User:Mchalmers

OWASP Involvement

OWASP Wiki

• My wiki contributions

OWASP Projects

• Local Chapter Resources
• Certification Project (content owner/reviewer)
• Application Security Requirements Project (interim project manager)
• OWASP EU Summit 2008
  • OWASP PR Project
• Global Chapter Committee
• OWASP Global Summit 2011
  • Audit Working Session Chair
  • PCI Working Session Co-Chair
  • Fundraising Appeal
• OWASP Governance Task Force
• OWASP Codes of Conduct
  • Certifying Bodies

OWASP Chapters

• Founding member of the original DC Local Chapter (which became the DC-Maryland chapter, then the Washington DC chapter)
  • Active member 2004-2005
  • Recorded meeting minutes and maintained chapter web pages (pre-wiki)
• Founder and former chapter leader of the original Milwaukee chapter
• "Member-at-Large"
  • Chicago chapter (2005-2011)
  • Madison chapter (2005-Present)
  • Milwaukee chapter (2012-Present)

Non-OWASP Involvement

• ACM (Association for Computing Machinery)
  • SIGCHI (Special Interest Group on Computer-Human Interaction)
  • SIGSAC (Special Interest Group on Security, Audit, and Control)
• CSA (Cloud Security Alliance)
• EFF (Electronic Frontier Foundation)
• IACR (International Association for Cryptologic Research)
• IATFF (Information Assurance Technical Framework Forum)
• IEEE (Institute of Electrical & Electronics Engineers)
  • Communications Society
    • Communications and Information Security Technical Committee
    • eHealth Technical Committee
  • Computer Society
    • Technical Committee on Security & Privacy
  • Information Theory Society
  • Life Sciences Community
  • Signal Processing Society Information Forensics and Security Technical Committee
  • Spectrum Forecasters
• IIA (Institute of Internal Auditors), Milwaukee Chapter
  • Research Committee
• IMI (Identity Management Institute)
• ISACA (Information Systems Audit and Control Association), Kettle Moraine Chapter
• ISoc (Internet Society)
  • IETF (Internet Engineering Task Force)
    • SAAG (Security Area Advisory Group)
• NIST (National Institute of Standards and Technology) ITL (Information Technology Laboratory) CSD (Computer Security Division) CTG (Cryptographic Technology Group) Cryptographic Key Management Project
• SANS Institute (System administration, Audit, Networking and Security Institute) Mentor Program
• WASC (Web Application Security Consortium)
  • Articles Peer Review Team

"Credentials"

Certifications

• CIRM - Certified Identity Risk Manager
• ACE - AccessData Certified Examiner
• CCISO - Certified Chief Information Security Officer
• CISM - Certified Information Security Manager
• CCSK - Certified in Cloud Security Knowledge
• CRMA - Certified in Risk Management Assurance
• GCFA - GIAC Certified Forensic Analyst
• ITIL - Foundation Certified (Version 3)
• CISA - Certified Information Systems Auditor
• CEH - Certified Ethical Hacker
• CHS - Certified in Homeland Security (Level III)
• GSNA - GIAC-certified Systems and Network Auditor
• GSEC - GIAC Security Essentials Certified
• MCP - Microsoft Certified Professional
• CFR-D - Certified First Responder with Defibrillation

Education

• Capitol College (2014-2017)
  • Doctor of Science, Information Assurance
• Capitol College (2012 - 2014)
  • Master of Science, Information Assurance, with honors
• Defense Language Institute (1995 - 1996)
  • Diploma & Linguistic Certification, Russian
• University of Missouri-Rolla (1990 - 1994)
  • Bachelor of Arts, Psychology & Philosophy

Training

• CITI - Human Subjects Research (10/2014)
• IIA - Risk-Based, Process-Oriented & Performance-Driven Operational Auditing (6/2013)
• IIA/Audimation - Antifraud Controls using Data Mining and Continuous Monitoring Techniques (8/2011)
• MISTI/ISACA - Auditing & Securing Cloud-Based Services (1/2011)
• ISACA - Information Security Management & Strategies for Implementing IT Governance (12/2010)
• PDS/SOScorp - ITIL v3 Foundation Course (9/2008)
• SANS – Computer Forensics, Investigation, and Response (4/2008)
• Entellus Technology Group – SAP ERP Basis Auditing & Security Risks (12/2007)
• SAP America – Virsa Compliance Calibrator Training (10/2006)
• IIA/Deloitte – SAP ERP Technical Audit (8/2006)
• SPI Dynamics – Web Application Security Assessment with WebInspect (11/2005)
• SANS – Hacker Techniques, Exploits and Incident Handling (10/2005)
• Infosec Institute – Advanced Ethical Hacking: Expert Penetration Testing (1/2005)
• Mile2/SMU – Certified Ethical Hacker Training (7/2004)
• Foundstone – Ultimate Web Hacking (9/2003)
• Siegeworks – Advanced AppAuditor Training (12/2002)
• SANS – Auditing Networks, Perimeters, and Systems (4/2002)
• Sanctum – AppScan AppAuditor Training (5/2001)
• National Cryptologic School - Information Systems Security Engineering (2/2000)
• National Cryptologic School - Operational Information Systems Security (11/1999)
• American Red Cross - Emergency Medical Response (5/1995)

Miscellany