Charles V. Frank, Jr.

  • Sr. Cloud Architect
  • Parsippany, NJ
  • Member Since Mar 19, 2023

Candidates About

 

Charles V. Frank, Jr.

 

Objective

To apply advanced cyber security principles and techniques focused on working with application and development teams to institute standard security controls and industry best practices integrated into project life-cycles.  Apply cutting edge techniques and systems to help protect the confidentiality, integrity, and availability of corporate systems and data.

 

Educational Experience

Dakota State University (DSU)

Doctor of Science in Cyber Security

Research Interests: IoT Botnets, Malware, Reverse Engineering

To Be Awarded in 2019

James Madison University (JMU)

Master of Science in computer Science with concentration in INFOSEC

Thesis: SID: SQL Injection Detection

Awarded: May, 2004

East Stroudsburg University (ESU)

Bachelor of Science in Computer Science

Awarded: May, 1991

 

Cyber Security Experience

·         RE (Reverse Engineering) with IDA Pro and WINDB for Malware, Software Vulnerabilities, User Land Programs and Kernel Land Programs

·         Use of various tools for advanced analysis such as Bromium EDR, Virus Total, and Malwr.com

·         Static code analysis of C programs and custom scripting with PYTHON

·         Expert knowledge of IoT Botnets, extensive experience setting up Mirai Botnet, and static code analysis of the Mirai Real Time Loader

 

Cloud Experience

·         Hands on experience in Data and Application Security on Microsoft Azure cloud platform and experience in working on Azure Active Directory, FIM (Forefront Identity Manager), ADUC (Active Directory Users Computers), Azure Security Center

·         Expert knowledge in Activity logging and Diagnostics

·         Experience in migrating enterprise application(s) to the Cloud such as SAP and Oracle

·         Thorough understanding of application level security mechanisms for different technologies and good understanding of network security related to Azure, such as Virtual Networks (VN), UDR (User Defined Routing) and Next Gen Firewall as well as advanced topics such as SIEM (Security Incident Event Management) and EDR (Endpoint Detection Response)

 

Refereed Publication

Charles Frank, Corey Nance, Sam Jarocki, and Wayne E. Pauli.  Protecting IoT from Mirai botnets; IoT device hardening.  In Proceedings of the Conference on Information Systems Applied Research (CONISAR).  November 2017.  http://proc.conisar.org/2017/pdf/4518.pdf

 

 

 

BLOG

IOT BOTS | Mirai BOTNET

https://iotbots.wordpress.com/

 

White Paper

Integrating MSFT SYSMON with SPLUNK to detect TESLA CRYPT RANSOM WARE.

www.linkedin.com/in/charles-frank-3b9a9426

 

Google Book

SID: SQL Injection Detection

A proxy server that utilizes a genetic algorithm with zero advanced knowledge to detect and stop SQL Injection attacks.

http://books.google.com/books/about/SID.html?id=JI1zNwAACAAJ

 

PYTHON GITHUB Repository

https://github.com/infosecchazzy/

 

Work Experience

Jun 2017 – Nov 2017, InfoSec CISO Executive, EY, Secaucus, NJ.

Primary focus on the security controls and mitigating risk for the EY Mercury program.  A POC document approval for CyberArk for password account vaulting and a detailed guideline for implementing logging within SAP for ONAPSIS Threat Detection and Response and SPLUNK SIEM.

·         CyberSecurity Advisor to Assistant Director

·         Consultant for POC approval for CyberArk password vaulting

·         Detailed guideline to implement SAP logging integrated with ONAPSIS Threat Detection and Response and SPLUNK SIEM.  Consultant for POC.

·         WAF (Web Application Firewall) operations document

·         Approval of firewall requests thru WAF

 

Jan. 2017 – April 2017, Sr. Cloud Architect, HCL, Client: Ascensia, Parsippany, NJ

            As the Sr. Cloud Architect, created Azure SQL (PaaS) with firewalling and logins.  Migrated systems utilizing Azure SQL.  Presented a new security architecture consisting of audit activity, diagnostic logging, and virtual network appliance for firewalling.  For internet access to applications, WAG (Web Application Gateway) with WAF (Web Application Firewall) with OWASP 3.0 was presented for application layer security.  Azure Application Security (CASB) was researched and presented to secure the cloud at the application layer as well as to detect threats.

