Larry Bill Email & Phone Number

Indian Land, South Caroline

• Novant Health Inc., Charlotte, NC Information Security Engineer III
• Assisted with the identification and documentation of asset vulnerabilities for all of the PCI and DMZ network zones to exceed the compliance requirements and harden Novant’s Security posture.
• Gathered near-term technical threat and vulnerability information (specific to span of control) from information sharing forums and sources to aid in remediation and awareness of developing system weaknesses.
• Shared effectiveness of protection technologies with appropriate parties (internal) to raise awareness of security capabilities and benefits.
• Executed tasks as directed by the enterprise Vulnerability Management Program to lower the risk level within Novant’s systems.
• Executed tasks as directed by the Information Security Risk Management Strategy to aid in compliance and corporate security policies.

Charlotte NC

• Engineered and installed a vulnerability management system (VMS) capable of exceeding PCI Audits within 4 months for the 300+ stores and corporate assets
• Evaluated both Qualys and Nexpose as a VMS and implemented Nexpose as the corporate tool
• Provided subject matter expertise on vulnerabilities and associated remediation to various departments including information security, technology, and business groups.
• Worked with pen testers to validate vulnerabilities
• Engaged in Encase forensic software usage for malware research and damage controlTechnical Environment: Nexpose and Qualys Vulnerability Management Application, Ubuntu Linux, VMware, Windows, Shell Programming, Perl.

Charlotte, North Carolina

• Overseen Qualys Vulnerability Platform to secure corporate environment of over 150,000 IPs
• Direct and supervise contract resources performing security reviews of firewalls
• Led integration efforts for Lieberman Password Vault (ERPM) with Qualys to enable enterprise authenticated scanning
• Improved compliance and security posture thru development of system hardening standards for corporate servers
• Provided subject matter expertise on vulnerabilities and associated remediation to various departments including information security, technology, and business groups. *** Technical Environment: Qualys Vulnerability.

• Ensure the confidentiality, availability, and integrity of in-house information systems and processes
• Ran external vulnerability software, Qualys, and find and coordinate remediation efforts for 1000s of vulnerabilities, which PCI requires quarterly
• In addition, created the PCI Firewall Review processes for TWC and manage ongoing review efforts
• Responded to information security incidents by coordinating data collection, conducting analysis to understand the nature of the attack or issue, participating in direct containment activities, facilitating remediation.
• Completed one of my one year priorities in six months. This involved learning a new Forensic tool set, Mandiant Incident Response, and taking over management of it, which included updating host consoles and upgrading.

• Collected and analyzed evidence using Guidance EnCase Software for 7+ years winning or saving the company millions of dollars in law suits; including working 1 high profile and 2 murder cases
• Detailed analysis of network traffic by implementing network surveillance that detected (IDS, Sniffers), then intercepted corporate espionage and actions of disgruntled employees, protecting the company’s corporate.
• Wrote and documented simple Perl and C programs, which analyzed and reported log anomalies and detected network and system abuse; these programs were used by the investigative team for the collection of evidence in.
• Designed, engineered, and supported Nortel’s Unix log archival systems that were used as a data warehouse for all of the Unix, MS, application, and network log records.
• Improved the security of corporate computing (Unix) and network security tools (firewalls, IDS, IPS, VPNs, screening routers, and all WiFi devices), thus mitigating risk.
• Worked closely with multi-national, multi-lingual Joint Ventures, and Business Partners on product, applications and business strategy by performing risk assessments and analyzing potential solutions resulting in.