This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
User:Mchalmers
From OWASP
I've been passionate about security and usability my entire life; I've been doing security and usability related work my entire career. I've earned the CISM, CISA, CRMA, CEH, and other certifications as well as a master of science in information assurance en route to a doctor of science (Sc.D.) expected in 2017. I specialize in information technology audit, compliance, control, governance, risk management, and usability.
I've been involved with OWASP since about 2002. I can be reached at matthew dot chalmers at owasp dot org.
I've been involved with OWASP since about 2002. I can be reached at matthew dot chalmers at owasp dot org.
OWASP Involvement
OWASP Wiki
OWASP Projects
- Local Chapter Resources
- Certification Project (content owner/reviewer)
- Application Security Requirements Project (interim project manager)
- OWASP EU Summit 2008
- Global Chapter Committee
- OWASP Global Summit 2011
- OWASP Governance Task Force
- OWASP Codes of Conduct
OWASP Chapters
- Founding member of the original DC Local Chapter (which became the DC-Maryland chapter, then the Washington DC chapter)
- Active member 2004-2005
- Recorded meeting minutes and maintained chapter web pages (pre-wiki)
- Founder and former chapter leader of the original Milwaukee chapter
- "Member-at-Large"
Non-OWASP Involvement
- ACM (Association for Computing Machinery)
- CSA (Cloud Security Alliance)
- EFF (Electronic Frontier Foundation)
- IATFF (Information Assurance Technical Framework Forum)
- IEEE (Institute of Electrical & Electronics Engineers)
- IIA (Institute of Internal Auditors), Milwaukee Chapter
- Research Committee
- ISACA (Information Systems Audit and Control Association), Kettle Moraine Chapter
- ISoc (Internet Society)
- NIST (National Institute of Standards and Technology) ITL (Information Technology Laboratory) CSD (Computer Security Division) CTG (Cryptographic Technology Group) Cryptographic Key Management Project
- SANS Institute (System administration, Audit, Networking and Security Institute) Mentor Program
- WASC (Web Application Security Consortium)
"Credentials"
Certifications
- CISM - Certified Information Security Manager
- CISA - Certified Information Systems Auditor
- CRMA - Certified in Risk Management Assurance
- GSNA - GIAC-certified Systems and Network Auditor
- GCFA - GIAC Certified Forensic Analyst
- CCSK - Certified in Cloud Security Knowledge
- CEH - Certified Ethical Hacker
- CCISO - Certified Chief Information Security Officer
- ACE - AccessData Certified Examiner
- CHS - Certified in Homeland Security (Level III)
- CFR-D - Certified First Responder with Defibrillation
- ITIL Foundation Certified (Version 3)
Education
- Capitol College (2014-2017)
- Doctor of Science, Information Assurance
- Capitol College (2012 - 2014)
- Master of Science, Information Assurance, with honors
- Defense Language Institute (1995 - 1996)
- Diploma & Linguistic Certification, Russian
- University of Missouri-Rolla (1990 - 1994)
- Bachelor of Arts, Psychology & Philosophy
Training
- IIA - Risk-Based, Process-Oriented & Performance-Driven Operational Auditing (6/2013)
- IIA/Audimation - Antifraud Controls using Data Mining and Continuous Monitoring Techniques (8/2011)
- MISTI/ISACA - Auditing & Securing Cloud-Based Services (1/2011)
- ISACA - Information Security Management & Strategies for Implementing IT Governance (12/2010)
- PDS/SOScorp - ITIL v3 Foundation Course (9/2008)
- SANS – Computer Forensics, Investigation, and Response (4/2008)
- Entellus Technology Group – SAP ERP Basis Auditing & Security Risks (12/2007)
- SAP America – Virsa Compliance Calibrator Training (10/2006)
- IIA/Deloitte – SAP ERP Technical Audit (8/2006)
- SPI Dynamics – Web Application Security Assessment with WebInspect (11/2005)
- SANS – Hacker Techniques, Exploits and Incident Handling (10/2005)
- Infosec Institute – Advanced Ethical Hacking: Expert Penetration Testing (1/2005)
- Mile2/SMU – Certified Ethical Hacker Training (7/2004)
- Foundstone – Ultimate Web Hacking (9/2003)
- Siegeworks – Advanced AppAuditor Training (12/2002)
- SANS – Auditing Networks, Perimeters, and Systems (4/2002)
- Sanctum – AppScan AppAuditor Training (5/2001)
- National Cryptologic School - Information Systems Security Engineering (2/2000)
- National Cryptologic School - Operational Information Systems Security (11/1999)
- American Red Cross - Emergency Medical Response (5/1995)