Mark Merkow, Cissp, Cism, Csslp Email and Phone Number
Tempe, AZ, US
Mark Merkow, Cissp, Cism, Csslp's Location
Tempe, Arizona, United States, United States
Mark Merkow, Cissp, Cism, Csslp's Contact Details
Mark Merkow, Cissp, Cism, Csslp work email
- Valid
- Valid
- Valid
- Valid
Mark Merkow, Cissp, Cism, Csslp personal email
n/a
Mark Merkow, Cissp, Cism, Csslp phone numbers
About Mark Merkow, Cissp, Cism, Csslp
Applied Application Development Security program development for large IT organizationsAdvocate for Building Security In to the SDLC with software-quality and security activities, tools, and processes, and education for provable, high-assurance software securityExpert in Information Security Policies and Standards/Training and Awareness Programs, especially as they apply to software securityAuthor or co-author of 14 published books on IT and IT Security, including 2 titles specific to software security:o Secure and Resilient Software Developmento Secure and Resilient Software: Requirements, Test Cases, and Testing Methods
Mark Merkow, Cissp, Cism, Csslp's Current Company Details
Mark Merkow, Cissp, Cism, Csslp Work Experience Details
-
Online FacultyUniversity Of DenverTempe, Az, Us
-
Application Security EngineerFreeport-Mcmoran Feb 2022 - PresentPhoenix, Az, UsWorking on the Application Security Team at Freeport to help develop a culturally-appropriate and effective end-to-end software security practice. -
Founding MemberThreat Modeling Connect Nov 2022 - PresentDenver, Colorado, Us -
Member, Purple Book CommunityThe Purple Book Community Jul 2021 - PresentPalo Alto, Ca, UsCommunity Member -
Online FacultyUniversity Of Denver Mar 2004 - PresentDenver, Colorado, UsCourse developer and instructor in University College for the Information and Computer Technology courses. Specialize in Computer Security Fundamentals, Security Education, Training, and Awareness (SETA) Programs, Application Software Security, and Access Control Systems.
-
Visting ProfessorDevry University Oct 2002 - PresentLisle, Illinois, UsAdjunct faculty in College of Engineering and Information Systems (E&IS) for DeVry and Keller online programs. -
Application Security Architecture/Design/EngineeringHealthequity Jul 2019 - Jan 2022Draper, Ut, Us• Served on Security Architecture Team working to migrate legacy Web applications to MS Azure through reusable architecture patterns and reference architectures, code reuse, and application decomposition into microservices with REST API communications.• Worked on evaluating vendor security programs and questionnaires via Graphite Connect in support of People and Partner Security• Developed and delivered annual role-based Application Security Refresher training for all scrum teams• Assisted in corporate-wide security awareness campaigns and National Cybersecurity Awareness Month (NCSAM) -
Technical Director, Application SecurityCharles Schwab Dec 2013 - Jul 2019Westlake, Texas, Us-Developed and implemented a holistic secure software development lifecycle for all enterprise-level applications in both RUP and Scrum/Agile development methodologies-Trained over 700 development team members across 8 development roles in secure application requirements analysis, design, development, testing, and rollout-Maturing the program as new Agile teams come onboard and as new vulnerabilities pop up-Developed and began implementation of a Talent Strategy to map employee roles to the NICE Framework Work Roles to determine coverage and depth of Information Security Program. Further mapping of employee work roles with the Knowledge, Skills, and Abilities (KSAs) helps to assure coverage sufficient to succeed or excel in a work role, and filling in any gaps with continuing education. -
Manager, Information Security Policies And Standards/Security Training And Awareness ProgramsPaypal Apr 2009 - 2013San Jose, Ca, UsDeveloped, managed, assured adequate reviews, and maintained the Information Security Policies and Standards Library for PayPal worldwide access and use. Applied the requirements within the standards to establish and run an effective security training and awareness for 14,000 employees worldwide. Leveraged effective media and tools to create culturally- and geographically -appropriate Security Awareness and Training campaigns to help people understand that “Security is Everyone’s Responsibility.” Led the development and implementation of security awareness campaigns for Lock It When You Leave It, Compliance Jeopardy Game, an Information Security Related Haiku contest and in-person events that bring industry experts to PayPal to share their experiences and knowledge with PayPal software developers, Site Operations Personnel, and Information Security personnel. Our rotating Data Protection Weeks reach thousands of Call Center personnel with security training and security awareness that rapidly reminds them of their responsibilities for handling sensitive customer information and offers them a forum to answer specific questions -- given their limited time for training and contact.Using a variety of measurement tools to gauge the effectiveness of a campaign, we were able to prove that the Lock It When You Leave It campaign alone effected positive behavior changes in 65% of the participants we surveyed. -
