Curriculum Vitae – Eideard “Ted” Mac Daibhidh, C.D.

18 Sampson Street, Ottawa, Ont.

Canada K1V-7L4
613-277-4335
ubourgeek@gmail.com

FORMAL AND MILITARY EDUCATION

Sydney Academy, Sydney, NS 1988

Nova Scotia University Preparatory Programme – Grade 12
Graduate

Canadian Forces Recruit School, Cornwallis, NS 1990

Basic Training

Canadian Forces School of Military Intelligence, Kingston, ON 1990

Communications Research Operator – Apprentice Level

Canadian Forces School of Military Intelligence, Kingston, ON 1994

Communications Research Operator – Journeyman Level

Canadian Forces School of Military Intelligence, Kingston, ON 1999

Signal Development – Digital Communication Analyst and Reverse
Engineer

Canadian Forces Peacekeeping Support Centre, Kingston, ON 2001

Peace Support Operations Military Observer Course

Canadian Forces Joint Signal Regiment, Kingston, ON 2001

Mobile Electronic Warfare Team Course

West Point Military Academy, West Point, NY 2003

Quinquepartite Computer Network Defence Workshoppe

Canadian Forces Connaught Range and Primary Training Centre 2004

Primary Leadership Qualification Course

INFORMATION TECHNOLOGY TRAINING

Acerra
CISSP Training Programme 2005

Global Knowledge
Interconnecting Cisco Network Devices 2003

InfoPeople Security Solutions

Intellitactics NSM 102 2003
Cisco Security Agent – Administration 2006
Cisco Security Agent – Introduction 2006

Intellitactics
Intellitactics NSM5101 - Introduction to NSM 2005
Intellitactics NSM5400 - NSM 5 2005
Learning Tree International
Unix System Administration 2002
Introduction to TCP/IP 2002
Deploying Intrusion Detection Systems 2003
Unix and Linux Security 2003
Assessing Network Vulnerabilities 2004
Deploying Internet and Intranet Firewalls 2004
Computer Forensics & Incident Response 2006

Military
Introduction to Linux 1997
Introduction to Network Security 1998
Introduction to Unix 1998
Introduction to Computer Networking 1999
Introduction to Network Protocols 1999
Introductory Unix - User Level 1999
COMSEC Custodian Course 2001
Introductory Unix - System Administration Level 2001
Unix Shell Scripting 2001
VIRT (Virus Incident Response Team) Course 2004
IAccess Project Familiarization Training 2007

