This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "User:Mchalmers"
From OWASP
(→Education & Training) |
|||
Line 1: | Line 1: | ||
<div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa">https://www.owasp.org/images/thumb/8/8e/Chalmers%2C_Matthew.jpg/150px-Chalmers%2C_Matthew.jpg</div><div style="text-align: justify;">I have been doing information security and related work my entire professional career, since earning my bachelor's degree from the [http://www.mst.edu/ Missouri University of Science & Technology] (formerly the University of Missouri-Rolla). I have worked for public, private, government and non-profit organizations in the defense, finance, manufacturing and healthcare industries including the National Security Agency, JPMorgan Chase and Rockwell Automation. Currently I am the Chief IT Auditor for [http://www.marshfieldclinic.org/patients/?page=about_legacy Marshfield Clinic Health System]. I hold the [http://www.isaca.org/cism CISM], [http://www.isaca.org/cisa CISA], [http://www.theiia.org/recent-iia-news/index.cfm?i=16487 CRMA], [http://www.giac.org/certifications/audit/gsna.php GSNA], [http://www.giac.org/certifications/forensics/gcfa.php GCFA], [http://cloudsecurityalliance.org/education/ccsk/ CCSK], [http://www.eccouncil.org/certification/certified_ethical_hacker.aspx CEH] and [http://www.abchs.com/about/ CHS] certifications and I am [http://www.itil-officialsite.com/ ITIL] v3 Foundation certified. I specialize in information technology assessment, audit, compliance, control, governance and security. | <div align="left" style="float: left; margin: 0 4px 0 0; padding: 4px; border: 1px solid #aaa">https://www.owasp.org/images/thumb/8/8e/Chalmers%2C_Matthew.jpg/150px-Chalmers%2C_Matthew.jpg</div><div style="text-align: justify;">I have been doing information security and related work my entire professional career, since earning my bachelor's degree from the [http://www.mst.edu/ Missouri University of Science & Technology] (formerly the University of Missouri-Rolla). I have worked for public, private, government and non-profit organizations in the defense, finance, manufacturing and healthcare industries including the National Security Agency, JPMorgan Chase and Rockwell Automation. Currently I am the Chief IT Auditor for [http://www.marshfieldclinic.org/patients/?page=about_legacy Marshfield Clinic Health System]. I hold the [http://www.isaca.org/cism CISM], [http://www.isaca.org/cisa CISA], [http://www.theiia.org/recent-iia-news/index.cfm?i=16487 CRMA], [http://www.giac.org/certifications/audit/gsna.php GSNA], [http://www.giac.org/certifications/forensics/gcfa.php GCFA], [http://cloudsecurityalliance.org/education/ccsk/ CCSK], [http://www.eccouncil.org/certification/certified_ethical_hacker.aspx CEH] and [http://www.abchs.com/about/ CHS] certifications and I am [http://www.itil-officialsite.com/ ITIL] v3 Foundation certified. I specialize in information technology assessment, audit, compliance, control, governance and security. | ||
<br> | <br> | ||
− | I | + | I've been involved with OWASP since about 2002. You can reach me at '''matthew''' ''dot'' '''chalmers''' ''at'' '''owasp''' ''dot'' '''org'''.</div><br clear="all"><br> |
==OWASP Involvement== | ==OWASP Involvement== | ||
Line 28: | Line 28: | ||
==Non-OWASP Involvement== | ==Non-OWASP Involvement== | ||
<!-- * [http://www.acfei.com/ ACFEI] (American College of Forensic Examiners Institute) | <!-- * [http://www.acfei.com/ ACFEI] (American College of Forensic Examiners Institute) | ||
