Doing security stuff.

As a solo consulting practice, providing cybersecurity professional services to multiple industries. Project work includes content development, security architecture, security product strategy and development, high-level security assessment and advisory services, specialized security training, and DevOps/DevSecOps architecture. Engagements include technical security ghost writing, program assessment based on NIST CSF, security advisory services on topics including risk management and container security, and general enterprise security architecture. My practice has been idle since mid-2019.

First full-time security hire for the company. Brought in to build out security program and security architecture roadmap, as well as to assist with completing critical audits and implementing various security practices. Work efforts completed include:• Core Security Program Design: Designed and created a roadmap for the build-out of core security program capabilities, including vulnerability management, risk management, data security, application and product security, third-party risk management, and business continuity management.• Critical Security-Related Processes: Designed and began implementing critical security processes through cross-team collaboration, including identity lifecycle, access management, routine security testing, vendor security reviews, cloud security monitoring, audit support, and policy revisions.• Security Tooling, Services, and Architecture: Identified security capability needs, designed solutions, evaluated vendors, and shepherded associated budget requests through review and approval. Solutioning included evaluating vendors for Managed Detection and Response (MDR), Cloud Security Posture Management (CSPM), application security testing, password vault/management, identity governance and administration (IGA), network remote access controls for sensitive environments, and container workload protection. Additionally, provided security architecture support to engineering teams around software designs and security-related questions.

Time was split between providing security architecture leadership, participating as an Enterprise Architect (EA) within the Engineering Board, participating in and helping evolve the Technology Adoption Process, and overall providing technical leadership for the organization. Additional EA support was also provided to the internal team responsible for user endpoints and corporate IT services. * Security Architecture: Led initiatives and provided guidance in several areas, including security program management, security policies and standards, security roadmap and strategy, prioritization of resolving security capability gaps, identification and implementation of security solutions, and generally representing security across the organization. * Engineering Board: The Engineering Board was comprised of all Entegral Enterprise Architects and provided technology oversight for the organization. Our stated mission was to “relentlessly pursue the iterative delivery of evolutionary, right-sized, secure, scalable software products.” We collaborated to facility awareness and cooperation across our respective value streams, as well as helping set standards and guide technology decisions that were aligned with strategic direction from the executive leadership team. * Technology Adoption Process: Participated as an EA in the review of new technology requests, as well as working collaboratively to evolve and optimize the process. The purpose of this process was to provide some high-level governance around introduction of new technologies (whether tools or services) into the organization without proper planning, consideration, or support.

Security EA assigned to cover SSDLC and container security, as well as other DevSecOps-related topics as they arise.

Performed security reviews of project designs to evaluate adherence to security technical requirements and for appropriateness of security controls and practices, including ensuring that a proper data flow diagram was in place and assisting teams with threat modeling during the project lifecycle. Assisted project teams with security solutioning when defined patterns meeting technical requirements did not exist. Participated in training delivered to technical architects and project leads on how to compose a data flow diagram and how to perform threat modeling. Completed foundational training on Google Cloud Platform.

Provided technical security leadership within the CloudOps team and across the Technology division. Day-to-day responsibilities included working with software development project teams to ensure proper cloud security measures were in place and maintained, leading tooling evaluations (e.g., log management, container and serverless security tools), leading log management platform migration (from Splunk to Devo), and leading clean- up of AWS IAM configurations (including a transition to AWS SSO). Worked in a matrixed relationship with the Security team to also provide input and propose direction on key capabilities such as security standards and operational security practices. Hobsons was dissolved in February/March 2021.

Provided security architecture and strategy guidance to projects and teams on a variety of topics, including DevSecOps, application security testing, secure coding, secure application and system design, cloud and container security, and enterprise security. My day-to-day activities included reviewing or advising project designs, working within internal security resources on testing approaches, planning and developing security standards, and being a general advocate for information security across the organization.

Provided front-line management of a team of security engineers and architects responsible for identity and access management (IAM), multi-factor authentication (MFA), cloud security, container security, and data security (including encryption and certificate management). Provided technical leadership for the IAM and MFA initiative, including support for solution design and program communications.

Served in a variable role performing research, product management of in-house development projects, and conducting business development. Efforts included creation of materials around the "Lean Security" methodology, development of presentations for conferences, and writing copy for sales collateral, blog posts, and byline articles. New Context has a focus on secure DevOps services and product development.

Evaluated current security processes, tools, and practices as a member of the information security team reporting directly to the CISO. Charged with evaluating the effectiveness of current solutions and identifying gaps in security protection. Developed a comprehensive security architecture framework to evaluate and manage security architecture strategy for both traditional on-premises and cloud environments. Worked with vendors and cross-organizationally to identify, evaluate, and test (pilot) solutions. Technologies evaluated included data loss prevention (DLP), endpoint detection and response (EDR), traditional endpoint security, email security solutions (on-premises and Office 365), enterprise mobility management (EMM), network security tools and capabilities, identity and access management tools and capabilities, application security practices, cloud security tools (such as for AWS) and container (Docker) security tools. Technologies in-scope included AWS, Okta, Digital Guardian, IBM BigFix, Symantec EPP, Zscaler, Microsoft Adallom, FireEye, Splunk, Ansible, Rapid7, Tenable, CloudCheckr, StackRox, Jump Cloud, among many others.

