Thomas Hutton Email & Phone Number

Milwaukee, Wisconsin, US

Led all projects from the security perspective for a large scale USG FISMA high rated critical infrastructure system using NIST 800-53 controls; Led program through annual SA&A audits and POAM resolution; built Vulnerability Management Program and reduced vulnerabilities by 3/4's using Tenable Nessus and HP Fortify to identify system and programmatic.

Palo Alto, CA, US

Evaluate ISO 27000 and NIST 800 Series requirements; generate risk analysis, strengthen system diagrams, data classification, process flowcharts, boundary documents, functional and technical documentation, security controls and plans; and recommendations for all remediation needed.Generate security gap analysis reports, remediation plans, estimate levels.

Senior Data Analyst - CDC Global AIDS ProgramCISSPProvided national level security analysis (hardware, software, exposed interfaces, protocols, logging, networks, VPNs, firewalls) for dozens of countries sensitive health data systems (HIV/TB); and follow up design and remediation plans. Provided analysis of existing data governance, legal frameworks, and.

Security Team Leader - CDC Office of the Chief Information Security Officer – Atlanta, GA Provided security policy development, project management, and senior security engineering for CDC.Supervised a team of 27 persons and provided 3rd tier security support.Researched government requirements in HIPAA, FISMA, NIST, and Health and Human Services documents.

Partner and Principal ConsultantSuccessfully acted as senior engineer and project manager while providing senior sales support (as sales closer), pre-sales technical support, and 3rd tier technical support.Evaluated numerous businesses network and system security and continuity using BS7799 (ISO 27001), generated assessments, and recommended paths.

Director of Technical ServicesActed as senior project manager and handled critical penetration testing and vulnerability assessments.Provided secure network architecture based on data classification and required availability, with no single points of failure, load balancing, multiple ISPs, and secure networking as per client requirements.Provided discovery.

Director of IT Operations Evaluated, negotiated, purchased, and managed implementation and operation of data processing systems for an Oracle based, large utility billing system, which handled billions of transactions monthly.Designed and implemented two data centers.Designed and implemented large communication links including MANs and WANs.Evaluated.

VP of Information SystemsManaged systems operation team and 5 person development team.Managed compliance reporting and generated reports to state and federal agencies.Oversaw phone services, negotiated local and long-distance communications contracts.Provided 3rd tier technical support.Acted as senior developer and supervised the systems development.

Manager of Special Projects and Systems Support BranchDesigned and implemented numerous data centers.Developed and implemented Laboratory Information Management Systems and a CDC wide specimen tracking system.Interfaced with research scientists to develop specifications for data systems.Installed the first local area networking at CDC, and architected and.