Thomas Ratz, CISSP

Location: Hendersonville, Tennessee 37075

Phone: +1 (615) 264-2233 Email: tom@ratz.net

URL: http://www.ratz.net

 

 

 

OBJECTIVE

Full time position in information systems security architecture and management with emphasis on securing network and systems infrastructures, security compliance, configuration management, risk management, database and application security, web site security, and disaster recovery/business continuity planning.

 

SUMMARY OF QUALIFICATIONS

Very strong background in Information Security. Experienced in Windows 200x deployment, migration, and administration. Heavily experienced in Microsoft Windows NT administration, Microsoft Exchange 5.5 administration, and Microsoft SQL Server database design, development, implementation, and administration. Extensive background in MS Internet Information Server, MS Proxy Server, Seagate Crystal Reports and Backup Exec, web site development and design, AutoCAD, Novell 4.x, GTE transmission media and equipment from DS0 to DS3 level, AT&T Digital Patch and Access System, NET Integrated Digital Network Exchange, Transmission Control Network, and numerous computer architectures, peripherals, operating systems, configurations, troubleshooting, and software applications.

 

WORK EXPERIENCE

2000- National Information Security, Deloitte & Touche, Hermitage, Tennessee

  • Information�Security Manager: (2006) Managed, mentored, and led the Deloitte US Firms' Information Security Risk & Compliance team�by using a combination of personnel management, project management, business relations, customer service, and vendor management skills to effectively and efficiently manage, maintain, and promote the highest levels of security, identify/manage/reduce risk, and ensure compliance to standards�for the Deloitte US Firms while contributing to the overall success of the global information security program.
  • Systems Security Team Lead: (2004) Managed, mentored, and led the Deloitte US Firms' Systems Security team by using a combination of personnel management, project management, business relations, customer service, and vendor management skills to effectively and efficiently manage, maintain, and promote the highest levels of systems security for the Deloitte US Firms while also contributing to the overall success of the global information security program.
  • Senior Systems Security Analyst: (2002) Created, implemented, maintained, and promoted best practices with regards to Information Security on the multiple platforms. Designed numerous tools and methodologies to ensure system configurations were compliant with security standards. Developed auditing procedures to perform security assessments at the user, machine, and domain level.
  • Domain Administration: (2000) Architected, implemented, and maintained Microsoft Windows 2000 and 2003 Active Directory domains for the national and global firms' demilitarized zone (DMZ) networks to include the overall security model design and group policy management.
  • Firewall Administration: (2001) Deployed approximately one hundred SOHO-type firewall appliances as well as a central-management system for all deployed units for an enterprise policy management capability. Installed, configured, and managed high-availability Microsoft Internet Security and Acceleration server arrays to secure and manage Internet traffic destined to internal servers for the national and global firms.
  • Web Security: (2000) Developed policies, procedures, and best practices for securing Microsoft IIS web servers. Developed processes to audit the security posture of IIS web servers.
  • Application Security: (2000) Designed, developed, and implemented application security functions to protect web-based applications against buffer overflows, malformed data, and structured query language (SQL) injection. Also designed single-sign-on methodologies for client/vendor sites. These functions were adopted and implemented at a variety of level throughout the global organization.
  • Secure Web Site Design: (2000) Designed, developed, implemented, and maintained the intranet site for the US National Information Security Group by using best security practices to provide a model of secure web site development and management.

1999- Owner Operator, Ratz I.T. Solutions, Hendersonville, Tennessee

  • Proprietor: Provide quality, competent, and affordable information technology consulting services targeting small to mid-size organizations whose size and budgetary constraints often prevent them from having an adequate internal technology/security staff. The goal is to level the playing field by providing smaller organizations the means to operate in a secure manner comparable to larger competitive organizations.

1999-2000 Corporate IT Manager, Camber Companies LLC, Nashville, Tennessee

  • IT Manager: Responsible for purchasing, coordination, installation, configuration, maintenance, and administration of all IT assets and services in a distributed wide area network for a health care management corporation.
  • Network Administrator: Configured, maintained, and administered a corporate distributed wide area network on a Microsoft BackOffice server platform including; MS NT, Exchange, SQL, Proxy, and IIS servers as well as a Microsoft Terminal Server for remote user accessibility with low bandwidth.� June 1999 - Present
  • Database Administrator: Administered a MS SQL Server RDBMS as well as MS Access, VB, and web based client interfaces. Designed reporting and data manipulation systems for Access users. June 1999 - Present
  • Web Master: Designed and maintained numerous complex web sites for a MS IIS platform using MS FrontPage, MS Visual Interdev and various other web site design and maintenance utilities. June 1999 - Present