Director,Cto Security Technical Excellence CenterAmerican Express Oct 2005 - Feb 2009New York, Ny, UsEstablished and implemented the Application Development Security (ADS) program for American Express which included developer training, rollout of IBM’s Rational Tools for source code analysis, Web app penetration testing program, and remediation authority for bugs and other security issues that were found.Responsible for inculcating the Application Development Security Program as a natural aspect in all phases of the Software Development Life Cycle at American Express.Created CBT courses and instructor-led courses for software developers, analysts and designers, and leaders of employees engaged in the SDLCLed a group of IT Security Subject Matter Experts in Project Governance activities that include Product Evaluations for proposed COTS implementation, development of standards, strategies, and prescriptive frameworks for reusable security servicesResponsible for conducting Proof-of-Concept evaluations on new IT Security tools to determine the suitability of use and supportCollaborated with CISO Office on policy enforcement mechanisms and joint reviews of CISO Policies and Standards and CTO Standards and Strategies for implementing IT Security Controls across the AMEX Enterprise.Developed IT Security Strategies for Enterprise Technology Roadmap using TOGAF tools and techniquesServed as American Express Technologies Representative to BITS/Financial Services Roundtable Security and Risk Assessment CommitteeServed as American Express Technologies Representative to the Financial Services Information Sharing and Analysis Center (FS-ISAC)Served as American Express Technologies Representative on Financial Services Sector Coordinating Council on Homeland Security and Critical Infrastructure Protection (FSSCC) R&D Committee and Cybersecurity Committee -
Information Security StrategistAmerican Express Jul 1997 - Oct 2005New York, Ny, UsCritical Infrastructure Protection for Finance and Banking CybersecurityBITS Security and Risk Assessment Committee as Executive Subcommittee Member and Member of the Lab Governance Committee (LGC) for Financial Institutions Data Evaluation Security (FIDES)Site Coordinator for Financial Services Information Sharing and Analysis Center (FS/ISAC)Developing and implementing policy and standards base for long-term security strategy and operationsSynthesis and migration of IT Security policy and standards library to RSA Archer Security Management PlatformAdvanced Payments (chip cards, RFID cards, key fobs) securityKey Signing Officer for AMEX related cryptographic keys and Certificate AuthorityProject consulting, issues resolution, and security exceptions dispositioning
Mark Merkow, Cissp, Cism, Csslp Education Details
-
W. P. Carey School Of Business – Arizona State UniversityGeneral -
Arizona State UniversityDistance Education And Learning Technologies
-
W. P. Carey School Of Business – Arizona State UniversityDecision And Information Systems
Frequently Asked Questions about Mark Merkow, Cissp, Cism, Csslp
What company does Mark Merkow, Cissp, Cism, Csslp work for?
Mark Merkow, Cissp, Cism, Csslp works for University Of Denver
What is Mark Merkow, Cissp, Cism, Csslp's role at the current company?
Mark Merkow, Cissp, Cism, Csslp's current role is Online Faculty.
What is Mark Merkow, Cissp, Cism, Csslp's email address?
Mark Merkow, Cissp, Cism, Csslp's email address is ma****@****exp.com
What is Mark Merkow, Cissp, Cism, Csslp's direct phone number?
Mark Merkow, Cissp, Cism, Csslp's direct phone number is +160274*****
What schools did Mark Merkow, Cissp, Cism, Csslp attend?
Mark Merkow, Cissp, Cism, Csslp attended W. P. Carey School Of Business – Arizona State University, Arizona State University, W. P. Carey School Of Business – Arizona State University.
Free Chrome Extension
Find emails, phones & company data instantly
Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Aero Online
Your AI prospecting assistant
Select data to include:
Total price:
$0.00
0 records × $0.02 per record
Download 750 million emails and 100 million phone numbers
Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.
Start your free trial