This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "User:Mchalmers"
From OWASP
(→Training) |
|||
| Line 1: | Line 1: | ||
| − | <div | + | <!-- <style>#toc{float:left}</style> --><div style="float: left; margin-right: 5px; padding: 5px; border: 1px solid #aaa;">https://www.owasp.org/images/thumb/8/8e/Chalmers%2C_Matthew.jpg/150px-Chalmers%2C_Matthew.jpg</div><div style="float: left; width:60%; text-align: justify; margin-right: 6px;">Currently I'm the Chief Auditor–Information Technology for Marshfield Clinic. I've earned both management and technical certifications such as the CISM and CEH as well as a Master of Science in Information Assurance en route to a Doctor of Science (Sc.D.) expected in 2017. I specialize in information technology audit, compliance, control, governance, risk management, security, and usability. I've been involved with OWASP since about 2002. I can be reached at '''matthew''' ''dot'' '''chalmers''' ''at'' '''owasp''' ''dot'' '''org'''.</div> |
| − | |||
| − | |||
| − | |||
==OWASP Involvement== | ==OWASP Involvement== | ||
===OWASP Wiki=== | ===OWASP Wiki=== | ||
Revision as of 18:05, 26 February 2015
Currently I'm the Chief Auditor–Information Technology for Marshfield Clinic. I've earned both management and technical certifications such as the CISM and CEH as well as a Master of Science in Information Assurance en route to a Doctor of Science (Sc.D.) expected in 2017. I specialize in information technology audit, compliance, control, governance, risk management, security, and usability. I've been involved with OWASP since about 2002. I can be reached at matthew dot chalmers at owasp dot org.
OWASP Involvement
OWASP Wiki
OWASP Projects
- Local Chapter Resources
- Certification Project (content owner/reviewer)
- Application Security Requirements Project (interim project manager)
- OWASP EU Summit 2008
- Global Chapter Committee
- OWASP Global Summit 2011
- OWASP Governance Task Force
- OWASP Codes of Conduct
OWASP Chapters
- Founding member of the original DC Local Chapter (which became the DC-Maryland chapter, then the Washington DC chapter)
- Active member 2004-2005
- Recorded meeting minutes and maintained chapter web pages (pre-wiki)
- Founder and former chapter leader of the original Milwaukee chapter
- "Member-at-Large"
Non-OWASP Involvement
- ACM (Association for Computing Machinery)
- CSA (Cloud Security Alliance)
- EFF (Electronic Frontier Foundation)
- IATFF (Information Assurance Technical Framework Forum)
- IEEE (Institute of Electrical & Electronics Engineers)
- IIA (Institute of Internal Auditors), Milwaukee Chapter
- Research Committee
- ISACA (Information Systems Audit and Control Association), Kettle Moraine Chapter
- ISoc (Internet Society)
- NIST (National Institute of Standards and Technology) ITL (Information Technology Laboratory) CSD (Computer Security Division) CTG (Cryptographic Technology Group) Cryptographic Key Management Project
- SANS Institute (System administration, Audit, Networking and Security Institute) Mentor Program
- WASC (Web Application Security Consortium)
"Credentials"
Certifications
- CISM - Certified Information Security Manager
- CISA - Certified Information Systems Auditor
- CRMA - Certified in Risk Management Assurance
- GSNA - GIAC-certified Systems and Network Auditor
- GCFA - GIAC Certified Forensic Analyst
- CCSK - Certified in Cloud Security Knowledge
- CEH - Certified Ethical Hacker
- CCISO - Certified Chief Information Security Officer
- ACE - AccessData Certified Examiner
- CHS - Certified in Homeland Security (Level III)
- CFR-D - Certified First Responder with Defibrillation
- ITIL Foundation Certified (Version 3)
Education
- Capitol College (2014-2017)
- Doctor of Science, Information Assurance
- Capitol College (2012 - 2014)
- Master of Science, Information Assurance, with honors
- Defense Language Institute (1995 - 1996)
- Diploma & Linguistic Certification, Russian
- University of Missouri-Rolla (1990 - 1994)
- Bachelor of Arts, Psychology & Philosophy
Training
- CITI - Human Subjects Research (10/2014)
- IIA - Risk-Based, Process-Oriented & Performance-Driven Operational Auditing (6/2013)
- IIA/Audimation - Antifraud Controls using Data Mining and Continuous Monitoring Techniques (8/2011)
- MISTI/ISACA - Auditing & Securing Cloud-Based Services (1/2011)
- ISACA - Information Security Management & Strategies for Implementing IT Governance (12/2010)
- PDS/SOScorp - ITIL v3 Foundation Course (9/2008)
- SANS – Computer Forensics, Investigation, and Response (4/2008)
- Entellus Technology Group – SAP ERP Basis Auditing & Security Risks (12/2007)
- SAP America – Virsa Compliance Calibrator Training (10/2006)
- IIA/Deloitte – SAP ERP Technical Audit (8/2006)
- SPI Dynamics – Web Application Security Assessment with WebInspect (11/2005)
- SANS – Hacker Techniques, Exploits and Incident Handling (10/2005)
- Infosec Institute – Advanced Ethical Hacking: Expert Penetration Testing (1/2005)
- Mile2/SMU – Certified Ethical Hacker Training (7/2004)
- Foundstone – Ultimate Web Hacking (9/2003)
- Siegeworks – Advanced AppAuditor Training (12/2002)
- SANS – Auditing Networks, Perimeters, and Systems (4/2002)
- Sanctum – AppScan AppAuditor Training (5/2001)
- National Cryptologic School - Information Systems Security Engineering (2/2000)
- National Cryptologic School - Operational Information Systems Security (11/1999)
- American Red Cross - Emergency Medical Response (5/1995)