Rigel Kent Security Services

Malicious Code Analysis 2005
Ethical Hacking 2006

SANS Institute
SANS GIAC Certified Intrusion Analyst Track 2003

United States Military Academy

Computer Network Defence Track 2005

EMPLOYMENT HISTORY

2006 - 2007 Department of National Defence

Special Operations Analyst
• Provide direct analysis support to national intelligence & counter-intelligence
entities (e.g. CFNCIU, CSE, RCMP) in support of special operations.
• Facilitate ongoing sensitive investigations and special operations correlating and
analyzing evidence and network activity while observing proper chain of custody
and light of law.
• Liaise as directed with national and international law enforcement, investigative,
military, intelligence and counter-intelligence entities (AusCERT, CFNCIU, CSE, DSD,
FBI, GCHQ, MoD CERT, NSA, RCMP, UKJIC) in the capacity of SME (Subject Matter
Expert).
• Provide direct DND representation within the CSE Cyberlab as a military augmentee.
2005 - 2007 Department of National Defence
Senior IH/AA (Incident Handling/Advanced Analysis) Analyst
• Supervise incident report taskings, providing guidance and direction where required.
• Provide operational support and feedback to IDS Analysts.
• Provide immediate response to all incidents, generating and maintaining requisite
documentation and reports.
 • Utilize all available resources to perform advanced/long term analysis of unusual
network activity, generating all requisite reports.
• Maintain and update all CIRT databases, report templates and standard operating
procedures.
• Prepare and/or contribute to all CIRT products (Alerts, Advisories, Admin Notes,
Incident Reports, etc.).
• Perform advanced/long term analysis on potential attack vectors and emerging
technologies that threaten operational and classified networks.
• Assist with the preparation and facilitation of CIRT training initiatives.
• Exercise strategic/tactical awareness with regards to emerging threats and DND's
defensive infrastructure.
• Maintain working familiarization with DND policies, guidelines and procedures
pertaining to IT security.
• Initiate and maintain effective working relationships with departmental, national
and international entities.
• Monitor OSINT (Open Source Intelligence) resources for I&W (Indications &
Warnings) regarding potential threats to DND and national assets.
• Contribute to operational efficiency by noting potential areas for improvement in all
areas relating to the CIRT mission.
• Advise chain of command regarding technical issues and security policy.
• Initiate, prioritize and perform assigned tasks without supervision.
2003 - 2005 Department of National Defence
Senior Intrusion Detection Analyst
• Duties as "Intrusion Detection Analyst" below.
• First level quality control of incident reports and related correspondence.
• Supervision of 2-4 member analysis team.
• Liaise with senior staff & external parties in the capacity of SME (Subject Matter
Expert).
• Provide effective administrative support to subordinates and team members.
• Ensure judicious and appropriate application of Canadian Forces regulations with
regards to subordinates and team members.
• Ensure team discipline is maintained.
• Generate initial, quarterly and annual performance assessments for all
subordinates.
2002 - 2003 Department of National Defence
Intrusion Detection Analyst
• Drafting of security advisories and incident reports.
• IDS monitoring using Intellitactics Network Security Manager, Cisco
NetRanger/Secure IDS and SHADOW IDS.
• Perform in-depth packet analysis and incident forensics.
• Assist in the development of juniour analysts performing mentoring and providing
training support as necessary.
• Research and evaluation of network security/hacking tools and emerging threats.
• Trained in the use of various analysis tools (e.g. Snoop, TCPDump. Wireshark,
Snort).
• First line attack assessment, threat analysis and incident handling relating to
 network security events as they occur on operational and classified DND networks.
2001 - 2002 NATO Stabilization Force Bosnia-Herzegovina
Mobile Electronic Warfare Team 2I/C
• Duties as “Senior Digital Communications Analyst” below.
• Provide support to MEWT Commander performing duties of MEWT Commander as
necessary.
• Provide first line technical support and system administration for UNIX and Windows
based National Command Element information systems.
• Perform Comsec Custodial duties for the National Command Element’s Electronic
Warfare troop.
• Act as technical Subject Matter Expert for NATO “Tiger Team” raids on belligerent
communications facilities.
• Perform tactical communications overwatch for NATO combat elements and missions
within the theatre of operations.
• Prepare highly detailed analysis reports for dissemination to the District Electronic
Warfare Commander and Supreme Headquarters Allied Powers Europe.

2000 - 2001 Department of National Defence

Interim Collection & Intercept Support Supervisor
• Duties as “Senior Digital Communications Analyst” below.
• Liaise daily with senior staff in support of the mission.
• Evaluation and management of new and ongoing tasks.
• Perform mentoring of junior analysts.
• Responsible for generation and release of all reports, first level quality control,
training, and section continuity.
• Supervision of 10-15 person section comprising 5 shifts.
• Provide effective administrative support to subordinates and team members.
• Ensure judicious and appropriate application of Canadian Forces regulations with
regards to subordinates and team members.
• Ensure team discipline is maintained.
1999 - 2002 Department of National Defence
Senior Digital Communications Analyst/Reverse Engineer
• Bit level analysis and reverse engineering of complex digital signals, protocols and
C2C (computer to computer) signaling techniques.
• Primary R&D lead performing evaluation, development and review of new equipment
and software.
• Perform mentoring of junior analysts.
• Provide first line UNIX system administration and troubleshooting support to the
Signals Development Team.
• Prepare highly detailed first and second line analysis reports.
 • Perform first level quality control of all internal and external reports.
1998 - 1999 Department of National Defence
Interim Collection & Intercept Support Operator
• Perform interim collection and development of new targets.
• Perform first line analysis of communication systems and networks.
• Maintain all ICIS databases.
• Prepare all mission related reports and supporting documentation.
• Perform mentoring of junior operators.
• Provide intercept support to other sections as required.
1990 - 1998 Department of National Defence
Communications Research Operator
• Perform collection and first line analysis of tasked targets.
• Perform duties of HFDF operator in support of the mission.
• Preparation and first line quality control of mission related reports.
• Perform duties of Communication Centre duties as required.

