Ryan William Smith
RyanWSmith@gmail.com
www.RyanWSmith.com

EDUCATION

Johns Hopkins University
Masters of Science in Security Informatics May 2008
Cumulative GPA: 3.84

The University of Texas at Austin
Bachelor of Science in Electrical Engineering May 2006
Major: Computer Engineering
Technical Areas: Information Assurance, Communications and Networking
Major GPA: 3.6      Cumulative GPA: 3.4

EXPERIENCE

July 2010 – Present
Praetorian
Senior Security Consultant

  • Web application security assessment
  • Application, network, and system penetration testing
  • Education and training in advance security topics
  • Research and development of advanced and operational security concepts

July 2008 – July 2010
MIT Lincoln Laboratory
Associate Staff – Computer Network Operations

  • Acted as an information security advisor to two network transformations from ATM to a SOA over IP architecture at large federal government organizations
  • Performed manual and automated analysis of large sets of malware samples with the goal of identifying and isolating particular behaviors and characteristics
  • Worked on a team of three to develop a malware analysis system using QEMU, with fine-grained, whole system information flow, and OS introspection
  • Developed and implemented operating system introspection for Linux and Windows, to infer OS level activity by monitoring virtual hardware in QEMU

February 2006 – August 2006
21st Century Technologies, Austin, TX
Software Engineer  – Information Security Research

  • Worked on a team of five to develop a second phase implementation of a novel intrusion detection system using sub-graph isomorphism to detect and correlate multi-stage network attacks
  • Developed and implemented a modular client/server architecture to support distributed sensors, sensor management, and analysis engines
  • Began initial development of a prototype interface using Google Web Toolkit

June 2005 – August 2005
PricewaterhouseCoopers, Dallas, TX
Intern  – Security Consulting Services

  • Performed and prepared reports for Sarbanes-Oxley compliance audits at several corporate clients
  • Worked on a team of four to design a corporate identity management strategy for a large multi-site healthcare system

March 2004 – May 2005
The University of Texas – Applied Research Laboratories, Austin, TX
Senior Student Associate – Information Systems Laboratory

  • Led a team of two to design a utility for embedding audit logs into various document file formats using steganographic techniques
  • Independently developed a proof of concept tool to embed audit logs into files using steganographic techniques, which led to a substantial multi-phase research contract
  • Worked on the development of a prototype tool to detect possible worm propagation and suspicious network behavior from high-level network connection data

May 2003 -August 2003
Anheuser-Busch Companies Inc., Houston, TX
Intern – Information Systems

  • Performed critical information system infrastructure support in a 24-hour production environment
  • Advised the department on various security concerns and information assurance methods such as public key infrastructure and encrypted file systems
  • Prepared and delivered an advisory to the Houston brewery plant manager and employees on the threat of the Blaster worm and its variants

ACTIVITIES

  • Extensive independent study in the areas of cyber warfare, international relations, and intelligence
  • Invited member of the red team at the 2009 Northeast Regional Collegiate Cyber Defense Competition
  • IEEE Communications Society – Student Chapter, President (Fall 2004 – Spring 2006)
    • Assisted in the organization of a Texas regional Collegiate Cyber Defense Competition in conjunction with UTSA and Texas A&M (April 2005)
    • Invited participant at an NSF funded workshop to investigate the feasibility of a national intercollegiate cyber defense exercise (February 2004)
    • Organize weekly public presentations on security, network, or Linux related topics
    • Personally presented on: PGP, public key cryptography, software security, anonymous TCP/IP protocols, advanced firewall configuration, honeynets, TCP/IP networking concepts, and general security concepts
  • UT Honeynet Project, Executive Chair (Fall 2004 – Spring 2006)
    • Developer of ShellShock a win32 shellcode analysis tool for Linux (shellshock.ryanwsmith.com)
    • Personally invited to present on honeynet technologies at:
      • Austin Chapter of Information Systems Security Association (April 2004)
      • Texas DIR, Internet Security Forum for Texas State Government (April 2004)
      • University of Texas System Security Colloquium (July 2004)

SKILLS

Operating systems: Linux, Windows
Programming Languages: C/C++, Java, x86 Assembly, Motorola 6812 Assembly
Web design and programming: HTML, CSS, PHP, SQL
TCP/IP network design and configuration