− | * [http://www.eccouncil.org/ EC-Council] (International Council of Electronic Commerce Consultants) | + | * [http://www.eccouncil.org/ EC-Council] (International Council of Electronic Commerce Consultants) |
− | * [http://www.graftonarealivearts.us/ GALA] (Grafton Area Live Arts) webmaster | + | * [http://www.graftonarealivearts.us/ GALA] (Grafton Area Live Arts) webmaster --> |
+ | * [http://www.phrases.org.uk/meanings/nautical-phrases.html CANOE] (Committee to Ascribe a Nautical Origin to Everything) | ||
* [http://csrc.nist.gov/nissc/1999/program/isso/sld077.htm IATFF] (Information Assurance Technical Framework Forum) | * [http://csrc.nist.gov/nissc/1999/program/isso/sld077.htm IATFF] (Information Assurance Technical Framework Forum) | ||
* [http://www.computer.org/ IEEE Computer Society] [http://www.ieee-security.org/ Technical Committee on Security & Privacy] | * [http://www.computer.org/ IEEE Computer Society] [http://www.ieee-security.org/ Technical Committee on Security & Privacy] | ||
− | + | * [http://www.theiia.org/ IIA] (Institute of Internal Auditors) [http://www.theiia.org/chapters/milwaukee Milwaukee Chapter] | |
− | * [http://www.theiia.org/ IIA] (Institute of Internal Auditors) [http://www.theiia.org/chapters/ | ||
** Secretary & Webmaster, 2011-2012 | ** Secretary & Webmaster, 2011-2012 | ||
** Board of governors, 2009-2011 | ** Board of governors, 2009-2011 | ||
* [http://www.isaca.org/ ISACA] (Information Systems Audit and Control Association) [http://www.isaca-km.org/ Kettle Moraine Chapter] | * [http://www.isaca.org/ ISACA] (Information Systems Audit and Control Association) [http://www.isaca-km.org/ Kettle Moraine Chapter] | ||
− | * [http://www.niap-ccevs.org/ NIAP] (National Information Assurance Partnership) | + | * [http://www.isoc.org/ ISoc] (Internet Society) [http://tools.ietf.org/area/sec/trac/wiki IETF SAAG] (Internet Engineering Task Force Security Area Advisory Group) |
+ | <!-- * [http://www.niap-ccevs.org/ NIAP] (National Information Assurance Partnership) --> | ||
* [http://www.nist.gov/ NIST] (National Institute of Standards and Technology) [http://www.nist.gov/itl/ ITL] [http://www.nist.gov/itl/csd/ CSD] [http://www.nist.gov/itl/csd/ct/ CTG] Cryptographic Key Management Workshop delegate | * [http://www.nist.gov/ NIST] (National Institute of Standards and Technology) [http://www.nist.gov/itl/ ITL] [http://www.nist.gov/itl/csd/ CSD] [http://www.nist.gov/itl/csd/ct/ CTG] Cryptographic Key Management Workshop delegate | ||
* [http://www.pikapp.org/ Pi Kappa Phi], [http://www.pikapps-mst.org/ Gamma Lambda Chapter] | * [http://www.pikapp.org/ Pi Kappa Phi], [http://www.pikapps-mst.org/ Gamma Lambda Chapter] | ||
Line 66: | Line 67: | ||
===Education & Training=== | ===Education & Training=== | ||
− | * Capitol College (8/2012 - | + | * Capitol College (8/2012 - 5/2014, expected) |
− | ** Master | + | ** Master of Science in Information Assurance |
* MISTI/ISACA - Auditing & Securing Cloud-Based Services (1/2011) | * MISTI/ISACA - Auditing & Securing Cloud-Based Services (1/2011) | ||
* ISACA - Information Security Management & Strategies for Implementing IT Governance (12/2010) | * ISACA - Information Security Management & Strategies for Implementing IT Governance (12/2010) | ||
Line 91: | Line 92: | ||
* Naval Security Group Detachment/Naval Center for Information Dominance Detachment at Presidio of Monterey (4/1995 - 7/1996) | * Naval Security Group Detachment/Naval Center for Information Dominance Detachment at Presidio of Monterey (4/1995 - 7/1996) | ||
