Dave Kleiman

A recognized security expert that has worked in the Information Technology sector since 1990 and a former Florida Certified Law Enforcement Officer. Dave specializes in Digital/Computer Forensic Examinations, Electronic Discovery, Incident Response, and Intrusion Analysis.

Accepted as a computer expert witness in Federal, State, and Military courts. Additionally, served as a court appointed expert.

Data Forensics and IT Security Consulting

Clients include: Palm Beach County Sheriff’s Office, Palm Beach County DA’s office, Department of the Navy, Naval Criminal Investigative Service, Waste Management, South Florida Water Management District, and Private Law Firms.

• Developed a Windows Operating System lockdown tool, S-Lok, which surpasses NSA, NIST, and Microsoft Common Criteria Guidelines, while performing as interim CISO for Securit-e-Doc, Inc West Palm Beach, FL 2001-2004. Supervised the development of a cryptographic module system that resulted in the passing of FIPS-140 compliance. Evaluated technical information, security requirements, and documentation during the system development process.
• Utilize management skills in support of IT security and forensic examinations, and post-intrusion network analysis.
• Perform forensic examinations, attack forensics, packet forensics, incident response, intrusion analysis, and audits.
• Identify legal need for discovery and provided methods of electronic discovery and litigation support.
• Prepare for court appearances and depositions for criminal and civil testimony.
• Perform analysis of expert witness reports and testimony.
• Develop and foster long-term liaison contacts with cyber security organizations.
• Develop forensic courseware; provide supporting seminars and labs.
• Execute risk assessments, security audits, and ensure agency compliance with information security best practices.
• Evaluate information and disseminate cogent and comprehensive reports in support of operations, and collection requirements.
• Create policies and procedures on regarding response to computer crime events, regulatory compliance issues, and operational/investigatory processes. Understanding the legal and technological impact such a policy will have on an organization, and the consequences faced by an organization when such a policy does not exist
• Conduct research, analysis, counterintelligence, and services designed to detect and deter instances of system and network exploitation and data exfiltration by unauthorized internal/external sources.
• Maintain record of incidents and resolution to incorporate for future security incident solutions. Provide executive and organizational briefing at conclusion of incident with cause and effect.
• Review system design specifications and operational procedures for adherence to information security policies.
• Recommend information security solutions throughout the system development process.
• Develop efficient support and upgrade strategies; submitted necessary support and budgets
• implement, upgrade, and recover email, database, and perimeter systems.
• Perform program management analysis, design, and training in line with information technology regulations.
• Coordinate security of data, backup procedures, testing, recovery, and security access controls.
• Remain familiar with Federal, State and other policies/standards that affect information security
• Advise vendors and management with briefing and presentations to exchange relevant data.

VP of Technical Operations

Intelliswitch, Inc./Citywalk.net, West Palm Beach, Florida,
Internet Startup company that provided international ISP and VoIP services.

• Supervised the development and maintenance of a secure international VoIP network
• Maintained ISP company network, email, and web services.
• Instituted and conducted security awareness programs, served as advisor to all positions.
• Performed examinations and incident analysis.
• Executed security audits on perimeter security systems and managed resolutions.
• Conducted business continuity exercises with emergency action plans.
• Reviewed system design specifications and operational procedures for adherence to information security policies.
• Interacted with management and submitted reports, budgets, system security information, and recommendations.
• Provided leadership and support to align regional departments to achieve worldwide IT objectives.
• Supervised quality assurance and source code review of software development.
• Recommended information security solutions throughout the system development process.

Director of IT

Suffolk Construction Company, Inc., Palm Beach Gardens, Florida
Privately held national company with 400-800 million in annual revenues

• Developed and maintained a secure regional Windows and Novell network between Florida and Boston offices with integrated E-mail and Telecommunications.
• Designed remote office access through Citrix servers and clients.
• Performed incident response, intrusion analysis, and examinations.
• Monitored security logs for all regional IT systems.

Information Systems Analyst

Law Enforcement Officer Palm Beach County Sheriff's Office, West Palm Beach, Florida
PBSO is law enforcement agency with over 3000 employees

• Performed standard law enforcement duties in support of criminal investigations.
• Administered an enterprise NT, Novell, and Mainframe network.
• Analyzed all systems security; reported, logged, and investigated findings daily.
• Integrated a Mainframe data retrieval system into an MS Access database.

