This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

User:Nathan Smolenski

From OWASP
Revision as of 13:28, 20 September 2012 by KateHartmann (talk | contribs) (Creating user page with biography of new user.)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

CISO - 21st Century Insurance; CISA, CISM

10 Years experience in the following areas: IT Risk Management:

  • Implementation of security and risk management strategies
  • Implementation and execution of risk assessment and analysis methodologies (COBIT / ITIL / ISO)
  • Integration of security process and controls into SDLC and other life cycle processes.

Application Security:

  • Development and management of application assurance programs.
  • Implementation of dynamic and static analysis tools
  • Application vulnerability remediation programs
  • Secure SDLC program development
  • PCI-DSS

Information Security Governance & Program development:

  • Development of information security strategies
  • Enterprise Information Security posture assessment
  • Implementation of information security governance programs
  • Metrics / KPI analysis and development

Program Management:

  • Management of large scale Infrastructure projects
  • Internal / external resource management
  • Project / Program governance and compliance
  • Contractual performance / vendor assessment

Incident Management:

  • Coordination and execution of DR/BCP testing
  • Management of security and operational risk events
  • Implementation and management of RCA processes

Training

  • Designing and delivering risk management, security awareness and compliance training

Systems Analysis, Business Analysis & Project Management:

  • Managing technical projects in varying size and scope
  • Leading teams of development and operational staff
  • Organizing and managing business and technical JAD sessions.
  • Requirements management
  • Business process engineering
  • Management of software deployments and enterprise level software implementations
  • Management of UAT / Testing processes and programs

Specialties Application Security, Information Security Governance, Security Standards, IT Process Engineering, Application Vulnerability Testing, Information Systems Audit, Business Analysis, Systems Analysis, Secure Software Development, Project management Technology within Banking / Investment Management / Brokerage / FX Trading / Annuities, Risk Management, DOI / SOX / ICF / PCI-DSS / HIPAA Compliance

Retrieved from "https://wiki.owasp.org/index.php?title=User:Nathan_Smolenski&oldid=136192"