Andrew Hay

Andrew Hay

Information Security Analyst at Capital G Ltd.

Bermuda

Current
  • Information Security Analyst at Capital G Ltd.
  • Independent Security Analyst and Editor-in-Chief at www.andrewhay.ca
Past
  • Integration Product/Program Manager at Q1 Labs
  • CEO and Founder at Koteas Corporation
  • Manager of Integration Services at Q1 Labs Inc.
  • Customer Solutions Architect at Q1 Labs Inc.
  • Customer Support Engineer 2 at Nokia Enterprise Solutions
  • Platform Analyst at Computer Sciences Corporation (Nortel Contract)
  • Network Analyst at Magma Communications Ltd.
  • Platform Analyst at Convergys

see less...

5 more...

Education
  • The SANS Institute
  • The SANS Institute
  • The SANS Institute
  • Algonquin College of Applied Arts and Technology

see less...

1 more...

Recommended
Andrew has 17 recommendations 17 people have recommended Andrew
Connections
500+ connections
Industry
Computer & Network Security
Websites

Andrew Hay’s Summary

S. M. Andrew Hay is a security analyst at Capital G Ltd. in Hamilton, Bermuda. Prior to that he worked as the Integration Services Product and Program Manager for Q1 Labs Inc. He has extensive experience in enterprise network, firewall, VPN, intrusion (IDS/IPS/HIPS), and network security management (NSM/SIM/SEM/NBA) technologies and is also strong advocate of security training, certification programs, and public awareness initiatives.

In February 2008 Andrew released his first book entitled The OSSEC Host-based Intrusion Detection Guide (Syngress, ISBN 9781597492409). He also contributed to Nagios 3 Enterprise Network Monitoring (Syngress, ISBN 9781597492676) and has just completed the Nokia Firewall, VPN, and IPSO Configuration Guide (Syngress, ISBN 9781597492867).

Presenter
· Network Security Monitoring and Management Solutions, Next Generation Networks Technical Awareness Session (TAS), in Gatineau, Quebec, Canada - May 2007
· Enterprise Log Analysis with Q1 Labs QRadar and OSSEC, iTrust and PST Conferences on Privacy, Trust Management and Security in Moncton, New Brunswick, Canada - July 2007
· Security Round Table panelist: Topic “Do we have privacy anymore?” - September 2007 - http://preview.tinyurl.com/66b4t8
· SANS Webcast entitled Separated at Birth – “Identity and Access Reunited!” - September 2007 - http://preview.tinyurl.com/4nnbgj
· “Lunch & Learn” on Enterprise Log Management for Incident Handlers at SANS Network Security 2007 at Caesars Palace in Las Vegas, Nevada - September 2007

Interviews
· Interviewed by Stephen Northcutt of The SANS Institute on Why Certification Matters - July 2006 - http://preview.tinyurl.com/3vzjk5
· Interviewed for IT Business article entitled Even second helping of Bot Roast “won’t eliminate cybercrime” to provide input on the crackdown of 8 botnet herders and their subsequent arrest – December 2007 - http://preview.tinyurl.com/6hx3kz

Twitter: http://www.twitter.com/andrewsmhay

Andrew Hay’s Specialties:

Holds numerous industry-leading certifications including the CCNA, CCSA, CCSE, CCSE NGX, CCSE Plus, Security+, GSEC, GCIA, GCIH, SSP-MPA, SSP-CNSA, NSA, RHCT, RHCE, and CISSP.

Andrew Hay’s Experience

  • Information Security Analyst

    Capital G Ltd.

    (Privately Held; Banking industry)

    September 2008Present (11 months)

    Develop plans to safeguard computer files and meet emergency data processing needs. Co-ordinate the implementation of computer systems plans with other people in the organization and outside vendors. Assist in implementing legislated information protection requirements (for example, privacy requirements). Test systems to make sure security measures are working. Modify security files to change user permissions, correct errors or install new software. Consult with other computer specialists and organizational personnel about issues such as information access requirements and programming changes. Monitor the use of information and regulate access to safeguard it. Write reports to document computer security and emergency measures policies, procedures and test results. Conduct compliance audits to ensure that security standards and policies are being followed.

  • Independent Security Analyst and Editor-in-Chief

    www.andrewhay.ca

    (Computer & Network Security industry)

    January 2007Present (2 years 7 months)

    www.andrewhay.ca

  • Integration Product/Program Manager

    Q1 Labs

    (Privately Held; Computer & Network Security industry)

    February 2008September 2008 (8 months)

    Responsible for the Integration Services portfolio of deliverables at Q1 Labs. Establish relationships with 3rd party vendors to create product requirements documentation for new and exciting integration vectors. Research network, security, application and vulnerability technologies for integration into QRadar, the company’s flagship network security management solution.