As a member of the enterprise architecture team, charged with broad responsibilities to inject security practices into the overall application stack. Reviewed overall environment and developed an incremental roadmap for addressing critical gaps and charting a progressive course to more effective enterprise security over time. Included collaborating with the team driving a DevOps initiative, as well as initiating changes to implement and leverage security operations automation.

As a member of the Security & Risk Management Strategies team within Gartner for Technical Professionals, I conducted research into topics including risk management, security programs, security planning and management, application security, DLP, and SharePoint security. Additionally, I contributed content as a speaker at several Gartner and non-Gartner events and webinars, as well as delivering advisory services to clients and providing direct support to the sales team, both virtually and in-person, in multiple regions.

Although originally hired to build a professional services team (put on hold due to a change in sales strategy), redeployed as needed to provide a number of value-add services, including customer training (development and delivery of comprehensive product onboarding curriculum); writing (blog posts, articles, and white papers); sales support and public speaking (including talks delivered at RSA USA, Secure360, Rocky Mountain InfoSec Conference, ISC2 Security Congress, and the ISSA International Conference); partner enablement; and, a variety of other one-off projects (e.g., market analysis, security policy development).

Helped deliver security professional services. Assisted with business development.

Performed product implementation and project management work for a security architecture project at a major government agency.

As Director of Security & Compliance, it was my opportunity to establish and build a formal security program for the enterprise.

Security consultant (via BT Global Services acquisition of International Network Services) providing professional services to a broad range of organizations. Direct experience with security architecture, access management, privileged identity management, cryptographic key management, Encryption Key Management Infrastructure (EKMI), development of policies and standards, SSE-CMM, ISO 27000 series standards, pre-sales support, and client presentations.

Served in a team leadership role within the security assurance team. Responsibilities included working with project teams to inject security requirements, development and delivery of technical security training, contribution to policy development, and thought leadership within the security organization.

Recruited to take over leadership of a comprehensive network security re-architecture project. Responsible for all aspects of operational security within supported systems, including OS and router hardening, perimeter and internal firewalls, AV maintenance, etc.

Served as lead systems administrator and secondary network administrator for national Internet Services Provider. Responsibilities included supporting dial-up, broadband and DSL customers for connectivity, email and web hosting. Also provided systems administration to systems used for web hosting and portal services.

Conducted comprehensive security testing and certification of firewall products. Worked with vendors to coordinate resolution of issues. Testing involved use of common penetration assessment tools, including Nessus, CyberCop, Nmap, hping, nemesis and tcpdump, among others. Testing was conducted in a process-oriented, scientific environment aimed at applying a consistent measure to a variety of firewall products, ranging from consumer appliances to enterprise solutions.

Served as lead systems administrator and secondary network administrator for national Internet Services Provider. Responsibilities included supporting dial-up, broadband and DSL customers for connectivity, email and web hosting. Also provided systems administration to systems used for web hosting and portal services.

Provided technical project management to a team of 30+ engineers throughout the country. Responsibilities included design review, workflow management, special project leadership, and point-of-contact for regular work requests. Team was responsible for managing 500-600 firewall, web and application servers, based on Sun Solaris, Compaq Tru64, and Windows NT.

Brought onboard to help establish and grow a security consulting practice. Executed engagements, developed collateral, trained sales and technical staff, and assisted in the sale of services. Customer engagements included incident response, security assessments, and the development of security standards for Windows 2000.

Participated in and led Information Technology audits, including documenting and providing expert analysis of system and network security. Presented audit and security assessment findings and provided business justification for recommended changes. Involved with both standard IT audits and SAS-70 Type I and Type II reviews.

Provided network professional services to a variety of clients in the Chicago, Illinois, and Minneapolis, Minnesota, metropolitan areas. Services included troubleshooting, network design and implementation, and fulfilling numerous other network administration functions on behalf of customers.

Completed various small-scale technical projects as assigned as a student tech/computer worker.

As a student worker, performed systems and network administration, including everything from bare metal installation to support and management, on HP/UX, FreeBSD, Novell Netware, and Microsoft Windows platforms. Duties included access management, hardware rack-n-stack (including network card installation, cable pulls and terminations), and supporting endusers with various needs (including virus removal from PCs and floppy disks). This position concluded when I took a co-op internship.

As an intern, participated in two projects: 1) helping document an in-house software development project to achieve the desired CMM level, 2) providing technical assistance to a client, particularly in support of IBM AIX UNIX.

Wrote application software using National Instruments LabViEW to do 360-degree image acquisition using a radioactive source (industrial CT-scan system). You can read about the experience here:http://www.secureconsulting.net/Classic/argonne.html