John B. Baird
Computer Forensic Portfolio
Open to relocation
johnbairdpc at gmail dot com
Real Digital Forensics Computer Security and Incident and Response - Keith J. Jones, Richard Bejtlich, Curtis W. Rose
Computer Forensics and Essential Guide for Accountants, Layers and Managers - Michael Sheetz
Essentials of Criminal Law - Neil C. Chamelin, Andrew Thomas
Criminal Justice Today: An Introductory Text for the Twenty First Century - Frank J. Schmalleger
Criminal Investigation Basic Perspectives - Charles A. Lushbaugh, Paul B. Weston
Constitutional Values: Governmental Powers and Individual Freedoms - Daniel E. Hall, John P. Feldmeier
State and Local Government: The Essentials - Ann O’M. Bowman, Richard C. Kearney
Managing eDiscovery and ESI: From Pre-Litigation to Trial - Michael D. Berman, Courtney Ingraffia Barton, Paul W. Grimm
Information Security Principles and Practices - Mark Merkow, Jim Breithaupt
John B. Baird
Bradenton, FL 34207 • 941-363-1144 • johnbairdpc at gmail dot com
Open to relocation with ten years of information technology experience. Proficient with a variety of IT tools and techniques used in collecting, analyzing and reporting on electronic / digital evidence of criminal cases. Available for security clearance, effective communicator and a fast learner of new emerging technologies.
Bachelor’s of Applied Science, Digital Forensics
Champlain • 2018
SKILLS AND QUALIFICATIONS
• Forensic Techniques: Evidence preservation, imaging, hash computation, evidence investigation, network analysis, intrusion detection, eDiscovery, file carving, signature analysis, encryption, stenography, legal precedence, forensic report writing, EnCE EnCase Certified Examiner (in progress)
• Forensic Tools: EnCase (Enterprise), FTK, Oxygen Forensics, WireShark, HashTool, Backtrack, Autopsy, Snort, Cellebrite, XRY, Volatility, FTK Imager, RegRipper, Oxygen Forensics
• Malware Techniques: Hash identification (static & dynamic), virtual sandbox creation, command & control (C&C) identification, incident of compromise (IOC) / attack vector analysis, registry shellbag examination, report writing
• IT Techniques: Adding and removing hardware, building PCs, network cabling, racking servers, router and switch programming, VoIP installation, malware / virus removal, operating system installation, virtual machine imaging, account permission managing, Windows PowerShell, macOS terminal
• IT Tools: VMWare Enterprise, Exchange, MySQL, TrueCrypt, Lotus Notes, Avaya, Merlin, VMWare Fusion, Google Apps, McAfee Virus Scan Enterprise, Bombard, BMC Remedy ticketing, FakeNet, Microsoft Attack Surface Analyzer, NetworkMiner
• Operating Systems: Windows, macOS (OS X), Linux Ubuntu, Linux Backtrack, TailsOS (Linux), iOS, Android, Windows Phone
DIGITAL FORENSIC EXPERIENCE
John Baird PC, Bradenton, FL • Digital Forensic Consultant, Self-employed • 2014 - Present
Advise clients, including law firms and physician groups, whether a situation they were involved in would benefit from digital forensic examination. Provide clients with a written report detailing if a forensic examination would be beneficial or hurtful to their legal situation. Forensic consulting experience includes employee sexual harassment to intellectual property theft.
Learning iOS Forensics • Book Contribution, Packt Publishing • 2014 - 2015
Assisted authors Mattia Epifani & Pasquale Stirparo with their mobile forensic book, "Learning iOS Forensics", published in 2015. Areas of contribution include iOS version differences, iPhone hardware encryption details, Jailbreaking history / techniques and mobile examination general techniques (Cellebrite).
Intern, Remote • Computer Forensic Examiner • 2011 - 2012
Performed digital forensic tasks on criminal cases under supervision through college including verifying hash values (SHA-1, MD5), compiling information for § 2703(f) subpoenas of internet companies (Google, Verizon, etc), performing information gathering of data requested, examining forensic examinations using EnCase and FTK, HashTool, RegRipper, FTK Imager and compiling interim report. Recovered hidden and deleted data and worked with encrypted evidence using TrueCrypt. Network forensic examination was completed using Linux Backtrack, WireShark and Snort on a criminal case involving network intrusion of a Linux server.
INFORMATION TECHNOLOGY EXPERIENCE
John Baird PC, Bradenton, FL • IT Technician, Self-employed • 2002 - Present
Professionally serve technical needs of residents and businesses for companies such as Raymond James Financial Services. Work with operating systems such as Windows, Windows Server, macOS (OS X), Linux, iOS, Android and Windows Phone. Create tailored training for individual users as well as groups using PowerPoint, Keynote and Google Apps. Consulting companies on future technology deployment. Install various wireless and wired networks using products from HP, Cisco, Dell and Apple. Perform threat assessment and implemented security against malware and viruses using products such as F-Secure, Malware Bytes and resources such as Virustotal. Install hardware upgrades, repairs and built custom computers.
Intern, Remote • Malware Analyst • 2011
Analyzed a criminal malware incident under supervision through college involving a keylogger malware variant. Created safe sandbox environment in a VMWare virtual machine, identified possible incidents of compromise (IOC's) using ProcessMonitor, ProcessExplorer, Microsoft Attack Surface Analyzer, used HashTool to generate SHA-1 hash value for malware identification, identified the command and control (C&C) server using FakeNet, NetworkMiner and compiled a malware analysis report.
Wells Fargo, Lakeland, FL • Contractual Network Administrator • 2011
Administrated on-site network support and server racking for Wells Fargo branches in multiple cities throughout Florida for Wachovia-to-Wells Fargo transition, contracted through Robert Half Technologies. Physically uninstalled rack servers, rewired patch cables, organized patch bays, ran PowerShell scripts, software and driver updates on new servers from brands such as HP, Cisco, Lenovo. Used Lotus Notes for notation and utilized MySQL for SQL management.
Smith & Nephew, St. Petersburg, FL • Contractual Incident Response & Help Desk • 2011
Supported incident response team during a zero-day malware outbreak affecting computers of 300+ enterprise users connected via WAN, contracted through Robert Half Technologies. Worked with BMC Remedy ticketing system and McAfee Virus Scan Enterprise to follow the instructions of incident response lead for removing infection and / or restoring clean images of Windows. Also served as help desk support, primarily connecting Avaya VoIP phone hardware and infrastructure.
AOL, Tampa, FL • Help Desk Support Tier III • 2010 - 2011
Effectively provided tier 1, 2 & 3 technical support, contracted through Computer Generated Solutions, for AOL server and client user issues using software VoIP Avaya, document using Lotus Notes, remote desktop management and virtual machine tools. Utilized Bombard for remotely controlling computers, Merlin for database entry and VMWare Enterprise for remotely running tools. Operated in a fast-paced, metrics-driven environment ensuring no customer privacy violations occurred and quality assurance guidelines were met every week.