Jim Canup Email & Phone Number
Who is Jim Canup? Overview
A concise factual answer block for searchers comparing this professional profile.
Jim Canup is listed as AppSec begins and ends with your SDLC at Optiv, a with 1921 employees, based in Huntersville, North Carolina, United States. AeroLeads shows a matched LinkedIn profile for Jim Canup.
Jim Canup previously worked as Practice Leader - Application Security at Optiv and Senior Practice Manager at Optiv. Jim Canup holds Et/Ew/Ss, Top 5% Of Class from Us Navy.
Email format at Optiv
This section adds company-level context without repeating Jim Canup's masked contact details.
Review company-level records connected to Jim Canup before choosing the right outreach path.
About Jim Canup
Jim has over 15 years of experience in application security, specializing in maturing and securing the Software Development Life Cycle (SLDC). He has partnered with some of the largest organizations in the world to guide them in maturing their AppSec programs from immature to industry-leading. As a military veteran, Jim is a no-nonsense “tell it like it is” strategic management consultant who always puts the client first. Jim firmly believes that Application Security (AppSec) is the largest, most vulnerable, and target-rich attack vector in cyber security today, and AppSec begins and ends with the SDLC.
Jim Canup's current company
Company context helps verify the profile and gives searchers a useful next step.
Jim Canup work experience
A career timeline built from the work history available for this profile.
Senior Practice Manager
Practice Manager - Threat
Program Director [Retired]
I developed and convinced Deloitte leadership on the need to perform application security testing on all Deloitte owned applications. I designed the three-year program and pitched it to senior partners. The program was approved and funded with a $12.5 million annual budget under my directorship. The scope of the project included 5000+ applications across 56 member firms around the globe. I managed multiple global remote teams of 30-40 members. I interfaced with C-level executives, security managers, and development managers at each member firm, helping them juggle their budgets and resources against the mandated application security testing. I negotiated vendor contracts for software and infrastructure. Finally, I managed the successful handover of the steady-state service to the Deloitte Global Security Team at the end of the project’s implementation phase.Before running the internal application testing program, I managed teams of consultants engaged in client-facing projects for two and a half years. Some of the types of engagements I was leading included: SOC 2 Compliance Readiness, HIPPA Compliance Readiness, IT Security Policy Creation & Audit, and Security Training for Employees.
Managing Consultant / Chief Product Evangelist
Services Management – One of my primary responsibility was management of client expectations and delivery of services. This involved managing several junior consultants and scheduling managed services. Due to my previous experiences, I also assisted in several BSIMM audits/deliveries.Product Development – In addition to my Service Management role, I also assisted in the development of a new product. The product was successfully developed with its first sale in January 2014.Product Evangelism – In November 2013, I was transferred to the newly created product group to be the Chief Product Evangelist. My duties in this role involved many speaking engagements, trade shows, product demonstrations and sales support.
Principle Security Consultant
Accomplishments:* Performed services at several international companies improving their SDLC to help build secure applications by default. This is accomplished through security best practices, secure frameworks, reusable components, automated processes, secure coding standards, application security training, proper threat assessments, development of security requirements and much more.* Provided several enterprise-wide software security maturity assessments followed by the development of application security improvement programs; utilizing people, processes and technology throughout the entire SDLC. The developed programs provide measurable, strategic and iterative road maps that companies implement over a 2-5 year period moving towards their desired security goals.* Promoted to Principle Consultant.* Promoted from Technical Consultant III to Technical Consultant IV.* Recipient of the Hewlett Packard “2011 Service MVP of the Year” award.* Delivered security products along with professional services to each of the four primary branches of the armed services, the Department of Defense and Homeland Security.
Sr. Applications Security Engineer
I was an Application Security Engineer for Intuit – Corporate Banking Division: The Intuit Corporate Banking Division offers innovative financial products for the commercial banking, internet banking and small business sectors. My role in the company involved:Review Java, C++, JSP and CMFL code for application security vulnerabilities, adherence to security coding standards and best practicesPerformed Static Code Analysis on Java, C++, ColdFusion and JavaScript code using Fortify SCA Tool.Perform periodic Black-Box and White-Box penetration testing of existing and new products/modules using AppScanEvaluate business requirements and design documents for potential security vulnerabilitiesInitiate code remediation of legacy code to constantly improve overall application securityMentoring and education of development, QA and business analyst staff regarding application security best practicesDesign and develop security testing tools for internal use by Security, Quality Assurance and DevelopmentMember of the senior infrastructure team to ensure that application security techniques are designed in from the ground upResponsible for FFIEC Issue management using the Issue Track systemMember of the Defect Review CommitteeRespond to Third-Party security audits initiated by financial institutions to either confirm or deny reported security vulnerabilitiesEvaluate security analysis tools for potential use within security, development and/or QA. Products reviewed include WebInspect, AppScan, WebScarab, Paros, and various Application Security FirewallsConstantly strive to improve myself in the field of application security through books, forums, blogs, associations, seminars and training classesMonitor the security workspace to help keep the company aware of any newly identified technologies that would either improve existing security or possibly introduce new vulnerabilities.Member of OWASP Atlanta
Senior Software Developer
I was a Senior Developer assigned to the Federal Aviation Administration for Web-based Application Development. I was the sole designer, developer, DBA and tester for two different projects:Completed the full life cycle of a web-based application with that mimicked and replaced a legacy FoxPro application that the FAA-Southern Region had been using for 10 years. Since the Q1 of 2004, this application was so well received that it was adopted as the new standard for FAA personnel movement & tracking nation-wide. As part of the acceptance testing process, security analysts from Homeland Security evaluated the application and found zero security defects.Designed, developed, tested and implemented a web-based Budget Application linking to the DOT ERP System (Delphi) and The FAA Payroll and Benefits System (DBase). The application improved the budgeting process exponentially. So much so, that the budgeting department was reorganized from thirty-seven people to seventeen. Again as part of the acceptance testing process, security analysts from Homeland Security evaluated the application I wrote and found zero security defects. I received an accommodation from the FAA and Lockheed for having zero security defects.Acquired industry experience in: Government Software Development, Government Software Security Practices, and FAA Personnel Management.Reestablished my US Government Secret level security clearance. I had held a Top-Secret clearance while serving in the US Navy Submarine fleet.
