John H. Sawyer, Senior Security Engineer
Biography
John H. Sawyer is a Florida-native who moved to Gainesville in the Fall of 1997 to attend the University of Florida's College of Business Administration where he received a Bachelor's of Science in Decision and Information Science in May of 2000.
John began working for UF in Fall of 1997 in an effort to pay for school without incurring student loans. His first job involved digital scanning of slides for the Environmental Horticulture department where he quickly learned more about computers and began taking on additional duties such as web design, desktop support and computer repair. After graduating from UF in 2000, he stayed with Environmental Horticulture working full-time managing their Windows NT4 domain and providing all aspects of desktop support.
While employed by and attending UF, John began researching computer security topics and learning about open source operating systems such as Linux and OpenBSD. Using open source security tools on Linux and OpenBSD, he developed a skill set that included network reconnaissance, vulnerability assessment, intrusion detection and incident response.
Those skills and experience working on campus led the UF Institute of Food and Agricultural Sciences (IFAS) to hire him as the Systems Security Engineer for their campus and statewide network in October 2003. John spent almost two years providing guidance for security issues, incident response and intrusion detection while managing a centralized antivirus and patching solution for approximately 5,000 users throughout Florida.
The most recent career advancement occurred in August 2005 as he joined the UF IT Security Team as an IT Security Engineer. His duties include intrusion analysis, incident response, digital forensis and various security related projects.
John is a Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH #631), Firewall Analyst (GCFW #413) and Forensic Analyst (GCFA #257). He is a member of the SANS Advisory Board and has spoken for the past four years at the Florida Association of Educational Data Systems (FAEDS) on incident response and malware analysis. John also is an active freelance writer for Network Computing and Dark Reading Security Insider.
John lives in Gainesville with his wife Sarah and two young children. When he isn't sitting in front of his Apple Powerbook, John spends his free time with his family traveling, going to the movies and spending quality time together.
Job Description
Maintain information security awareness of legislation, policies, trends and standards relating to IT security. Evaluate, inspect, investigate and maintain network security control systems, vulnerability and scanning hardware and software, and incidents. Assist with the design, implementation and maintenance of the intrusion detection system, as well as monitor the IDS for suspicious activity. Resolve incidents through proper incident handling and forensics. Assist with and maintain security website. Perform risk analysis through vulnerability assessments and penetration testing. Provide security awareness and training to university personnel.
Updated: February 2007
