Professional Documents
Culture Documents
Ruggieri
114 Clear Creek LN (205)405-5814
Ashville, AL 35953 cruggieri@phoenix-comp.com
https://www.phoenix-comp.com
Summary of Qualifications:
Technical Skills:
Computer Hardware: Personal Computer, HP Blade Servers, Dell Servers, NetApp Storage,
Networking Hardware: Cisco ASA Series with the FirePower Module, Dell SonicWALLs, Cisco
(OSPF and EIGRP) some experience with BGP routing (mainly BGP Hijacking) and HP Switches,
Wireless Access Points (AeroHive, SonicWALL, Meraki, and Cisco), Synology NAS devices, NetAPP
SAN devices
Operating Systems: DOS, Windows95/98, Windows NT, Windows 2000, Windows Server
2003/2008/2012/2016/2019, Windows Operating Systems (XP, Vista, 7, and 10), Linux (Mint, Ubuntu,
CentOS, RHEL), Kali, Hyper-V, Citrix, and VM-Ware
Enterprise Applications: Exchange Server, SQL Server, Footprints (and Remedy) and some SAP
administration, Fluke NetFlow, SolarWinds, some Nagios, System Center Configuration Manager
(SCCM), CyberArk, Ping Identity, QRadar SIEM, Nessus, Tenable IO, Rapid 7 InsightVM, Snort,
Security Onion, some ServiceNOW
Christopher T. Ruggieri
114 Clear Creek LN (205)405-5814
Ashville, AL 35953 cruggieri@phoenix-comp.com
Programming Languages: Visual Studio 2008, 2013, 2019 (VB, C#, ASP, .NET), Python, Bash,
JavaScript, Powershell scripting
Penetration Testing/Digital Forensics Software: Kali, SIFT, CSI Linux, OWASP, MSF Framework,
BurpSuite, Radare2, IDA, Ghidra, WAPpalyzer
Governance Frameworks: COBIT 4 & 5, COSO, PMBOK, and ITIL
Compliances: PCI-DSS, FISMA, CJIS, GLBA, HIPAA, and SOX
Education
Professional Experience:
Performed weekly to monthly internal and external penetration tests, both “blind” and using the
vulnerability scans to confirm or exclude as false positives the vulnerabilities found during the
scans
Performed PCI-DSS “Pre-Checks” Monthly (EVS scans, External Penetration Tests, Vulnerability
Reporting and Management)
Performed Web Application Penetration Tests on Internal-Only Web Apps
Perform Bi-Monthly Penetration Tests on our Staging environment (E-Commerce Site hosted in
SFCC)
Performed limited Penetration Tests on Mobile Applications
Analyzed and tracked reports of inappropriate use of technology and company/personal
information, including information security incidents, and participated in the investigation and
resolution of such incidents.
Designed, deployed, and administered network and application security controls such as intrusion
detection/prevention, vulnerability scanning, log reporting and correlation, web application
scanning, endpoint protection, securing wireless networks, access controls and encryption
capabilities.
Identify and define system security baseline requirements.
Design system security architecture and develop detailed security designs.
Proactively mitigate risks to the organization from emerging threats by maintaining knowledge of
current technology, issues and best practices related to information and systems security.
Plan and execute security assessments such as internal and external network penetration tests,
network vulnerability scanning, website vulnerability assessments, and others. Report findings
and assist with development and completion of any remediation plans necessary.
Develop technical solutions and new security tools to help mitigate security vulnerabilities and
automate repeatable tasks.
Utilize IT Security tools to monitor and research potential information security issues related to
the systems at the organization to ensure internal security controls are appropriate and operating
as intended
Christopher T. Ruggieri
114 Clear Creek LN (205)405-5814
Ashville, AL 35953 cruggieri@phoenix-comp.com
Ensure organization's information technology policies are appropriate, achievable, and followed.
Participate in developing and administering appropriate sensitive information handling and
storage practices.
Participate in the handling and resolution of cyber incidents.
Protect the company’s assets and financial information by ensuring the accuracy and
effectiveness of internal control procedures and informing management and/or appropriate
officials of potential fraud risk.
Implemented CyberArk Privileged Account Management and Privileged Session Manager
Created integration between Tenable.IO and ServiceNOW’s CMDB (custom script collating
output from several different API endpoints, provided script to Tenable to improve their Tenable
for Assets ServiceNOW plugin)
Designed and began implementation of an Automated Vulnerability Management system
(Tenable.IO > ServiceNOW > BigFix > QA > CAB > Production Deployment)
Managed SSO configurations with both Ping Identity, On-Premises ADFS, and Azure ADFS
Architected and implemented an Automated Account Lifecycle Management system (joiners,
movers, and leavers) converting to a hybrid Role-Based and Policy-Based Access Control Model,
including implementing Dynamic Groups in Azure AD to automatically add users to their
appropriate groups based on attributes provided by Workday’s APIs
Implemented Zscaler Internet Access and Zscaler Private Access and introduced micro-
segmentation at Layer 7 using ZPA’s Access Controls
Secured 1100 Store locations and 3 data centers with a team of two.
Assisted in the Upgrade of Cisco Call Manager and Cisco Unity VOIP and Unified Messaging
Systems
Acted as the Primary contact for Microsoft Exchange and developed an Upgrade Plan for the
Exchange Environment
Replaced Cisco Wireless Controller and APs with AeroHive Cloud Managed APs
Auditing current security posture to recommend changes
Provide backup support for the Network Manager, Telecom Manager, and Desktop Support
IT Analyst 2014-2015
Southern Company (3-month contract extended to 8 months) Birmingham, AL
Provided Front-Line IT Support for All Southern Company OPCO’s
Maintained Higher-than-Average Results with a 97%+ Customer Satisfaction rate
Coded Several Automated Fixes for Common Problems using Incident Management using Remedy
IT Specialist 2013-2014
Zorlu Manufacturing Co. LLC. (3 month contract extended to 5 months) Sandersville, Ga
Monitored and administered Enterprise level Network operations and services including new
SonicWall NSA 220 Firewall configurations with VPN between Sandersville and New York.
Managed SAP R/3
Performed Vulnerability Assessment and Penetration Testing on both Sandersville and New York
networks
Developed a new technology asset inventory management system in ASP.Net