4885A McKnight Road, PMB 503, Pittsburgh, PA 15237-3400
+1 (218) 837-6000 | jjc@pobox.com
Download Resume: [Short Version] [Long Version]
Summary | Twenty-five years of experience in information technology and security as a technical practitioner, team leader, and technical and product manager. Thrive in leading technical teams in addressing technical and security challenges in complex, changing environments. Strive to meet customer goals and needs. |
Capabilities |
|
Work Experience |
CERT Coordination Center, Software Engineering Institute at Carnegie Mellon University, 1995-present Created in 1988 after the first major internet worm, the Morris Worm, the CERT/CC works globally with those with national or economic security or critical infrastructure protection missions to protect critical systems, data, and infrastructure from cyber attacks. It focuses on technical issues relating to internet security by focusing on helping technology professionals better manage and defend their information technology and assets, and working with vendors to address security issues at the end of the software development life cycle. Technical Manager of the CERT/CC (2000-present) Grew and managed a group from 10 to 32 employees ($4M to $12M/year budget) that is focused on working with industry, government, and academia to protect national and economic security and critical infrastructure by helping technology managers better protect their IT assets and manage cyber security risk.
Computing and Information Services (Computer Center), University of Pittsburgh Systems Analyst (1988-1995)
|
Education | University of Pittsburgh, B.S. in Computer Science, December 1989 |
Community Involvement | Berkeley Hills Fire Company, Ross Township, Allegheny County, Pennsylvania. Life member, firefighter, fire police officer (1986-present). President (1989-1991, 2010-present), Director (1988-1998,2002-present), Recording Secretary (1988-1989,1991- 1997,2002-2009). Manage the business affairs of a fire company with 50 members, five pieces of apparatus, 1500 calls per year, and a $250,000 budget. |
Other Interests | Technology, telecommunications, amateur radio (W3JJC - amateur extra), parliamentary procedure, reading, British political history. |
Selected Papers and Presentations |
Establishing a National Computer Security Incident Response Team, John Haller, Jeffrey Carpenter, and Julia Allen. A podcast in CERT’s Podcast Series: Security for Business Leaders, August 19, 2010. Tackling Security at the National Level: A Resource for Leaders, Jeffrey Carpenter and Julia Allen, August 7, 2007. Practical and Procedural Methods for Protecting Against Cybercrime and Cyber Fraud, and What’s next: Developing an Egyptian Computer Emergency Response Team Center, Jeffrey Carpenter. Electronic Signature And Information Security Conference; Cairo, Egypt, 2006. Vulnerabilities and Software Assurance, Jeffrey Carpenter. CN-CERT Conference; Beijing, China, 2005. Public-Private Cooperation in operation and Functions of CSIRTs, Jeffrey Carpenter. Organization of American States, Inter-American Committee Against Terrorism, Meeting of Government Cyber Security Practitioners; Sao Paulo, Brazil, 2005. Incident Handling and Network Monitoring, Jeffrey Carpenter. APEC TEL Incident Response and Forensics Workshop; Hong Kong, 2004. Creating a National Alerting and Reporting Service,, Nienke van den Berg, Jeffrey Carpenter, and Graham Ingram. FIRST Conference; Ottawa, Canada, 2003. CSIRTs: USA Experience and Future Trends, Jeffrey Carpenter. APEC TEL 27; Kuala Lumpur, Malaysia, 2003. Vulnerability Handling: Analysis, Coordination, and Ethical/Legal Issues, Jeffrey Carpenter. AusCERT Conference; Gold Coast, Australia, 2003. ISP Security Issues, Jeffrey Carpenter. OPASTCO ISP Workshop; Chicago, Illinois, April 12, 2002. Computer Security Issues that Affect Federal, State, and Local Governments and the Code Red Worm, Jeffrey Carpenter. Testimony before the House of Representatives Committee on Government Reform, Subcommittee on Government Efficiency, Financial Management and Intergovernmental Relations, August 29, 2001. CERT Advisory CA-2001-11 sadmind/IIS Worm, Chad Dougherty, Shawn Hernan, Jeff Havrilla, Jeff Carpenter, Art Manion, Ian Finlay, John Shaffer. Published May 08, 2001. CERT Advisory CA-2000-03 Continuing Compromises of DNS servers, Jeffrey Carpenter. Published April 26, 2000. Welcome To The Big City: Incident Reporting Helps the CERT™ Coordination Center Keep Pace with a Rapidly Expanding Internet, Jeffrey Carpenter. USENIX ;login: Magazine, published November 1999. BIND Activity of March-June 1998, Jeffrey Carpenter and Shawn Hernan. FIRST Conference; Brisbane, Australia, 1999; and NISSC; Washington, DC, 1999. Will the Real Owner of this IP Address, Please Stand Up? Jeffrey Carpenter and Brian Dunphy. Presented at the FIRST Conference; Brisbane, Australia, 1999. Infrastructure: A Prerequisite for Effective Security, Bill Fithen, Steve Kalinowski, Jeffrey Carpenter, and Jed Pickel. USENIX LISA; Boston, MA, 1998. Tackling the Infrastructure Problem, Jeffrey Carpenter and Jed Pickel. FIRST Conference; Monterrey, Mexico, 1998. How the Domain Name System (DNS) Plays a Role in Incident Response, Jeffrey Carpenter and Brian Dunphy. FIRST Conference; Monterrey, Mexico, 1998.
|