AWARDS AND DECORATIONS

Commanding Officer's Certificate of Appreciation 2007

Information Management Group Certificate of Appreciation 2007
NATO Medal with Former Yugoslavia Bar 2002
Canadian Forces Decoration 2001
Canadian Peacekeeping Service Medal 2000
Commanding Officer’s Commendation 2000
Supplementary Radio System Oldtimers Association Commendation 1999
United Nations Peacekeeping Medal – UNDOF 1995
Special Service Medal with Alert Bar 1994

PUBLICATIONS AND PAPERS

• “Binary to ASCII Encoders – The Missing Equation”

Service paper, 1998.
• “Open Source Intelligence – The New Intelligence Paradigm”
Service paper, 1998.
• “Open Source Intelligence and the Kosovo Crisis”
Service paper, 1999.
• “Digital Network Intelligence – The Future is Now”
Service paper, 2000.
• “Analysis Report – Grim’s Ping: A Weapon of Mass Distribution”
Attack analysis report, 2002.
• “h4X0R – Know Your Enemy: The Anatomy of a Hack”
Training presentation, 2002.
• “h4X0R – Know Your Enemy: Footprinting”
Training presentation, 2002.
• “h4X0R – Know Your Enemy: Scanning”
Training presentation, 2003.
• “h4X0R – Know Your Enemy: Enumeration”
Training presentation, 2003.
• “Analysis Report – Blended Threats and Hostile Code: Wolves in Website’s Clothing”
Threat analysis report, 2003.
• “Executive Summary – Today’s Menu Special: Phish and Spam”
Executive summary, 2004.
• “Analysis Report – We Like Our Sploits Extra Chunky”
Attack analysis report, 2004.
• “h4X0R – “Know Your Enemy: Building Your Lab”
Training presentation, 2005.
• “I&W Analysis – Onion Routing and TOR”
Indications and warning report, 2006.
• “I&W Analysis – Covert Channels: Cloak & Dagger in the Information Age”
Indications and warning report, 2006.
• “I&W Analysis – Virtual Machine Rootkits: Follow the White Rabbit”
Indications and warning report, 2006.
• “Analyst Working Aide”
Working aide, 2006.
• “Analysis Report – Hostile Script (CVE 2006-003)”
Emergency analysis report, 2006.
• “I&W Analysis – Mobile Malware: Please Leave Your Rootkit at the Tone”
Indications and warning report, 2007.

SECURITY CLEARANCE

• Currently cleared to secret.

PROFESSIONAL
• Held top secret special access clearance for 17+ years.
CERTIFICATIONS
• Held various SCI clearances throughout career.
• NISA (NSM Intellitactics Security Analyst)
• NISM (NSM Intellitactics Security Manager)

PROFESSIONAL DEVELOPMENT INITIATIVES

• Maintains personal virtual machine based network security computer laboratory.

• Maintains personal information security library (50+ titles).
• Preparing for ISC2 CISSP certification examination.

PROFESSIONAL ASSOCIATIONS

• Armed Forces Communications and Electronics Association (member) • Whitehat

• Information Systems Security Association (member) s.ca
Ethical
• Supplementary Radio System Oldtimers Association (honourary life member)
Hacking
Association (Vice-President)