Difference between revisions of "User:Mchalmers"

Revision as of 20:21, 19 June 2016 (view source) Mchalmers (talk | contribs) m (→‎Certifications) ← Older edit		Revision as of 20:22, 19 June 2016 (view source) Mchalmers (talk | contribs) m (→‎Certifications) Newer edit →
Line 81:		Line 81:
	* [http://www.itil-officialsite.com/Qualifications/ITILQualificationLevels/ITILFoundation.aspx ITIL] Foundation Certified (Version 3)		* [http://www.itil-officialsite.com/Qualifications/ITILQualificationLevels/ITILFoundation.aspx ITIL] Foundation Certified (Version 3)
	* [http://www.isaca.org/cisa CISA] - Certified Information Systems Auditor		* [http://www.isaca.org/cisa CISA] - Certified Information Systems Auditor
		+	* [http://www.abchs.com/certification/chsiii.php CHS] - Certified in Homeland Security (Level III)
	* [http://www.eccouncil.org/certification/certified_ethical_hacker.aspx CEH] - Certified Ethical Hacker		* [http://www.eccouncil.org/certification/certified_ethical_hacker.aspx CEH] - Certified Ethical Hacker
−	* [http://www.abchs.com/certification/chsiii.php CHS] - Certified in Homeland Security (Level III)
	* [http://www.giac.org/certifications/audit/gsna.php GSNA] - GIAC-certified Systems and Network Auditor		* [http://www.giac.org/certifications/audit/gsna.php GSNA] - GIAC-certified Systems and Network Auditor
	* [https://www.microsoft.com/en-us/learning/microsoft-certified-professional.aspx MCP] - Microsoft Certified Professional		* [https://www.microsoft.com/en-us/learning/microsoft-certified-professional.aspx MCP] - Microsoft Certified Professional

---

Revision as of 20:22, 19 June 2016

I've worked in the information assurance field my entire professional career, having started out as a US Navy cryptologist at the National Security Agency. I've earned numerous professional certifications such as the CISM and CEH as well as a Master of Science in Information Assurance. I specialize in information, technology, and process assurance, audit, compliance, control, governance, risk, security, and usability. I have a passion for making things better and helping people succeed.

I've been involved with OWASP since about 2002. I can be reached at matthew . chalmers @ owasp . org.

OWASP Involvement

OWASP Wiki

• My wiki contributions

OWASP Projects

• Local Chapter Resources
• Certification Project (content owner/reviewer)
• Application Security Requirements Project (interim project manager)
• OWASP EU Summit 2008
  • OWASP PR Project
• Global Chapter Committee
• OWASP Global Summit 2011
  • Audit Working Session Chair
  • PCI Working Session Co-Chair
  • Fundraising Appeal
• OWASP Governance Task Force
• OWASP Codes of Conduct
  • Certifying Bodies

OWASP Chapters

• Founding member of the original DC Local Chapter (which became the DC-Maryland chapter, then the Washington DC chapter)
  • Active member 2004-2005
  • Recorded meeting minutes and maintained chapter web pages (pre-wiki)
• Founder and former chapter leader of the original Milwaukee chapter
• "Member-at-Large"
  • Chicago chapter (2005-2012)
  • Milwaukee chapter (2005-2016)
  • Madison chapter (2012-2016)
  • Minneapolis-St. Paul chapter (2016-Present)

Non-OWASP Involvement

• ACFEA (Armed Forces Communications and Electronics Association)
• ACM (Association for Computing Machinery)
  • SIGACT (Special Interest Group on Algorithms and Computation Theory)
  • SIGCAS (Special Interest Group on Computers and Society)
  • SIGCHI (Special Interest Group on Computer-Human Interaction)
  • SIGSAC (Special Interest Group on Security, Audit, and Control)
• CSA (Cloud Security Alliance)
• EFF (Electronic Frontier Foundation)
• IACR (International Association for Cryptologic Research)
• IATFF (Information Assurance Technical Framework Forum)
• IEEE (Institute of Electrical & Electronics Engineers)
  • Communications Society
    • Communications and Information Security Technical Committee
  • Computer Society
    • Cybersecurity Community
    • Technical Committee on Security & Privacy
  • Information Theory Society
  • Signal Processing Society Information Forensics and Security Technical Committee
• IIA (Institute of Internal Auditors)
• IMI (Identity Management Institute)
• ISACA (Information Systems Audit and Control Association)
• ISoc (Internet Society)
  • IETF (Internet Engineering Task Force)
    • SAAG (Security Area Advisory Group)
  • IRTF (Internet Research Task Force)
    • CFRG (Crypto Forum Research Group)
• NIST (National Institute of Standards and Technology) ITL (Information Technology Laboratory) CSD (Computer Security Division) CTG (Cryptographic Technology Group)
  • Cryptographic Key Management Project
• SANS Institute (System administration, Audit, Networking and Security Institute)
  • Mentor Program
• WASC (Web Application Security Consortium)
  • Articles Peer Review Team

"Credentials"

Certifications

• CIAM - Certified Identity and Access Manager
• CIRM - Certified Identity Risk Manager
• ACE - AccessData Certified Examiner
• CCISO - Certified Chief Information Security Officer
• CISM - Certified Information Security Manager
• CCSK - Certified in Cloud Security Knowledge
• CRMA - Certified in Risk Management Assurance
• GCFA - GIAC Certified Forensic Analyst
• ITIL Foundation Certified (Version 3)
• CISA - Certified Information Systems Auditor
• CHS - Certified in Homeland Security (Level III)
• CEH - Certified Ethical Hacker
• GSNA - GIAC-certified Systems and Network Auditor
• MCP - Microsoft Certified Professional

Education

• Master of Science, Information Assurance, Capitol Technology University
• Bachelor of Arts, Psychology & Philosophy, Missouri University of Science & Technology

Training

• CITI - Human Subjects Research (10/2014)
• IIA - Risk-Based, Process-Oriented & Performance-Driven Operational Auditing (6/2013)
• IIA - Antifraud Controls using Data Mining and Continuous Monitoring Techniques (8/2011)
• ISACA - Auditing & Securing Cloud-Based Services (1/2011)
• ISACA - Information Security Management & Strategies for Implementing IT Governance (12/2010)
• PDS/SOScorp - ITIL v3 Foundation Course (9/2008)
• SANS – Computer Forensics, Investigation, and Response (4/2008)
• Entellus Technology Group – SAP ERP Basis Auditing & Security Risks (12/2007)
• SAP America – Virsa Compliance Calibrator Training (10/2006)
• IIA – SAP ERP Technical Audit (8/2006)
• SPI Dynamics – Web Application Security Assessment with WebInspect (11/2005)
• SANS – Hacker Techniques, Exploits and Incident Handling (10/2005)
• Infosec Institute – Advanced Ethical Hacking: Expert Penetration Testing (1/2005)
• Mile2 – Certified Ethical Hacker Training (7/2004)
• Foundstone – Ultimate Web Hacking (9/2003)
• Siegeworks – Advanced AppAuditor Training (12/2002)
• SANS – Auditing Networks, Perimeters, and Systems (4/2002)
• Sanctum – AppScan AppAuditor Training (5/2001)
• National Cryptologic School - Information Systems Security Engineering (2/2000)
• National Cryptologic School - Operational Information Systems Security (11/1998)

Social Media Profiles