United States Army

Aviation Logistics: Distinguished Honor Graduate
Performed Aviation duties, avionics, and encrypted communications

• 1987 U.S. Army Soldier of the Year

• Cisco Router and Switch Forensics: Analyzing Malicious Network Activity, Co-Author, ISBN: 978-1597494182, May 2009
• Overwriting Hard Drive Data: The Great Wiping Controversy, Co-Author, Lecture Notes in Computer Science, Dec 2008
• Perl Scripting for Windows Security: Technical Editor, ISBN: 978-1597491730, Jan 2008
• The Official CHFI Study Guide: (Exam 312-49), Lead Author and Technical Editor, ISBN: 978-159749197-6, Oct 2007
• Windows Forensic Analysis: Including DVD Toolkit, Technical Editor, ISBN: 978-1597491563, April 2007
• Rootkits for Dummies: Forensic Advisor, ISBN: 978-0471917106, Jan 2007
• CD and DVD Forensics: Technical Editor, ISBN: 978-1597491280, Nov 2006
• How to Cheat at Windows System Administration: Co-Author, ISBN: 978-1597491051, Sep 2006
• Enemy at the Water Cooler: Real Life Stories of Insider Threats, Technical Reviewer, ISBN: 978-1597491297, Aug 2006
• Winternals: Recovery and Administration Field Guide, Lead Author and Tech Editor, ISBN: 978-1597490795, Jun 2006
• Security Log Management: Identifying Patterns in the Chaos, Co-Author, ISBN: 978-1597490429, Jan 2006
• Perfect Passwords: Selection, Protection, Authentication, Technical Editor ISBN: 978-1597490412, Dec 2005
• Microsoft® Log Parser Toolkit: Investigating Intrusions, Co-Author, ISBN: 978-1932266528, Feb 2005

• Forensic Science and Law Summit - BrightTalk - Digital Forensics Private Investigation Laws, Dec 2008
• Digital Investigation Summit - BrightTalk - Digital Forensics: The DFCB and the ABA Resolution, Oct 2008
• Live Preview-Tools-Tricks-n-Traps/Log File Forensics, Sarasota FL, FACCI, 2008 Annual Training, Jul 2008
• Live Preview-Collecting Preliminary Evidence from Live Computer Systems, InfraGard Miami, Annual Meeting, June 2008
• Locating Intrusions and Collecting Evidence on Live Computer Systems, Palm Beach, FL, PBCGov, Sep 2007
• Log File Forensics Tools and Tricks, San Diego, CA, HTCIA International Training Conference, Aug 2007
• Tools, Tricks, and Traps: CyberCrime Institute, Kennesaw State University, GA, CyberCrime Summit, Mar 2007
• Florida Bar Approved CLE Course # 2569 6, West Palm Beach, FL, Effective e-Discovery, Jun 2006
• Advanced Log File Forensics: CyberCrime Institute, Kennesaw State University, GA, CyberCrime Summit, Mar 2006
• Forensic Incident Response through Log File Analysis: Tampa, FL, DoD Cyber Crime Conference, Jan 2006
• Forensics for Information Security Managers: Vienna, VA., (ISC)2, Sep 2005
• Following an Intrusion through a Microsoft® Network: Washington, D.C., FBI InfraGard National Conference, Aug 2005
  
• Secure Electronic Environments: Cleveland, OH, Nuclear Information Technology Strategic Leadership, Jun 2005
  
• Secure Document Delivery Concepts and Options: Ft. Lauderdale, FL, ISSA, Nova University, May 2005

• Microsoft Windows Security - Most Valuable Professional (MVP®)
  
• Information Systems Security Management Professional (ISSMP®)
  
• Information Systems Security Architecture Professional (ISSAP®)
  
• Certified Information Systems Security Professional (CISSP®)
  
• Certified Electronic Evidence Collection Specialist (CEECS)
• Certified Professional in Comprehensive Security (CPCS)
  
• Certified Information Forensics Investigator™ (CIFI)
  
• Certified Information Security Manager (CISM®)
  
• Microsoft Certified Systems Engineer (MCSE®)
  
• Certified Anti-Terrorism Specialist (CAS)
  
• Data Recovery Expert Certified (DREC)
• Certified Computer Examiner(CCE®)

• Member and Certification Committee - National Center for Forensic Science (NCFS) - Digital Forensics Certification Board (DFCB) a program of the U.S. Department of Justice’s Office of Justice Programs, National Institute of Justice.
  
• Member and Sector Chief for Information Technology - The FBI’s InfraGard®
  
• Member - International Association of Counter Terrorism and Security Professionals (IACSP)
  
• Member - International Association of Computer Investigative Specialists® (IACIS)
  
• Member - International Society of Forensic Computer Examiners® (ISFCE)
• Member - International Information Systems Forensics Association (IISFA)
  
• Member - Information Systems Audit and Control Association® (ISACA)
  
• Member - The Institute of Computer Forensic Professionals (ICFP)
  
• Member - Association of Certified Fraud Examiners (ACFE)
• Member - Miami Electronic Crimes Task Force (MECTF)
  
• Member - Anti Terrorism Accreditation Board (ATAB)
  
• Member - High Tech Crime Consortium (HTCC)

• Indian River Community College - Ft. Pierce, FL -1992: Criminal Justice. (Distinguished Honor Graduate)
• Embry-Riddle Aeronautical University - FL - 1988 to 1989: Professional Aeronautics. (Dean’s List)
  
• University of Maryland - 1987 to 1988: Computer Science.
  
• Palm Beach Community College - Palm Beach, FL - 1983 to 1986/1992: Computer Science, Criminal Justice. (Presidents Academic Honor Roll)