On the Security Strategy team for EY, focusing on business environment. Some areas of focus: ChatGPT/AI, IPv6, InfoSec Hiring, API Security.COSAC Workshop (Oct 2023) speaker: ChatGPT, The New Overlord of Information Security!Panel Speaker (Oct 2023) on ‘Alan Turing’s Reflections: ChatGPT’ at The National Museum of Computing with Sir Dermot Turing, Dr. Joanna Bryson, and Todd Holloway.

Advisor and Investor, not open to new investing

I led a five-person global (Estonia, France, and US) team of security architectures and engineers. Responsible for product application, cloud (AWS, Azure and GCP), and infrastructure security. Originally hired as an Enterprise Security Architect. Managed Secure SDLC process, including tools SAST:Checkmarx, SCA:Whitesource/Mend, DAST/Data Theorem, CI/CD, Threat Modeling, managing external Pentesting (Cobalt, NCC Group and X41-DSEC, and secure code training (Secure Code Warrior)Other tools managed: Armis, Cloudknox, and Google Chronicle/Cyders

Collaborated with stakeholders, including the Board of Directors, the IT Steering Committee, throughout the organization to create, maintain, and improve information security strategy. Helped architect and implement secure solutions to ensure the protection of corporate assets while enabling effective business processes. Worked with various stakeholder groups and external experts to enhance security posture of software & products. Responsible for the assessment of security controls and oversee the information security cyber incident response process. Responsible for the Security Architecture and Operations. Hands on Tools: Full Cisco Security Suite (AMP, Umbrella, Firepower, Cloudlock), Qualys, Nessus/Tenable and Metasploit Responsible for AWS Security Architecture review, including vulnerability scans.

My team supports all pre-production and some production testing environments for JPMC Digital. We do Incident and Problem management for Linux and AIX, Tomcat/Apache and WebSphere. We use JIRA, Confluence, Jenkins, BitBucket to support and maintain Chase Online, Chase Pay and other JPMC customer and business tools.

Created Six Quarter Information Security Roadmap with a budget of more than $1 million. Managed a senior team of information security professionals to ensure system security for thousands of global end users.Raise system security employing multi-factor authentication/single sign-on, security awareness training, security event information management, honeypot, incident and investigation response program, transparent wireless security and VPN. Report strategy and status of information security plan to the Board of Directors and Audit Committee. Founded Information Governance Board to enhance the system and operational security. Represented Marvell Semiconductor at 2011 World Economic Forum on Cyber Risks.

Created Six Quarter Information Security Roadmap and Budget of greater than 1 million to include future resource and staffing requirements.Oversaw and coordinated information security efforts across the company. Handled information security components of major legal contracts, including master services agreements, enterprise license agreements, professional services contracts and third-party vendors, partners and suppliers. Created cross-functional corporate security alliance team with product security, product marketing, security and network solution groups, etc. to increase organizational security.Founded initial IT enterprise architecture group. Collaborated with federal law enforcement to effectively resolve security incidents in a timely manner. Reported significant information security incidents to COO, CIO, internal audit, legal, physical security and human resources, as needed, to ensure all stakeholders were aware of the incidents. Led vulnerability assessment program and created tactical risk and current threat list. Drafted Acceptable Use Policy with strict attention to detail. Served as corporate information security representative on internal audit’s investigations team and ethics working group. Evaluated security solutions, including leading-edge virtual/cloud solutions to increase organizational security.

Information Security representative on IT Enterprise Architecture team, directing technical security review for more than $100 million in IT operations. Established security architecture program and development process, based on SABSA Methodology. Defined security requirements to meet business needs for all IT projects and implemented ISO27001 compliance. Performed risk analysis in China to ensure all third-party supply chains, vendors and other partners’ security systems and procedures met or exceeded company standards. Provided detailed review and audit of security capabilities in China and interviewed security leadership and teams. Analyzed information from the review and interviews to highlight gaps in security and to quantify associated risk to the relevant areas as low, moderate or high.Designed the global vendor/collaboration network, which used Juniper SSGs, IDP/IDS, and secure access devices. Designed, deployed and maintained enterprise firewalls, SSL-VPNs, and IPS/IDS to enhance operational security. Developed ISO/27001 policy, and installed AirMagnet, Tripwire, and CSA.

