User:Robert Parham

ROBERT F. PARHAM. MBA, CISSP, HITRUST Director, Information Security Practice Marlabs Inc. One Corporate Place South Piscataway, NJ, 08854 (732) 694- 1000 ext. 4200, Cell (732).208.7944 http://www.marlabs.com/services/information-security.html Linkedin: http://www.linkedin.com/profile/view?id=2856120 Email: [email protected] Twitter: http://twitter.com/rparham5050

Biography

Robert is a retired USAF Master Sergeant where who served as Chief, Network Security for the Air Force Personnel Center (AFPC) located in Universal City, Texas. Robert is also former Director, Information Security Governance for Horizon Blue Cross Blue Shield New Jersey. He is currently employed by Marlabs Inc., Headquartered in Piscataway NJ as Director, Information Security Practice, where he is tasked with establishing and managing an Information Security Consulting Practice, which focuses in Healthcare Organization (HCO) Information Security Management. Robert is a Certified Information Systems Professional (CISSP), HITRUST Practitioner, Certified Information Security Manager (candidate), and holds MBA with emphasis in Information Systems Management.

Expertise

Robert has over thirty years of experience as an Information Technology Professional, of which; fifteen have been specifically focused in the discipline of Information Security Management. Robert is a forward-thinking information security leader who introduces cutting edge solutions and strategies to mitigate risk and data breaches that undercut organizational integrity. He leverages subject matter expertise in information security governance, risk management and compliance within Financial Services and Healthcare industry. During his 20 year United State Air Force and 10 year public security career; Robert has displayed leadership skills and a passion for continuous learning to deliver information security to the full satisfaction of both business and technical stakeholders.

Robert’s Specific Competencies

 Business Process Management  Information Security Governance, Risk and Compliance  Identity Access Management  Network Security Monitoring  Network & Host-Based Intrusion Detection  Information Security Policy Development  Security Incident Response Handling  Security, Testing, Evaluation & Vulnerability Assessment  Digital Forensic Investigation  System Access Controls  Information Security Management Metrics  Capability Maturity Model Development  Business Impact Analysis  Information Security Awareness and Training

Accomplishments

 Information Security Governance: Developed enterprise-wide information security governance program for Horizon Blue Cross Blue Shield of New Jersey. Introduced foundation security control framework that ensured regulatory and contractual compliance. Established capability to identify security vulnerabilities, develop corrective action plans and trend analysis metrics that facilitate continuous improvement of the security program.  Security Risk Management: Reduced information security risk across TD Waterhouse organization by developing information risk methodology and approach that was aligned to both the culture and business strategy of the organization.  Network Security & Security Incident Management: Built the first security operations capability for Headquarters Air Force Personnel Center (HQ AFPC) that aligned with the Air Force Computer Emergency Response Team (AFCERT). Mitigated security risk of unauthorized access and/or data modification to vital personal information stored on HQ AFPC database that was tied to all active duty and retired USAF personnel.  Training and Development: Developed sustainable and repeatable training materials and conducted classes that produced 15 certified business continuity assessors at virtual-corporation.  Cambridge Who's Who: Named Robert F. Parham Jr., CISSP, Professional of the Year in Information Security 2011

Professional Background and Education

• MBA, Computer Resources and Information Systems, Webster University, 1998 • BS, Administration of Technical Services and Information Management, Bellevue University, 1995 • Pending Certified Information System Security Manager (CISM), (pending application) 2012 • Certification, Excellence in Corporate Governance, Tulane University Law School, 2006 • Certification, Computer Security Incident Response Team Manager, Carnegie Mellon University, 2005 • Certificate of Information Risk Management, MIS Training Institute, 2002 • HTRUST Practitioner, Health Information Trust Alliance, 2011 • Certified Information System Security Professional (CISSP), since 1999