development activities for North East area in support of sales, resulting in substantial growth of new and existing accounts.
  • Development of internal service delivery capabilities, methodologies and services
  • Interviewer and mentor for new hires

2000-2008    @stake, inc. (Acquired by Symantec Corporation Sept. 2004)     Cambridge, MA
Lead Technical Security Architect

  • As a part of @stake's consulting and professional services group, lead and performed over 100 client engagements, including network architecture and penetration assessments, application architecture and penetration assessments, policy and compliance assessments, and code reviews. Successfully delivered multiple HIPAA, CISA and PCI/DSS compliance assessments. Assumed technical leadership over the last 5 years.
  • Co-founded Symantec Vulnerability Research group, which was responsible for the first vulnerability advisory release in 20 years of Symantec's history. The SVR team is responsible for managing and releasing multiple security advisories for major companies, including Cisco, Microsoft, and Oracle. 
  • Developed and implemented host-hardening guidelines and strategies for Windows2000, Linux and Unix based servers.
  • Worked with a multitude of Fortune 500 organizations, including financial institutions, investment firms, utility companies, state and local governments, health care providers, natural resource companies, insurance agencies, law firms, and distributors.
  • Documented findings and recommendations in a professional report containing executive and technical content, presented findings in a presentation to executive managerial and technical staff. Conducted frequent status updates and meetings, as well as final presentations. 
  • Member of Symantec's Attack and Penetration Center of Excellence.
  • Interviewer and mentor for new hires.

1999 - 2000    RSA Security Inc.    Bedford, MA
Software Engineer II

  • Assisted Engineering in design and development of large scale Access Control and Authentication server and internals on NT 4.0, AIX, HP and Solaris, under Rational's ClearCase source control.
  • Investigated, developed and provided hot fixes and patches to customer support and Quality Assurance departments on request as well as on a semi-annually cumulative patch release basis, using InstallShield for installation wrapping. 
  • Developed and tested Radius authentication client and server software, included with ACE/Server using Expect scripting. Provided Customer Support with a benchmark setting testing of Radius and Tacacs+  performed utilizing Cisco routers.
  • ntegration of Security Server Remote Administration Toolkit with TCL/TK (Wish) on NT, to provide customer with GUI-based customizable administration. 
  • Member of Coding Standards team, Code review panel, Code Inspection Team.
  • Mentor for new hires.

1997 - 1999    IBM Global Services    Windsor, CT
Network Administrator

  • Provide network software and hardware support for NT server, including TCP/IP configuration and troubleshooting, user administration, quotas, and permissions.
  • Server maintenance and backups done on scheduled basis, as well as documentation and logs of activity. 
  • Work closely with Software Engineering group to provide support and custom setups for development and testing.
  • Assist personnel with various software and hardware issues; provide patches and hot fixes for company software.

1996 - 1997    City Network, Inc.    Hartford, CT
Application Developer/Engineer

  • Application and Web development using common web based languages and technologies.
  • Operation of company web based assets including software, modem arrays
  • WinNT Server/Slackware Linux Server setup and maintenance, including services setup and configuration, data archiving and log maintenance.
  • TCP/IP configuration, user administration, including quotas and permissions.  

Education:
1999    WPI    Waltham, MA
Applied Cryptography and data security

  • Stream/Block Ciphers, modes and variants
  • PKI architecture
  • Digital signatures/protocols
  • Key distribution

1994 - 1999    University of Connecticut    Storrs, CT
B.S. in Computer Science and Engineering, Minor in Math

  • 100% Self-financed
  • Plan of study included 80XXX and PowerPC assembly programming, advanced electrical systems design, computer architecture and design, TCP/IP networking, hardware logic, algorithms, parallel systems, operating systems,  probability theory, Object Oriented design and programming, compilers, network programming.
  • Senior project: Rapid prototyping of Multi Agent Distributed Goal Satisfaction project. Assisted in Design and implementation prototype agent architecture in Java.  Allowed the research staff to actively test our design ideas and get direct input from the individuals involved in the design implementation.
Certifications and Affiliations:
CRISC (Active)
CISM (Active)
QSA (Active)
PA-QSA (Active)
CISSP (Lapsed)
WPI Crypto bootcamp certification

Awards:
Symantec A++ award, 2004: Outstanding work outside one's normal area of responsibility.
Symantec Guiding Principles award (2006, 2007): Awarded to those who best exemplify thought leadership in their relationships with internal or external clients.
Symantec Mindshare Leadership Award (2006, 2007): Recognizes accomplishments in thought leadership through public speaking and publishing.

Languages:
Fluent in English, Russian.

References:
Available upon request.