·         Review current Azure Cloud Architecture to determine improvements in security

·         Proposed New Secure and Elastic design for Azure to upper management

·         Developed Sharepoint project plan for Application Migrations into Azure for PTO (Permit to Operate), PTT (Permit to Test), PTP (Permit to Production)

·         Azure Application Security (CASB) to monitor application usage within Azure

·         AZURE SQL (PaaS) with firewall to utilize PaaS

·         WAG (Web Application Gateway) to allow remote access thru the internet to the application

·         WAF (Web Application Firewall) to perform application layer security from Internet access

·         IIS configuration for allowing web access to application via HTTPS

·         Migration of applications into AZURE for split from Bayer to Ascensia

 

Feb. 2014– Sept. 2016, Lead Azure Security Architect, Becton Dickinson Franklin Lakes, NJ

            Teamed up with Microsoft consulting services and Microsoft India DevOps, developed security services layer as well as network segmentation consisting of a Web layer, SAP applications layer and SQL Server (IaaS) layer.  All traffic routed thru Barracuda Virtual Firewall appliance for IDS/IPS.  Developed extensive automation for subnet cloning.  Responsible for all aspects of the project.

·         Responsible for project plan and all operational tasks in AZURE

·         Lead Security/ Operational Engineer / Architect for AZURE Cloud

·         Expert knowledge of POWERSHELL, PYTHON, C/C++

·         Powershell runbooks to clone VM, clone disks, cloud automation

·         400+ VMs in Azure, 60+ Premium Storage VMs

·         Premium VM for SQL Server DB (IaaS)

·         Conversion of CLOUD SERVICES to the new RESOURCE GROUPS

·         Resource Groups allow for parallelization and faster cloning of VMs

·         Conversion of old storage to new PREVIEW STORAGE

·         VM, VNET, INTERFACE, SECURITY resources in RESOURCE GROUPS

·         Multiple Subscriptions, Multiple Subnets

·         All subnet traffic routed thru Barracuda Firewall for IDS and IPS

·         AUTOMATION via RUNBOOK and POWERSHELL

·         Use of TEMPLATES for automation

·         RUNBOOKS for cloning subnets, creating VMs, starting/stopping VMs

·         Custom RUNBOOK for backup/restore PREMIUM VMS 

·         BACKUP VAULT for non-premium VMS

·         BACKUP VAULT for PREMIUM VMs

·         BACKUP VAULT for RESOURCE GROUPS

·         Administration of MICROSOFT SQL SERVER

·         Administration of Remote Applications in each subnet

·         Administration of Active Directory with ADUC

·         Patch Management for All Windows Servers 

·         Administration of BARRACUDA Firewall within Azure

·         Role Based Access Control for PREVIEW PORTAL

·         Migration of TERRABYTES of SAP data into SQL SERVER

·         Problem resolution for SAP migration

·         Mentor for Cloud Azure Project and junior members

 

June 2012 – Feb. 2014, Lead Technical Basis Admin., Mercedes Benz  Montvale, NJ

            Responsible for the archiving mandate for all of Mercedes Benz, consisting of the largest migration project to-date for SAP.  Developed archiving architecture with ILM (Identity Lifecycle Management).  Developed sharepoint site for project deliverables and presented archiving project to upper-management.

·         Project coordination with MB-USA, MB-GERMANY, MB-INDIA

·         Administration of SAP on VMWARE

·         PoC for MB Archiving Mandate: SARA, PBS, SAP ILM

·         Upgrade to SOLMAN 7.1 with SWPM

·         Performance analysis of ECC 6.0 and PI on SOLARIS ZONES

·         Oracle 11G performance Tuning / SAP performance tuning

·         Supervision and performance analysis of Oracle 11G Compression

·         Technical Lead for Archiving Architecture Project

·         Performance Analysis of JAVA AS and JAVA Garbage Collection

·         Daily Basis Administration tasks

 

June 2011 – June 2012, LEAD SAP Migration Engineer, SAP Migration Factory, IBM Remote

            Developed DOU (Documents of Understanding) and project plan for customers migrating on-premises SAP systems into IBM platform.  Developed architecture for new platform as well as migration of the SAP system consisting of ORACLE RDBMS.  Mentored junior members.

