Nathan McFeters

Nathan McFeters

Advanced Security Center Manager at Ernst & Young, LLP

Greater Chicago Area

Current
Past

see less...

3 more...

Education
  • Western Michigan University
  • Jackson Community College
Recommended
Nathan has 8 recommendations 8 people have recommended Nathan
Connections
369 connections
Industry
Computer & Network Security
Websites

Nathan McFeters’s Summary

Self-motivated individual, driven to provide clients with high-quality security assessments. I enjoy researching security related topics and programming tools that allow me to perform my testing more efficiently.

Nathan McFeters’s Specialties:

Speaking :: DEFCON 15, HITB 2007 Malaysia, ToorCon 9/Seattle 2007, Black Hat Vegas (2008), Japan (2007/2008), Federal (2008), & Europe (2008), Microsoft BlueHat v7/v8, Chicago OWASP 2008, & Mac C4 2008

Advisories :: SA32177, CVE-2008-3961, CVE-2008-0043, CVE-2007-3896, CVE-2007-4041, CVE-2007-5020, CVE-2007-3924, CVE-2007-3832, CVE-2007-3833, CVE-2007-3670, and Adobe Security Bulletin APSB08-11

Certifications :: CISSP, SANS GSEC, SANS GWAS

Nathan McFeters’s Experience

  • Advanced Security Center (ASC) Manager

    Ernst & Young, LLP

    (Partnership; 10,001 or more employees; Accounting industry)

    March 2005Present (4 years 9 months)

    Serves in an evangelist role for the Advanced Security Center. Regularly speaks at prestigious conferences on emerging threats discovered through his research. Frequently speaks with clients and advises on security concerns for Fortune 500 clients.

    Served as the engagement manager for the ASC’s largest client. Lead a team of 8-12 people with diverse backgrounds and skill sets to provide the highest quality black box web application assessments. Managed budget, resources, quality, client interaction, and schedule for approximately 200 separate engagements. Developed the relationship with the client to one of trust, mutual growth, and friendship by consistently going above and beyond the client expectations.

    Specializes in web application and product testing and used diverse programming background to lead several engagements. Discovered thousands of security flaws across a broad spectrum of technologies.

  • Zero Day Security Blogger

    ZDNet

    (Public Company; ZDZ; Online Media industry)

    February 2008December 2008 (11 months)

    I'm one of three bloggers (Ryan Naraine and Danho Danchev) that handle the Zero Day Security blog for ZDNet. Here I focus on providing highly technical insight into the latest rumblings in industry and the hacking scene. Originally I was brought on to do guest postings of some of the interesting research I had been involved in and to cover the Black Hat Federal event. After doing a couple of successful stories, Ryan Naraine suggested Larry and George bring me on full time and it's been a lot of fun contributing. The blog gives me a great outlet to talk about my research and all that is new and cool in security, hacking, and technology.

  • Lead Database Programmer

    Auxiliary Enterprises

    (Computer & Network Security industry)

    20002006 (6 years )

  • System Administrator

    Western Michigan University - Research Assisstantship

    (Educational Institution; Myself Only; Computer & Network Security industry)

    April 2004January 2005 (10 months)

    Installed, Secured, and Maintained a network of various operating systems and services. Hands-on work installing, configuring, and securing Solaris 8/9, Fedora 2, Gentoo Linux, Windows XP, and Windows 2000 machines. Setup and configured a postfix mail server
    with SpamAssassin. Setup and configured NFS and NIS+ for a network of Solaris 8/9 machines. Setup a ghost server for remote backup and reinstall of Windows XP and Windows 2000 systems. Applied NSA recommended patches for securing Windows XP and Windows 2000. Followed SANS guidelines for hardening Solaris 8/9 and Linux servers. Performed full-scale penetration test of the network. Created policies and guidelines for keeping the network secure, as well as secure computing for users

  • Lead Programmer

    Western Michigan University - Research Assisstantship

    (Educational Institution; Myself Only; Computer Software industry)

    April 2003January 2005 (1 year 10 months)

    Lead Programmer of the ATE Program Evaluation Project, one part of a larger effort to assess the impact and effectiveness of the NSF's Advanced Technological Education program. As Lead Programmer, was responsible for creating a GUI based system, which creates an XML survey description, and an application that translates the XML into web pages and databases to run the survey. Made several key design decisions, and worked closely with the client in order to ensure conformance to specified requirements.

  • Co-Founder/Consultant

    Solstice Network Securities

    (Partnership; 1-10 employees; Computer & Network Security industry)

    July 2002July 2003 (1 year 1 month)

    Co-founder of Solstice Network Securities, a company created to serve Western Michigan University (WMU) and the surrounding area with computer security advisory services. Performed vulnerability assessment and penetration testing along with detailed design analysis of client networks and applications. Conducted research into bypassing Intrusion Detection Systems. Helped to create a more security aware community at WMU thru community projects, including an online security guide, for which we received WMU’s James Sleep Award for the most Outstanding Community Project related to Computer Science.

  • Lead Database Programmer

    Auxiliary Enterprises

    (Non-Profit; 11-50 employees; Computer Software industry)

    September 2001April 2003 (1 year 8 months)

    Worked with a team of goal-oriented programmers focused on establishing an effective web presence for twenty-seven managed departments. Responsible for developing and maintaining dynamic, database-driven web applications using ASP and SQL Server 2000. Designed, developed, and delivered a database for a web application that saved the WMU Bookstore four weeks worth of manpower. Initiated an effort to improve security and prevent attacks against the company’s two web servers and database server. Created and implemented policies to support security requirements.

Nathan McFeters’s Education

  • Western Michigan University

    Masters of Science , Computer Science, Theory and Analysis , 20002005

  • Jackson Community College

    A.S. , Computer Science , 19982001

Additional Information

Nathan McFeters’s Websites:

Nathan McFeters’s Interests:

my beautiful fiance and our hilarious daughter, blogging, new tech, acoustic guitar, my new Fender Strat, travel, snowboarding, PS3, the beach, great beer

Nathan McFeters’s Groups:

CISSP. SANS GSEC, SANS GWAS, HackInTheBox Malaysia 2007, Black Hat Speakers

  •    Certified Information Systems Security Professionals (CISSP)
  •    Obama for America
  •    The Security Catalyst Community
  •    Black Hat Speakers
  •    Black Hat
  •    Information Security Community
  •    Speakers and Panelists
  •    DEFCON
  •    Western Michigan University Alumni.
  •    No More Free Bugs

Nathan McFeters’s Contact Settings

Interested In:

  • career opportunities
  • consulting offers
  • new ventures
  • job inquiries
  • expertise requests
  • reference requests
  • getting back in touch

View Full Profile

Public profile powered by: LinkedIn

Create a public profile: Sign In or Join Now

View Nathan McFeters’s full profile:

  • See who you and Nathan McFeters know in common
  • Get introduced to Nathan McFeters
  • Contact Nathan McFeters directly

View Full Profile