** Course A-232-0021 (classified) | ** Course A-232-0021 (classified) | ||
− | * University of Missouri-Rolla (8/1990 - 12/1994) | + | * Missouri University of Science & Technology (formerly the University of Missouri-Rolla) (8/1990 - 12/1994) |
− | ** | + | ** Bachelors of Arts in Psychology and Philosophy; minors in Computer Science, History and French |
==Miscellany== | ==Miscellany== | ||
[https://www.facebook.com/mdchalmers http://icons.iconarchive.com/icons/danleech/simple/48/facebook-icon.png][https://www.linkedin.com/in/mdchalmers http://icons.iconarchive.com/icons/danleech/simple/48/linkedin-icon.png][https://plus.google.com/111498867553953764439/about http://icons.iconarchive.com/icons/danleech/simple/48/google-plus-icon.png][https://www.amazon.com/gp/pdp/profile/A1TS7LUEDD6B03 http://icons.iconarchive.com/icons/danleech/simple/48/amazon-icon.png][http://mystatus.skype.com/bigclassic/mdchalmers http://icons.iconarchive.com/icons/danleech/simple/48/skype-icon.png][https://sourceforge.net/users/mchalmers http://s3.coder.io/sourceforge.net.png] | [https://www.facebook.com/mdchalmers http://icons.iconarchive.com/icons/danleech/simple/48/facebook-icon.png][https://www.linkedin.com/in/mdchalmers http://icons.iconarchive.com/icons/danleech/simple/48/linkedin-icon.png][https://plus.google.com/111498867553953764439/about http://icons.iconarchive.com/icons/danleech/simple/48/google-plus-icon.png][https://www.amazon.com/gp/pdp/profile/A1TS7LUEDD6B03 http://icons.iconarchive.com/icons/danleech/simple/48/amazon-icon.png][http://mystatus.skype.com/bigclassic/mdchalmers http://icons.iconarchive.com/icons/danleech/simple/48/skype-icon.png][https://sourceforge.net/users/mchalmers http://s3.coder.io/sourceforge.net.png] | ||
[https://www.xing.com/profile/Matthew_Chalmers http://files.softicons.com/download/social-media-icons/simple-icons-by-dan-leech/png/48x48/xing.png] | [https://www.xing.com/profile/Matthew_Chalmers http://files.softicons.com/download/social-media-icons/simple-icons-by-dan-leech/png/48x48/xing.png] |
Revision as of 19:02, 28 August 2012
I have been doing information security and related work my entire professional career, since earning my bachelor's degree from the Missouri University of Science & Technology (formerly the University of Missouri-Rolla). I have worked for public, private, government and non-profit organizations in the defense, finance, manufacturing and healthcare industries including the National Security Agency, JPMorgan Chase and Rockwell Automation. Currently I am the Chief IT Auditor for Marshfield Clinic Health System. I hold the CISM, CISA, CRMA, GSNA, GCFA, CCSK, CEH and CHS certifications and I am ITIL v3 Foundation certified. I specialize in information technology assessment, audit, compliance, control, governance and security.
OWASP Involvement
OWASP Wiki
OWASP Projects
- Local Chapter Resources
- Certification Project (content owner/reviewer)
- Application Security Requirements Project (interim project manager)
- OWASP EU Summit 2008
- Global Chapter Committee
- Summit 2011
- OWASP Governance Task Force
OWASP Chapters
- Founding member of the original DC Local Chapter (which became the DC-Maryland chapter, then the Washington DC chapter).
- Active member 2004-2005.
- Recorded meeting minutes and maintained chapter web pages (pre-wiki).
- "Member-at-Large" of the Chicago and Madison Local Chapters.
- Founder and former chapter leader of the mailing list-only Milwaukee Local Chapter.