·         Interaction with resources from: USA, CANADA, India, China, Poland

·         Migration of SAP into IBM Virtualized Cloud

·         Performance Analysis of LPARS and VIO

·         Installation of ORACLE RAC into LPAR along with performance tuning

·         Lead Migration Engineer on GOM project

·         Migration from HPUX to LPARS and VIO

·         Provided technical guidance to SAP Migration Engineers

·         Developed Migration Documentation utilized by migration team

·         Oracle 11G installation / ORACEL 11G parameter settings / AIX Clustering

·         Oracle 11G Bundle Patch application with MOPATCH

·         Technical Advisor for MDM and PI migration for Miller Coors

·         SQL Server migration in windows cluster

·         Developed Project Plans for several clients for SAP/Oracle migrations

·         Developed DOUs (Document of Understanding) for several clients for SAP/Oracle migrations

 

March 2007 – Sept. 2011, Cloud Lead, US ARMY   Dover, NJ

            Team lead supervising 10+ administrators.  Determined new cloud platform.  Architected and engineered the cloud, including the security layer, web layer, application layer, and database layer.  Developed the migration plan to the new cloud.

·         Interaction with SAP-Germany and SAP-Israel and Pentagon

·         Lead team of 100+ into a secure private SAP cloud

·         Configuration of LDAP in XENSERVER REDHAT LINUX

·         STIG REDHAT Linux VM for VM Template

·         System OS/DB migration from SOLARIS/ZONE/Oracle 10G into LINUX/XENSERVER/ORACLE 11G: ECC,PI,BI,SRM,GRC,EP,SOLMAN,CUA

·         System OS/DB migration of ECC 6.0 from Linux/XENSERVER/Oracle in Penn State ARL (Applied Research Lab) to Windows/VMWARE/Oracle

·         System OS/DB migration of PI 7.1 from Linux/XENSERVER/Oracle in Penn State ARL (Applied Research Lab) on Windows/VMWARE/Oracle

·         More than 100 VM migrations to different platforms (DEV,TST,QAS,STG,PRD)

·         OS/DB migrations of multiple ORACLE Terabyte Databases

·         All Oracle DBA functions

·         All SAP Basis functions

·         All Unix/Linux Admin functions

·         All XENSERVER virtualization functions

·         Expert SAN knowledge / coordination of SAN configuration

 

March 2006 – March 2007, Lead SAP Administrator, Wyeth Pharmaceuticals Malvern, PA

·         Developed Security Design for Wyeth Bio-tech

·         Utilized SAP GRC for all security/role development

·         RBAC with transaction pfcg

·         Resolved SOX and Part 11 compliance issues

·         Developed security from EP

 

July 2005 – March 2006, SAP Basis Administrator, ESSROC    Nazareth, PA

·         All Basis functions

·         All Security functions

·         Windows Administration

·         SAP supported on AS400 with DB2

 

June 2003 – July 2005, Lead SAP Administrator, Purdue Pharma  West Patterson, NJ

·         All Basis functions

·         All Security functions

·         HP-UX administration

·         Oracle Administration

 

May 2002 – June 2003, SAP Administrator, Becton Dickinson   Franklin Lakes, NJ

·         All SAP Security functions

·         Developed roles with pfcg

·         Developed Perl IDS (Intrusion Detetction System) which runs on all SPARC/Solaris servers

 

June 1998 – Aug. 1999, SAP Basis Team Lead, RCM Technologies   Westfield, NJ

·         All SAP Basis functions

·         ALL SAP security functions

·         SAP supported on Windows OS

·         MS SQL server administration

 

May 1995 – July 1997, Client/Server Specialist, American Standard Inc.  Piscataway, NJ

·         All SAP Basis functions

·         ALL SAP security functions

·         Unix Admin.

·         Windows Admin.

·         Oracle Admin.

·         MS SQL Server Admin

.

Jan. 1992 – May 1995, Information Management, AT&T   Parsippany, NJ

·         C programming

·         Unix Administration

 

 

Technical Skills

·         In-depth Programming knowledge in many languages

·         Excellent understanding of SDLC (Software Development Lifecycle)

·         Very strong in securing public clouds, especially Microsoft Azure (IaaS, PaaS, SaaS)

·         Very strong in algorithmic design and performance analysis

·         Knowledge of reverse engineering with IDA Pro and reversing RANSOMEWARE

·         Knowledge of EDR (Endpoint Detection Response)

·         Knowledge in Application Layer attacks

·         Experience with Vulnerability scanners such as Retina, Nessus, and NMAP

·         Strong Cyber Security Background

·         Expert knowledge in IoT Mirai botnet

·         Expert knowledge of SAP ERP and databases