Anthony R Plastino III, CISSP, CISA

Current

Chief Information Officer at AirFacts

Past

Security Consultant at Noridian Mutual Insurance
Principle Security Consultant, Manager Enterprise Solutions at Sword & Shield Enterprise Security, Inc.
Sr. Unix & Network Security Engineer at MusicNet

President at TARP3 Enterprises, Inc.
Systems and Network Security Engineer at eSociety.com
Internet Security Engineer at Free Range Media
Sr. Unix and Network Administrator at CyberSafe

see less...

4 more...

Education

BS, Business Administration

Recommended

7 people have recommended Anthony R

Connections

173 connections

Industry

Information Technology and Services

Websites

My Company

Anthony R Plastino III, CISSP, CISA’s Summary

Anthony R Plastino III, CISSP, CISA’s Specialties:

Diversely skilled with over 16 years progressive experience in network design, systems administration, infrastructure design, risk assessment, certification and accreditation, IT governance, vulnerability assessment, penetration testing, and host/network security.

Anthony R Plastino III, CISSP, CISA’s Experience

Chief Information Officer

AirFacts

(Information Technology and Services industry)

March 2009 — Present (9 months)

Responsible for:
• Development and delivery of IT strategies with emphasis on ROI
• Operational aspects of AirFacts’ information systems, operations
and support
• Ongoing design and management of AirFacts’ security and
compliance initiatives
Security Consultant

Noridian Mutual Insurance

(Public Company; Insurance industry)

December 2008 — July 2009 (8 months)

General security consulting, CMS/NIST compliance, standards development, security architectural design, targeted risk assessments, vulnerability analysis, web application testing, security evangelism, and mentoring.
Principle Security Consultant, Manager Enterprise Solutions

Sword & Shield Enterprise Security, Inc.

(Information Technology and Services industry)

August 2002 — October 2008 (6 years 3 months)

• Methodology development in Risk Analysis, Compliance Management, C&A, Security Policy Review and Development, and Security Assessments.
• Provided security consulting, risk assessments, C&A consulting, vulnerability assessments, penetration testing, architecture review, security infrastructure design, and remediation planning for Sword & Shield accounts in the healthcare banking, entertainment, utilities, State, and Federal sectors.
• Mentored and contributed to the Professional Development of subordinates.
• Developed and delivered course presentations for the DOE NNSA Cyber Security Training Program.
• Lead several NVA/PT for commercial banks in East Tennessee.
• Participated as a lead and as resource for NVA/PT work with Department of Justice.
• Participated in continuous improvement of Sword & Shield service offerings.
Sr. Unix & Network Security Engineer

MusicNet

(Privately Held; 51-200 employees; Computer Software industry)

2001 — 2002 (1 year )

• Provided security evangelism, vulnerability assessments, and developed corporate security policies.
• Contributed to design, implementation and support of a high availability and high bandwidth network production infrastructure.
• Designed, installed, maintained and supported NetScreen firewalls.
• Designed, implemented and maintained a remote access policy.
• Developed, implemented, maintained and supported host and network based intrusion detection system for production environment.
• Provided application security specifications and guidelines to software architects.
President

TARP3 Enterprises, Inc.

(Information Technology and Services industry)

2000 — 2001 (1 year )

• Provided Internet security solutions to several firms in the global Internet community.
• Penetration analysis, network security assessments, configuration analysis, systems hardening, network design consulting, VPN design, DMZ construction, firewall installations, CGI and general WWW code review and decomposition, security policy review and design and a small amount of forensic work.
Systems and Network Security Engineer

eSociety.com

(Civic & Social Organization industry)

2000 — 2000 (less than a year)

• Performed an internal vulnerability analysis, designed an implementation plan then lead a team to implement the recommendations
• Designed, implemented, maintained and supported internal and external production security of hosts, networks and infrastructure design.
• Installed, configured, maintained and supported snort IDS both in production and internal environments.
• Installed, configured, maintained and supported Solaris on E250, and E450 platforms.
• Analyzed IP addressing scheme, recommended changes, planned and executed a corporate wide conversion from static to dynamic IP addressing
• Planned and executed the collapse of the extended network, consolidation of staff into the new location and supervised the removal of over 65% of the employees as the company downsized. Trained remaining IT staff on the administration, maintenance and support of critical systems and VPN prior to being laid off.
Internet Security Engineer

Free Range Media

(Information Technology and Services industry)

1998 — 2000 (2 years )

• Analyzed the internal and external networks and made recommendations for infrastructure and policy changes.
• Designed and implemented security policies including password construction and aging, acceptable use, third party connections to extranets, privacy and remote access.
• Worked with senior management and marketing to develop a set of security consultation products that provided vulnerability assessments and informational reviews of web site ideas. This contributed about a quarter million dollars in revenue over a six month period.
• Led a team to analyze integration challenges to the new company when Free Range Media and seven other companies across the U.S. rolled up and became Luminant Worldwide. This project involved more than a dozen individual security assessments and provided a single set of recommendations that included policy, local and wide area infrastructure reorganizations as well as methods for consolidation of certain assets.
Sr. Unix and Network Administrator

CyberSafe

(Information Technology and Services industry)

1996 — 1998 (2 years )

• Served as lead and mentored junior unix systems administrators while maintaining responsibility for multiplatform support of software development, testing labs and internal support systems.
• Designed, implemented, maintained and supported a system using a combination of perl, C, and HTTP forms for adding and deleting users to the network. This system encompassed every internal system: NIS servers; NT PDCs for login IDs; created passwords; added users to email lists; issued SecureID cards; notified HR, facilities, internal support, and appropriate managers regarding the addition or deletion of personnel.
• Proposed, authored, implemented and supported security policies relating to password construction, privilege escalation, VPN usage and telecommuting and acceptable use.
• Installed, administrated, maintained and supported SunOS, Solaris, AIX, HP/UX, NeXT, BSDI, BSDOS, Linux, Windows NT 3.51, NT 4.0, Sequent Dynix, NCR and SGI.
• Controlled physical access to facilities.