Non-OWASP Involvement
- CANOE (Committee to Ascribe a Nautical Origin to Everything)
- IATFF (Information Assurance Technical Framework Forum)
- IEEE Computer Society Technical Committee on Security & Privacy
- IIA (Institute of Internal Auditors) Milwaukee Chapter
- Secretary & Webmaster, 2011-2012
- Board of governors, 2009-2011
- ISACA (Information Systems Audit and Control Association) Kettle Moraine Chapter
- ISoc (Internet Society) IETF SAAG (Internet Engineering Task Force Security Area Advisory Group)
- NIST (National Institute of Standards and Technology) ITL CSD CTG Cryptographic Key Management Workshop delegate
- Pi Kappa Phi, Gamma Lambda Chapter
- Alumni Housing Corp Historian, 2010-Present
- Webmaster, 2007-Present
- Chaplain, 1993-1995
- SANS Institute (System administration, Audit, Networking and Security Institute)
- UPAF Ride for the Arts
- 75-mile route, 2010-2011
- Highest individual fundraiser on Rockwell Automation team, both years
- 75-mile route, 2010-2011
- Village of Grafton, Wisconsin
- Board of Review, 2010-2012
- Zoning Board of Appeals, 2011-2012
- WASC (Web Application Security Consortium) Articles Peer Review Team member
"Credentials"
Certifications
- CISM - Certified Information Security Manager
- CISA - Certified Information Systems Auditor
- CRMA - Certified in Risk Management Assurance
- GSNA - GIAC-certified Systems and Network Auditor
- GCFA - GIAC Certified Forensic Analyst
- CCSK - Certified in Cloud Security Knowledge
- CEH - Certified Ethical Hacker
- CHS - Certified in Homeland Security (Level III)
- ITIL v3 Foundation Certified
Education & Training
- Capitol College (8/2012 - 5/2014, expected)
- Master of Science in Information Assurance
- MISTI/ISACA - Auditing & Securing Cloud-Based Services (1/2011)
- ISACA - Information Security Management & Strategies for Implementing IT Governance (12/2010)
- PDS/SOScorp - ITIL v3 Foundation Course (9/2008)
- SANS – Computer Forensics, Investigation, and Response (4/2008)
- Entellus Technology Group – SAP ERP Basis Auditing & Security Risks (12/2007)
- SAP America – Virsa Compliance Calibrator Training (10/2006)
- IIA/Deloitte – SAP ERP Technical Audit (8/2006)
- SPI Dynamics – Web Application Security Assessment with WebInspect (11/2005)
- SANS – Hacker Techniques, Exploits and Incident Handling (10/2005)
- Infosec Institute – Advanced Ethical Hacking: Expert Penetration Testing (1/2005)
- EC-Council/Mile2 – Certified Ethical Hacker Training (7/2004)
- Foundstone – Ultimate Web Hacking (9/2003)
- Siegeworks – Advanced AppAuditor Training (12/2002)
- SANS – Auditing Networks, Perimeters, and Systems (4/2002)
- Sanctum – AppScan AppAuditor Training (5/2001)
- Bank One University (1/2001 – 1/2005)
- Numerous business/management courses including Planning and Executing Projects, Understanding Personality Styles, Incident Management, Presentation Skills, SMART Goals, and Using the Gallup Q12
- National Cryptologic School (1/1997 – 1/2001)
- Over 45 classified & unclassified courses including Information Systems Security Engineering, Technical Writing & Documentation, Encryption Key Management, Operational Information Systems Security, Computer Network Exploitation, and Operations Security
- Naval Technical Training Center Detachment/Naval Center for Information Dominance Detachment at Goodfellow AFB (7/1996 - 12/1996)
- Course X3ABR1N333A 011/014 (classified)
- Naval Security Group Detachment/Naval Center for Information Dominance Detachment at Presidio of Monterey (4/1995 - 7/1996)
- Course A-232-0021 (classified)
- Missouri University of Science & Technology (formerly the University of Missouri-Rolla) (8/1990 - 12/1994)
- Bachelors of Arts in Psychology and Philosophy; minors in Computer Science, History and French