1998-1999 Database Administrator, IDR for US Army, Fort Campbell, Kentucky

  • Database Administrator: Deigned, developed, implemented, and administered a MS SQL Server RDBMS as well as MS Access, VB, and web based client interfaces. August 1998 - June 1999
  • Network Administration Assistant: Assisted in configuration, maintenance, and administration of a Windows NT network and MS Exchange server for over 1500 users. August 1998 - June 1999
  • Web Master: Designed and maintained numerous complex web sites for a MS IIS platform using MS FrontPage, MS Visual Interdev and various other web site design and maintenance utilities. March 1998 - June 1999
  • Helpdesk Manager: Provided software, hardware, and network support for over 1500 users. Implemented HelpSTAR trouble desk software. Performed hardware/software maintenance and configurations. January 1998 - August 1998

1994-1997 Communications Systems Supervisor and Controller, US Army, Okinawa, Japan

  • Automation Manager: Supported computer and network configuration / troubleshooting for over 100 users. October 1995 - August 1997
  • Circuit Activation Manager: Provided circuit actions coordination, work orders, and test and acceptance testing for multinational and joint service agencies worldwide. June 1995 - August 1997
  • Configuration Manager: Provided configuration management functions using AutoCAD to draft network layouts, topologies, circuit/trunk/link routings, facility layouts, and alarm circuitry. July 1997 - August 1997
  • Communications Security Manager: Accounted for and controlled over 50 cryptographic materials essential for secure communications for the United States Military. July 1996 - August 1997
  • Operations Manager: Managed the operational mission for an entire Defense Communications System Technical Control Facility in the absence of the primary manager. June 1997 - July 1997
  • Quality Control Manager: Created and maintained an automated Trend Analysis and quality control testing program to monitor and maintain over 3000 circuits, trunks, and links which make up the Defense Communications System on Okinawa, Japan. June 1995 - August 1997
  • Total Quality Management Manager: Organized and guided unit quality meetings for over 35 personnel for the Army TQM program. August 1995 - February 1997
  • Trouble Desk Operator: Maintained communications equipment and media for over 3000 circuits, trunks, and links. August 1994 - July 1997

Professional Certifications

CISSP - Certified Information Systems Security Professional (http://www.isc2.org/)

SECURITY CLEARANCE

TOP SECRET SBI - Completed National Security Agency polygraph testing. Clearance is not currently active.

EMPLOYMENT

 

2000 -

Information Security Office, Deloitte Services LP, Hermitage Tennessee

 

1999 -

Self Employed, Ratz I.T. Solutions, Hendersonville, Tennessee

 

1999 - 2000

Corporate IT Manager, Camber Companies, LLC, Nashville, Tennessee

 

1998 -1999

Database Administrator, Paragon Systems Inc. / IDR for US Army, Fort Campbell, Kentucky

 

1993 - 1997

Sergeant, United States Army. Fort Buckner, Okinawa, Japan. 31P - Communications Systems Supervisor, Controller, Maintainer, and Operator

 

1996 - 1997

Network Installer, American Computer Services. Okinawa, Japan. Local Area Network installation for DOD School System Upgrade

 

1989 - 1994

Specialist, Indiana Army National Guard. Connersville, Indiana. 92A - Equipment Records and Parts Specialist

 

 

EDUCATION

 

 

1999

Empower Associates - Nashville, Tennessee. Certificate - Administering Microsoft SQL Server 7.0

 

1998

Athena Learning Institute - Nashville, Tennessee. Certificate - Microsoft Windows NT Core Fundamentals

 

1998

Empower Associates - Nashville, Tennessee. Certificate - Microsoft Web Mastering Fundamentals

 

1997

Maryland University - Asian Division, Kadena Air Base, Okinawa, Japan. Continuing Education - Information Systems Management

 

1996

US Army Non Commissioned Officers Academy, Camp Jackson, South Korea. Certificate - Entry Level Manager's Course

 

1995

Central Texas College, Camp Foster, Okinawa, Japan. Continuing Education - Information Systems Management

 

1993 - 1994

US Army Signal Center, Fort Gordon, Georgia. Diploma - Communication Systems Controller, Maintainer, Operator

 

1991 - 1993

Indiana Institute of Technology, Fort Wayne, Indiana. A.S. Computer Repair Technology - Magna Cum Laude

 

1989

Indiana University East, Richmond, Indiana. Continuing Education - Advanced Programming