This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "User:Mchalmers"
From OWASP
m |
m |
||
| Line 1: | Line 1: | ||
| − | <div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Chalmers,_Matthew.jpg|174px]]</div> | + | <div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa;">[[File:Chalmers,_Matthew.jpg|174px]]</div>In my role with US Bancorp I lead second line of defense oversight, governance, and credible challenge of technology processes relating to IAM, authentication, encryption, key management, and API security. |
| − | + | I have written, spoken, and provided training publicly and privately, classified and unclassified, on a range of subjects including cryptography, penetration testing, IT audit, and IT GRC. | |
| − | + | I am currently ABD in pursuit of a doctoral degree in cyber security from Capitol Technology University. My dissertation involves a new approach to researching end-to-end email encryption usability. | |
| − | + | I can be reached at matthew ''dot'' chalmers ''at'' owasp ''dot'' org. | |
<br style="clear: both;"> | <br style="clear: both;"> | ||
Revision as of 02:49, 29 September 2018
I have written, spoken, and provided training publicly and privately, classified and unclassified, on a range of subjects including cryptography, penetration testing, IT audit, and IT GRC.
I am currently ABD in pursuit of a doctoral degree in cyber security from Capitol Technology University. My dissertation involves a new approach to researching end-to-end email encryption usability.
I can be reached at matthew dot chalmers at owasp dot org.
OWASP Involvement
OWASP Wiki
OWASP Projects
- Local Chapter Resources
- Certification Project (content owner/reviewer)
- Application Security Requirements Project (interim project manager)
- OWASP EU Summit 2008
- Global Chapter Committee
- OWASP Global Summit 2011 - see my attendee bio
- OWASP Governance Task Force
- OWASP Codes of Conduct
OWASP Chapters
- Founding member of the original DC Local Chapter (which became the DC-Maryland chapter, then the Washington DC chapter)
- Active member 2004-2005
- Recorded meeting minutes and maintained chapter web pages (pre-wiki)
- Founder and former chapter leader of the original Milwaukee chapter
- "Member-at-Large"
- Chicago chapter (2005-2012)
- Milwaukee chapter (2005-2016)
- Madison chapter (2012-2016)
- Minneapolis-St. Paul chapter (2016-Present)
Non-OWASP Involvement
- ACM (Association for Computing Machinery)
- CANOE (Committee to Ascribe a Nautical Origin to Everything)
- CSA (Cloud Security Alliance)
- EFF (Electronic Frontier Foundation)
- IACR (International Association for Cryptologic Research)
- IATFF (Information Assurance Technical Framework Forum)
- IEEE (Institute of Electrical & Electronics Engineers)
- IIA (Institute of Internal Auditors)
- Milwaukee Chapter Member, 2006-2012 & 2015-2016; Secretary of the Board, 2009-2011
- Madison Chapter Member, 2012-2015; Invited Speaker, 2016
- IMI (Identity Management Institute)
- ISACA (Information Systems Audit and Control Association)
- Kettle Moraine Chapter Member, 2006-2016; Invited Speaker, 2014
- ISoc (Internet Society)
- NIST (National Institute of Standards and Technology)
- SANS Institute (System administration, Audit, Networking and Security Institute)
- Mentor Program
- WASC (Web Application Security Consortium)
"Credentials"
Certifications
- CDP - Certified in Data Protection
- CIAM - Certified Identity and Access Manager
- CIRM - Certified Identity Risk Manager
- ACE - AccessData Certified Examiner
- CCISO - Certified Chief Information Security Officer
- CISM - Certified Information Security Manager
- CCSK - Certified in Cloud Security Knowledge
- CRMA - Certified in Risk Management Assurance
- GCFA - GIAC Certified Forensic Analyst
- ITIL Foundation Certified
- CISA - Certified Information Systems Auditor
- CHS - Certified in Homeland Security
- CEH - Certified Ethical Hacker
- GSNA - GIAC-certified Systems and Network Auditor
- MCP - Microsoft Certified Professional
Training
- CoalFire - Adaptive Penetration Testing (5/2018)
- CITI - Human Subjects Research (10/2014)
- IIA - Risk-Based, Process-Oriented & Performance-Driven Operational Auditing (6/2013)
- IIA - Antifraud Controls using Data Mining and Continuous Monitoring Techniques (8/2011)
- ISACA - Auditing & Securing Cloud-Based Services (1/2011)
- ISACA - Information Security Management & Strategies for Implementing IT Governance (12/2010)
- PDS/SOScorp - ITIL v3 Foundation Course (9/2008)
- SANS - Computer Forensics, Investigation, and Response (4/2008)
- Entellus Technology Group - SAP ERP Basis Auditing & Security Risks (12/2007)
- SAP America - Virsa Compliance Calibrator Training (10/2006)
- IIA - SAP ERP Technical Audit (8/2006)
- SPI Dynamics - Web Application Security Assessment with WebInspect (11/2005)
- SANS - Hacker Techniques, Exploits and Incident Handling (10/2005)
- Infosec Institute - Advanced Ethical Hacking: Expert Penetration Testing (1/2005)
- Mile2 - Certified Ethical Hacker Training (7/2004)
- Foundstone - Ultimate Web Hacking (9/2003)
- Siegeworks - Advanced AppAuditor Training (12/2002)
- SANS - Auditing Networks, Perimeters, and Systems (4/2002)
- Sanctum - AppScan AppAuditor Training (5/2001)
- National Cryptologic School - Information Systems Security Engineering (2/2000)
- National Cryptologic School - Operational Information Systems Security (11/1998)
Education
- Doctor of Science (ABD), Cybersecurity, Capitol Technology University
- Dissertation (WIP): Utility Constraints as Barriers to Adoption of End-to-End Email Encryption Solutions
- Master of Science, Information Assurance, Capitol Technology University
- Bachelor of Arts, Psychology & Philosophy, Missouri University of Science & Technology
- Associate of Arts, Russian, Defense Language Institute