Software Engineer
I was a Team Lead and Senior Consultant supporting various clients at this fortune 500 consulting firm. My duties included:Coordinated the activities of the Development, QA, Help Desk, Training, and Documentation teams in the delivery of projects. These projects included business strategy consulting, brand building, and web application development.Educated clients and team members in the use of the industry best practices.Ensured that all deliverables meet the highest standards for quality.Identified additional business opportunities with current clients. Developed business requirements and wrote statements of work.I successfully managed support and enhancement projects of TalentAxis, which consists of 300,000+ lines of code. This project was responsible for over 17 million dollars of revenue in its first two years.Acquired industry experience in: Human Capital Management, Customer Relations Management, Human Resources, and Supply Chain Management.Effectively used MS Project to manage up to 12 concurrent projects that all rolled up into a master project for proper control of time management, risk analysis, resource management and budgets.Provided weekly metrics on project status.Managed regularly scheduled upgrade migrations from Development, through QA and finally to Production that affected multiple clients within an Application Service Provider environment with Zero down time.Designed and developed integrated reporting functionality using Crystal Reports.Trained and mentored subordinates through instruction and hands-on assistance in order to maximize effectively and retention.Consistently built up team members by empowering them to make responsible and accountable decisions and then I backed those decisions 100%.
Software Development Manager
Managed a team of 4 developers. Our team was responsible for the support of the Talent Axis Application.
Software Development Manager
I was the manager and lead developer for a nine person team tasked with the creation, integration and maintenance of an all web-based applications for RMC’s 16 US subsidiaries. The backbone application server was a SilverStream J2EE Server. Integrated into each of the web applications were several back office systems including Oracle 8i ERP system, Baan Sales Force Automation Suite, HRizon HR Management Application, Mobius GPS Tracking system, and several legacy systems distributed throughout the world.
Nuc Et-Ew - Submariner
Boot Camp - Orlando FLNuclear Electronics Tech School - Orlando FLElectronics Warfare School - Pensacola FLSub School - Groton CTUSS Alexander HamiltonUSS SilversidesUSS GeorgiaSpecial Assignment with NISExiting Rank E-6
Colleagues at Optiv
Other employees you can reach at optiv.com. View company contacts for 1921 employees →
Laura Lester
Colleague at OptivShawnee, Kansas, United States
View →
KS
Kristin Scott
Colleague at OptivAmherst, New Hampshire, United States
View →
NR
Nate Rucker
Colleague at OptivMemphis, Tennessee, United States
View →
DD
Dyamappa Dandappanavar
Colleague at OptivBengaluru, Karnataka, India
View →
DG
Diane Grlica
Colleague at OptivUnited States
View →
MW
Minoaka Webster Yen
Colleague at OptivHonolulu, Hawaii, United States
View →
MM
Malyssa Munroe
Colleague at OptivAlpharetta, Georgia, United States
View →
AV
Aaron Vath
Colleague at OptivDenver Metropolitan Area, United States
View →
VF
Vincent Faires
Colleague at OptivSalt Lake City, Utah, United States
View →
TA
Tobi Adeshina
Colleague at OptivOmaha Metropolitan Area, United States
View →
Jim Canup education
Et/Ew/Ss, Top 5% Of Class
Business
Education record
Frequently asked questions about Jim Canup
Quick answers generated from the profile data available on this page.
What company does Jim Canup work for?
Jim Canup works for Optiv.
What is Jim Canup's role at Optiv?
Jim Canup is listed as AppSec begins and ends with your SDLC at Optiv.
Where is Jim Canup based?
Jim Canup is based in Huntersville, North Carolina, United States while working with Optiv.
What companies has Jim Canup worked for?
Jim Canup has worked for Optiv, Optiv Inc, Deloitte, Cigital, and Hp Enterprise Security.
Who are Jim Canup's colleagues at Optiv?
Jim Canup's colleagues at Optiv include Laura Lester, Kristin Scott, Nate Rucker, Dyamappa Dandappanavar, and Diane Grlica.
How can I contact Jim Canup?
You can use AeroLeads to view verified contact signals for Jim Canup at Optiv, including work email, phone, and LinkedIn data when available.
What schools did Jim Canup attend?
Jim Canup holds Et/Ew/Ss, Top 5% Of Class from Us Navy.
Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.
Start free trialCheck these profiles if this is not the Jim Canup you were looking for.
View similar profiles