  • CEO and Founder

    Koteas Corporation

    (Privately Held; 1-10 employees; Computer & Network Security industry)

    January 2004May 2008 (4 years 5 months)

    Established in 2004, Koteas Corporation is a leading provider of end to end security and privacy solutions for the small, medium, and enterprise (SME) spaces.

    Our desire is to build a trust between us and our clients by tailoring solutions to meet organizational and infrastructural needs. Our highly trained staff has several years experience in information system security, risk management & analysis, business continuity, and auditing.

    With a worldwide consultant base, Koteas Corporation can provide you with the security products and solutions you need to defend your most important asset -- your business.

  • Manager of Integration Services

    Q1 Labs Inc.

    (Privately Held; Computer & Network Security industry)

    November 2006February 2008 (1 year 4 months)

    Led a team of software developers who were responsible for integrating 3rd party log and vulnerability data into the QRadar SIEM solution.

  • Customer Solutions Architect

    Q1 Labs Inc.

    (Privately Held; 51-200 employees; Computer & Network Security industry)

    February 2005November 2006 (1 year 10 months)

    - Supported the creation, customization, and optimization of clients network security policy using Q1 Labs QRadar
    - Assisted in the development, testing, and integration of events into QRadar from 3rd party devices
    - Provided internal training to sales engineers in the field on above 3rd party products
    - Worked with management to develop call center best practices
    - Acted as Project Manager in selection of enterprise call center ticketing system
    - Assisted sales engineers with installs at customer sites in various cities worldwide
    - Managed several key customer accounts to ensure service level agreements and issues were met in a timely manner
    - Interfaced with VP and C level executives to ensure customer and company issues were properly addressed
    - Lead technical trainer, instructional designer, subject matter expert, and content creator for 3-tiered training program

  • Customer Support Engineer 2

    Nokia Enterprise Solutions

    (Public Company; 10,001 or more employees; NOK; Computer & Network Security industry)

    March 2002January 2005 (2 years 11 months)

    - Supported the creation, customization, and optimization of clients network security policy using Check Point FireWall-1 / VPN-1 (4.1 and NG) and Check Point Provider-1
    - Obtained in-depth knowledge of routing, switching, and interior / exterior gateway routing protocols as well as virtual private networks, encryption algorithms, and general best-practice security issues
    - Supported clients IPSO, Sun Solaris, Windows 2000/XP, Mac OS, and SecurePlatform operating systems and their interaction with Check Point FireWall-1 / VPN-1 (4.1/NG) policies and rule bases
    - Supported implementation, configuration and optimization of Nokia One Business Server (NOBS), Nokia Message Protector (NMP), Nokia Secure Access System (NSAS), and Nokia Horizon Manager (NHM)
    - Head of Small Office product training for Americas TAC
    - Extensive knowledge of 3rd party security devices and competing products

  • Platform Analyst

    Computer Sciences Corporation (Nortel Contract)

    (Public Company; 10,001 or more employees; Computer Software industry)

    November 2000November 2001 (1 year 1 month)

    - Provided second level support for the Clarify Tool suite of applications, an advanced Customer Relationship Management (CRM) application to communications companies and other enterprise sectors.
    - Point of contact between developers and clients
    - Worked in HP-UX, Sun Solaris, Windows 95,98,NT,2000 environment
    - Installed and maintained Apache Web Server, PHP, and WinMySQL database for team

  • Network Analyst

    Magma Communications Ltd.

    (Privately Held; 51-200 employees; Information Technology and Services industry)

    August 2000November 2000 (4 months)

    - Provided networking, internetworking, and connectivity support for Magma Communications Corporate Clients. Supported workstations, servers, and networks located both off-site and in Magma’s Class A Internet Data Facility. Also provided Web Development support for Magma’s Corporate Clients.
    - Provided networking, internetworking, and connectivity using xDSL, Cable, Dial-Up, ATM, Frame Relay, and ISDN technologies
    - Provided support for Cisco, Nortel, Alcatel, and Linksys routers, gateways, and hubs
    - Implemented manual code changes for clients Web Sites in critical, time-sensitive situations using HTML, ColdFusion, PHP, JavaScript
    - Managed Network Monitoring with Media House IP Monitor application
    - Managed Apache Web Server, Zeus Web Server, POP3, SMTP, Linux, Unix, RealServer, MS SQL, Win NT Server, Win 2000, and DNS with Bind 8

  • Platform Analyst

    Convergys

    (Public Company; 10,001 or more employees; CVG; Information Technology and Services industry)

    March 1999August 2000 (1 year 6 months)

    - Responsible for all customer escalated requests
    - Responsible for transfer of knowledge to junior technicians
    - Directly involved in new hire orientation
    - Responsible for all network problem reporting and resolution procedures
    - Integral part of the following contracts:
    - iStar Internet (now PSI Net)
    - Rogers@Home (now Rogers High-Speed)
    - Road Runner Communications
    - Awarded two in-house Technical Certifications in:
    - Windows 3.1,95,98,NT
    - MS-Dos
    - MacOS 7.51-X, AppleTalk
    - BootP, DOCSIS Standards
    - Cable Modem Technology and Structure
    - Network Architecture, Design, Connectivity
    - UNIX
    - ATM, Frame Relay, ISDN, xDSL
    - Citrix

Andrew Hay’s Education

  • The SANS Institute

    Securing Windows 20092009

    The Securing Windows track at SANS (SEC505) is a comprehensive set of courses for Windows security architects and administrators. It tackles tough problems like Active Directory forest design, how to use Group Policy to lock down desktops, deploying a Microsoft PKI and smart cards, pushing firewall and IPSec policies out to every computer in the domain, securing public IIS web servers, and PowerShell scripting.