Architect and administrator of E-Loan's information security infrastructure: - Intrusion detection and prevention infrastructure (Snort/ACID) - Implemented host based intrusion detection (Tripwire) - High availability firewall infrastructure - Migrated Sendmail-based mail system to Postfix w/SpamAssassin.Developed custom signatures for the E-Loan environment and managed the log review and reporting using a central MySQL RedHat Linux server.Migrated and maintained E-Loan's 24x7 Co-Lo of Linux and Solaris systems – a complex infrastructure that included a multi-level DMZ and split-split DNSResponsible for design, implementation and operations for end-to-end QA/Testing and Training environment(s)Performed internal and external vulnerability assessmentsAssisted in creation of security policy that conformed to the Gramm-Leach-Bliley Act (GLBA)Acted as security and systems mentor to several colleagues

Fulltime Internal Systems Administrator and Consultant, promoted to acting District Team Lead

Served as a Postmaster to an SMTP-based Sendmail, POP, and IMAP mail environment, handling over 110,000 emails per day. Designed a plan to migrate from one Kerberos realm to another. Migrated a Kerberos database server and its clients from version 4 to 5. Added and deleted clients from the Kerberos database. Installed Big Brother to monitor and alert problems and events. Maintained SecurID-based authentication environment. Installed SecurID versions of telnet, FTP, and shell on Solaris and Linux-based machines. Diagnosed and reported TCP/IP-based frame and network problems and outages, including a failure of a previously unknown repeater at the OSI data and physical layer, which required a BERT test. Supported a user environment consisting of ssh (with SecurID) and a shared, via NetApp, filesystem. Installed Solaris and RedHat Linux SCSI-based servers.

Built and maintained numerous securely built RedHat servers.Installed and assisted with creation of CD/ISO image which produced their secure Solaris 2.7 standard, then installed customized Solaris software packages.Assisted in the diagnosing of a 10/100 severe auto-negotiation (OSI physical layer) network problem. Installed commercial version of Tripwire, including the HQ Manager on Solaris, Linux and Windows2000/NT servers. Created single consolidated master sudo configuration file. Customized "mon" configuration to monitor health and status of the infrastructure.Created presentation for team on (E)SMTP, differences between MUA, MTA and MSA, POP/IMAP and how-to read e-mail headers to block spam. Supported a user environment consisting of ssh (with RSA) and a shared, via NetApp, file system. Installed and configured Snort.Interviewed replacement.

Assisted in the design and integration of the Cygnus Solutions Sunnyvale site with its corporate purchaser, RedHat.Designed a new 24' by 14', $120K Quality Engineering lab, while serving as the Project Lead and Security Liaison for the team. The lab, which consisted of 20 ladders, spanned four-posted racks (holding a minimum of 128 racked machines with 40 prototype system boards), numerous KVM switches, several Cisco 2940 and an overhead AC unit. Performed similar initial specifications for a Release Engineering 23' by 28' lab, adding a raised floor and a UPS and backup generator to allow 24x7 usability, and assisted in minimizing the requirements to achieve an affordable price.Built the RedHat 7 ipchains-based firewall, which also provided DHCP and DNS service to the sub-domained lab machines and boards. Facilitated major changes in user and mailing list policies, while serving as the Postmaster.

Documented with Visio the entire switched network, both logically and physically. Installed and configured four Cisco 5500 switches.

Administered and maintained a dual-attached FDDI network of Sun SPARCstations, running Solaris 2.4 and 2.5.1. Maintained an HA-Ultra Enterprise 4000 NFS server. Installed SPARCstations using a customized JumpStart. Maintained and expanded NetBackup installations on servers and clients for a large network of SPARC 20 workstations, using StorageTek. Provided administrative support for "go/no go" when the satellites were launched.

Installed, configured, and administered an environment with more than 10 Solaris 2.3-2.5.1, 4 AIX 3.2.5, 2 IRIX systems, and 40 HDS X terminals (X Windows). Maintained and used ADSM as a client backup utility in a heterogeneous UNIX environment.Installed and maintained shell, Tripwire, TCP Wrappers, COPS, and SATAN security programs. Supported and customized CDE on Solaris systems for users. Supported Samba on UNIX and Windows NT/95/3.11 machines. Installed fast wide differential SCSI controllers on SPARC 20 servers. Installed, upgraded, and maintained CERN Httpd and WU-FTP daemons on UNIX servers. Installed, upgraded, and maintained a secure TFTP on a Solaris system, providing boot support for more than 40 HDS X terminals

My first geek job, I supported:Cache86 a disk cache program. Tree86 is the slickest down and dirty utility you could find for DOS-based computer work. Its efficiency and intelligence offers support for drives of virtually any size and number.Cabin PRO is a multimedia suite consisting of file management, image viewing and conversion, thumbnail creation, screen capture, slide show, and multimedia file playing. Using virtual data, PRO indexes both your on-line and off-line data.PreCursor is a programmable DOS based menu system used to directly open DOS or Windows applications.