This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "User:Mchalmers"
From OWASP
m (→Non-OWASP Involvement) |
m (→Non-OWASP Involvement) |
||
Line 36: | Line 36: | ||
==Non-OWASP Involvement== | ==Non-OWASP Involvement== | ||
+ | * [http://www.acfea.org/ ACFEA] (Armed Forces Communications and Electronics Association) | ||
* [http://www.acm.org/ ACM] (Association for Computing Machinery) | * [http://www.acm.org/ ACM] (Association for Computing Machinery) | ||
** [http://www.sigact.org/ SIGACT] (Special Interest Group on Algorithms and Computation Theory) | ** [http://www.sigact.org/ SIGACT] (Special Interest Group on Algorithms and Computation Theory) | ||
Line 41: | Line 42: | ||
** [http://www.sigchi.org/ SIGCHI] (Special Interest Group on Computer-Human Interaction) | ** [http://www.sigchi.org/ SIGCHI] (Special Interest Group on Computer-Human Interaction) | ||
** [http://www.sigsac.org/ SIGSAC] (Special Interest Group on Security, Audit, and Control) | ** [http://www.sigsac.org/ SIGSAC] (Special Interest Group on Security, Audit, and Control) | ||
− | |||
* [http://www.cloudsecurityalliance.org/ CSA] (Cloud Security Alliance) | * [http://www.cloudsecurityalliance.org/ CSA] (Cloud Security Alliance) | ||
* [http://www.eff.org/ EFF] (Electronic Frontier Foundation) | * [http://www.eff.org/ EFF] (Electronic Frontier Foundation) |
Revision as of 04:47, 7 April 2016
I've been focused on infosec-related work my entire professional career. I've earned numerous industry certifications such as the CISM and CEH as well as a Master of Science in Information Assurance. I specialize in information technology & technology process assurance, audit, compliance, control, governance, risk, and security.I've been involved with OWASP since about 2002. I can be reached at matthew . chalmers @ owasp . org.
OWASP Involvement
OWASP Wiki
OWASP Projects
- Local Chapter Resources
- Certification Project (content owner/reviewer)
- Application Security Requirements Project (interim project manager)
- OWASP EU Summit 2008
- Global Chapter Committee
- OWASP Global Summit 2011
- OWASP Governance Task Force
- OWASP Codes of Conduct
OWASP Chapters
- Founding member of the original DC Local Chapter (which became the DC-Maryland chapter, then the Washington DC chapter)
- Active member 2004-2005
- Recorded meeting minutes and maintained chapter web pages (pre-wiki)
- Founder and former chapter leader of the original Milwaukee chapter
- "Member-at-Large"
- Chicago chapter (2005-2012)
- Madison chapter (2005-Present)
- Milwaukee chapter (2012-Present)
- Minneapolis-St. Paul chapter (2016-Present)
Non-OWASP Involvement
- ACFEA (Armed Forces Communications and Electronics Association)
- ACM (Association for Computing Machinery)
- CSA (Cloud Security Alliance)
- EFF (Electronic Frontier Foundation)
- IACR (International Association for Cryptologic Research)
- IATFF (Information Assurance Technical Framework Forum)
- IEEE (Institute of Electrical & Electronics Engineers)
- IIA (Institute of Internal Auditors), Milwaukee Chapter
- Research Committee
- IMI (Identity Management Institute)
- Intel Security SPAC (Security Product Advisory Council)
- ISACA (Information Systems Audit and Control Association), Kettle Moraine Chapter
- ISoc (Internet Society)
- NIST (National Institute of Standards and Technology) ITL (Information Technology Laboratory) CSD (Computer Security Division) CTG (Cryptographic Technology Group) Cryptographic Key Management Project
- SANS Institute (System administration, Audit, Networking and Security Institute) Mentor Program
- WASC (Web Application Security Consortium)
"Credentials"
Certifications
- CIAM - Certified Identity and Access Manager
- CIRM - Certified Identity Risk Manager
- ACE - AccessData Certified Examiner
- CCISO - Certified Chief Information Security Officer
- CISM - Certified Information Security Manager
- CCSK - Certified in Cloud Security Knowledge
- CRMA - Certified in Risk Management Assurance
- GCFA - GIAC Certified Forensic Analyst
- ITIL - Foundation Certified (Version 3)
- CISA - Certified Information Systems Auditor
- CEH - Certified Ethical Hacker
- CHS - Certified in Homeland Security (Level III)
- GSNA - GIAC-certified Systems and Network Auditor
Education
- Master of Science, Information Assurance, Capitol Technology University
- Bachelor of Arts, Psychology & Philosophy, Missouri University of Science & Technology
- Diploma & Linguistic Certification, Russian, Defense Language Institute
Training
- CITI - Human Subjects Research (10/2014)
- IIA - Risk-Based, Process-Oriented & Performance-Driven Operational Auditing (6/2013)
- IIA - Antifraud Controls using Data Mining and Continuous Monitoring Techniques (8/2011)
- ISACA - Auditing & Securing Cloud-Based Services (1/2011)
- ISACA - Information Security Management & Strategies for Implementing IT Governance (12/2010)
- PDS/SOScorp - ITIL v3 Foundation Course (9/2008)
- SANS – Computer Forensics, Investigation, and Response (4/2008)
- Entellus Technology Group – SAP ERP Basis Auditing & Security Risks (12/2007)
- SAP America – Virsa Compliance Calibrator Training (10/2006)
- IIA – SAP ERP Technical Audit (8/2006)
- SPI Dynamics – Web Application Security Assessment with WebInspect (11/2005)
- SANS – Hacker Techniques, Exploits and Incident Handling (10/2005)
- Infosec Institute – Advanced Ethical Hacking: Expert Penetration Testing (1/2005)
- Mile2 – Certified Ethical Hacker Training (7/2004)
- Foundstone – Ultimate Web Hacking (9/2003)
- Siegeworks – Advanced AppAuditor Training (12/2002)
- SANS – Auditing Networks, Perimeters, and Systems (4/2002)
- Sanctum – AppScan AppAuditor Training (5/2001)
- National Cryptologic School - Information Systems Security Engineering (2/2000)
- National Cryptologic School - Operational Information Systems Security (11/1998)