  • The SANS Institute

    Hacker Techniques, Exploits & Incident Handling 20062006

    This course addresses the latest cutting-edge insidious attack vectors and the "oldie-but-goodie" attacks that are still so prevalent, and everything in between. This course includes a time-tested, step-by-step process for responding to computer incidents; a detailed description of how attackers undermine systems so you can prepare, detect, and respond to them; and a hands-on workshop for discovering holes before the bad guys do. Additionally, the course explores the legal issues associated with responding to computer attacks, including employee monitoring, working with law enforcement, and handling evidence.

    This challenging course is particularly well suited to individuals who lead or are a part of an incident handling team. Furthermore, general security practitioners, system administrators, and security architects will benefit by understanding how to design, build, and operate their systems to prevent, detect, and respond to attacks.

  • The SANS Institute

    Intrusion Detection In-Depth 20062006

    The emphasis of this course is on increasing students' understanding of the workings of TCP/IP, methods of network traffic analysis, and one specific network intrusion detection system (NIDS) - Snort. This is not a comparison or demonstration of multiple NIDSs. Instead, the knowledge provided here allows students to better understand the qualities that go into a sound NIDS and the whys behind them, and thus, to be better equipped to make a wise selection for their site's particular needs.

  • Algonquin College of Applied Arts and Technology

    (not quite) , Computer Science , 19972000

    Left in Fall of 1998

Additional Information

Andrew Hay’s Websites:

Andrew Hay’s Interests:

security, networking, blogging, incident handling, linux, unix, forensics, intrusion analysis, rugby

Andrew Hay’s Groups:

ISSA, Whitehats.ca, The SANS Mentor Program, The Security Catalyst Community, OSSEC LinkedIn Group, PCI Compliance LinkedIn Group, GIAC LinkedIn Group, Log Analysis Professionals Group, The Ethical Hacker Community

  •    CSORoundtable
  •    Certified Information Systems Security Professionals (CISSP)
  •    RSA Conference
  •    OSSEC
  •    The Security Catalyst Community
  •    Community SANS Instructors
  •    Nokia Alumni (past and present)
  •    SOX Professionals
  •    Information Systems Security Association (ISSA)
  •    Black Hat
  •    GIAC, Global Information Assurance Certification
  •    Information Security Community (30,000+ Members)
  •    Log Analysis Professionals
  •    Privacy Professionals
  •    ISACA Professionals
  •    Instructional Designers
  •    Cloud Computing
  •    Security Bloggers Network
  •    The Academy Pro
  •    SOURCE Conference
  •    CISSP
  •    Security Information and Event Management (SIEM)
  •    Security Leaders Group
  •    Security Twits
  •    CheckPoint Experts
  •    Event log management, security and monitoring
  •    Syngress
  •    CYBER WARFARE Forum Initiative - CWFI
  •    Cloud Security Alliance

Andrew Hay’s Honors:

Cisco Certified Networking Associate (CCNA)
Stay Sharp Program - Computer and Network Security Awareness (SSP-CNSA)
Stay Sharp Program - Mastering Packet Analysis (SSP-MPA)
Check Point Certified Security Administrator (CCSA)
Check Point Certified Security Engineer (CCSE)
Check Point Certified Security Engineer NGX (CCSE NGX)
Check Point Certified Security Engineer Plus (CCSE Plus)
CompTIA Security+
GIAC Security Essentials Certification (GSEC)
GIAC Certified Intrusion Analyst (GCIA)
GIAC Certified Incident Handler (GCIH)
Nokia Security Administrator (NSA)
Red Hat Certified Technician (RHCT)
Red Hat Certified Engineer (RHCE)
Certified Information Systems Security Professional (CISSP)

Andrew Hay’s Contact Settings

Interested In:

  • career opportunities
  • consulting offers
  • new ventures
  • job inquiries
  • expertise requests
  • business deals
  • reference requests
  • getting back in touch

View Full Profile

Public profile powered by: LinkedIn

Create a public profile: Sign In or Join Now

View Andrew Hay’s full profile:

  • See who you and Andrew Hay know in common
  • Get introduced to Andrew Hay
  • Contact Andrew Hay directly

View Full Profile