Erick Rudiak
Professional
summary:
  • Global responsibility for corporate network infrastructure security of Hewitt Associates, an HR Outsourcing and Consulting firm with $2.8B in annual revenue, over 25,000 employees and over 100 offices worldwide. 
  • Regularly consulted with clients and firm executives, defining and articulating Hewitt's network and application security posture and mapping it to clients' needs and priorities. 
  • Formulated, published, implemented, and enforced corporate technology risk management methodology, encompassing all areas of technology and application development. 
  • Championed use of best-of-breed open source technologies to construct scalable network security platform, resulting in over $1M annual savings over equivalent commercial offerings.
  • Over nine years of experience cultivating and leading a highly technical team, incorporating operational, research and development, and auditing skills. Hewitt Leadership Group and Technology Governance Board member since 2006. 
Technical
skills:
  • IP Networking: TCP/IP, RIPv1/RIPv2, DHCP, HTTP (Apache 1.x and 2.x), DNS (ISC BIND), SMTP (sendmail, greylisting), network load balancing (F5 BigIP, 3DNS, HAproxy), systems performance monitoring and troubleshooting (cricket, MRTG, tcptrace)
  • UNIX: Solaris (2.6, 7, and 8), OpenBSD, Bourne shell and awk scripting, sudo, cfengine, host-based IDS (snort, samhain), C programming
  • Network security: proxy and stateful inspection firewalls (squid, OpenBSD pf, IPFilter), Network IDS/IPS (snort, McAfee Intrushield), vulnerability scanning (Nessus, CORE impact, amap, nmap), RSA SecurID


Professional Accomplishments:   Hewitt Associates  Lincolnshire, IL                  (1997 - present)
  Deputy Chief Information Security Officer             2007-
  Network Security Cluster Manager                      2005-2007
  Network Security Group Manager                        1999-2005
  Network Security Analyst                              1997-1999

  • Established network security practice, covering global operations, engineering, testing and verification, and customer relationship domains.
  • Authored corporate-wide network security policy.
  • IS Leadership Team member since 2004.
  • Designed and implemented secure, repeatable network connectivity model for 200+ private intercorporate IP connections.
  • Maintained consistent security posture while engineering integration of corporate network throughout three substantial corporate mergers and acquisitions.
  • Developed, deployed, and maintained cross-platform intrusion reporting system.
  • Designed and maintained Internet edge and DMZ infrastructure supporting flagship customer-facing applications, incorporating best-of-breed commercial and open-source technologies to deliver defense-in-depth security while maintaining high throughput and availability.
  • Adapted and expanded network edge design to support new multi-process outsourcing business model.
  • Audited and evaluated security risks in corporate networks, commercial applications, and internally-developed web sites.
  • Developed custom workflow engine for firewall change management, enabling auditable revision control and peer review for all policy and configuration updates.
  • Developed, deployed, and maintained secure centralized management and monitoring methodology for 300+ Solaris- and OpenBSD-based proxy and stateful inspection firewalls. Use of open source technologies currently results in over $1M annual cost savings.
  • Promoted, defined, and enforced secure application coding practices.
  • Spearheaded use of TLS for encrypted delivery of corporate electronic mail across public networks.
  • Defined and executed spam reduction strategy, lowering overall SMTP spam volume by more than 50%.
  • Established and enforced the use of sudo and SSH as corporate standards for UNIX system access and management.
  • Developed utility and methodology for auditing superuser access to critical systems.
  Hewitt Associates  Lincolnshire, IL                  (1993 - 1997)
  UNIX Systems Programmer

  • Responsible for converting flagship MVS-based OLTP application to run on Pyramid DC/OSx using UNIKIX, Oracle, and a Solaris-based SNA gateway, demonstrating mainframe-to-UNIX portability.
  • Established UNIX Technology group, growing from one person in 1993 to three in 1997.
  • Responsible for supporting 50+ Solaris, AIX, Pyramid, and Siemens-Nixdorf UNIX servers.
  • Architected Internet-based delivery model that enabled self-service access to mainframe-based benefits recordkeeping application.
Education:   Northwestern University  Evanston, IL                  1993
  Bachelor of Science in Electrical Engineering