Difference between revisions of "User:Mchalmers"

From OWASP
Jump to: navigation, search
m
Line 24: Line 24:
 
** Recorded meeting minutes and maintained chapter web pages (pre-wiki).
 
** Recorded meeting minutes and maintained chapter web pages (pre-wiki).
 
* "Member-at-Large" of the [[Chicago]] and [[Madison]] Local Chapters.
 
* "Member-at-Large" of the [[Chicago]] and [[Madison]] Local Chapters.
* Presently organising a new chapter in [[Milwaukee]].
+
* Founder and former chapter leader of the mailing list-only [[Milwaukee]] Local Chapter.
  
 
==Non-OWASP Involvement==
 
==Non-OWASP Involvement==
 
* [http://www.acfei.com/ ACFEI] (American College of Forensic Examiners Institute)
 
* [http://www.acfei.com/ ACFEI] (American College of Forensic Examiners Institute)
 
* [http://www.eccouncil.org/ EC-Council] (International Council of Electronic Commerce Consultants)
 
* [http://www.eccouncil.org/ EC-Council] (International Council of Electronic Commerce Consultants)
* [http://www.graftonarealivearts.us/ GALA] (Grafton Area Live Arts)
+
* [http://www.graftonarealivearts.us/ GALA] (Grafton Area Live Arts) webmaster
** Webmaster
+
 
* [http://csrc.nist.gov/nissc/1999/program/isso/sld077.htm IATFF] (Information Assurance Technical Framework Forum)
 
* [http://csrc.nist.gov/nissc/1999/program/isso/sld077.htm IATFF] (Information Assurance Technical Framework Forum)
* [http://www.computer.org/ IEEE Computer Society]
+
* [http://www.computer.org/ IEEE Computer Society] [http://www.ieee-security.org/ Technical Committee on Security & Privacy]
** [http://www.ieee-security.org/ Technical Committee on Security & Privacy]
+
* [http://www.isoc.org/ ISoc] (Internet Society) [http://tools.ietf.org/area/sec/trac/wiki IETF SAAG] (Internet Engineering Task Force Security Area Advisory Group)
* [http://www.isoc.org/ ISoc] (Internet Society)
+
* [http://www.theiia.org/ IIA] (Institute of Internal Auditors) [http://www.theiia.org/chapters/index.cfm/home.page/cid/19 Milwaukee Chapter]
** [http://tools.ietf.org/area/sec/trac/wiki IETF SAAG] (Internet Engineering Task Force Security Area Advisory Group)
+
** Secretary & Webmaster, 2011-2012
* [http://www.theiia.org/ IIA] (Institute of Internal Auditors)
+
** Board of governors, 2009-2011
** [http://www.theiia.org/chapters/index.cfm/home.page/cid/19 Milwaukee Chapter] board of governors, 2009-2011; Secretary & Webmaster, 2011-2012
+
* [http://www.isaca.org/ ISACA] (Information Systems Audit and Control Association) [http://www.isaca-km.org/ Kettle Moraine Chapter]
* [http://www.isaca.org/ ISACA] (Information Systems Audit and Control Association)
+
** Active member of the [http://www.isaca-km.org/ Kettle Moraine] chapter
+
 
* [http://www.niap-ccevs.org/ NIAP] (National Information Assurance Partnership)
 
* [http://www.niap-ccevs.org/ NIAP] (National Information Assurance Partnership)
* [http://www.nist.gov/ NIST] (National Institute of Standards and Technology)
+
* [http://www.nist.gov/ NIST] (National Institute of Standards and Technology) [http://www.nist.gov/itl/ ITL] [http://www.nist.gov/itl/csd/ CSD] [http://www.nist.gov/itl/csd/ct/ CTG] Cryptographic Key Management Workshop participant
** [http://www.nist.gov/itl/ ITL] [http://www.nist.gov/itl/csd/ CSD] [http://www.nist.gov/itl/csd/ct/ CTG] Cryptographic Key Management Workshop participant
+
 
* [http://www.pikapp.org/ Pi Kappa Phi], [http://www.pikapps-mst.org/ Gamma Lambda Chapter]
 
* [http://www.pikapp.org/ Pi Kappa Phi], [http://www.pikapps-mst.org/ Gamma Lambda Chapter]
** Alumni Housing Corps Historian, Webmaster
+
** Alumni Housing Corp Historian, 2010-Present
 +
** Webmaster, 2007-Present
 +
** Chaplain, 1993-1995
 
* [http://www.sans.org/ SANS Institute] (System administration, Audit, Networking and Security Institute)
 
* [http://www.sans.org/ SANS Institute] (System administration, Audit, Networking and Security Institute)
 
** [http://www.sans.org/mentor/ Mentor] for courses [http://www.sans.org/training/description.php?mid=98 SEC-508]: Computer Forensics, Investigation, and Response; and [http://www.sans.org/training/description.php?mid=6 AUD-507]: Auditing Networks, Perimeters & Systems
 
** [http://www.sans.org/mentor/ Mentor] for courses [http://www.sans.org/training/description.php?mid=98 SEC-508]: Computer Forensics, Investigation, and Response; and [http://www.sans.org/training/description.php?mid=6 AUD-507]: Auditing Networks, Perimeters & Systems
 
* [http://www.village.grafton.wi.us/ Village of Grafton, Wisconsin]
 
* [http://www.village.grafton.wi.us/ Village of Grafton, Wisconsin]
** [http://www.village.grafton.wi.us/index.aspx?nid=290 Board of Review]
+
** [http://www.village.grafton.wi.us/index.aspx?nid=290 Board of Review], 2010-2012
** [http://www.village.grafton.wi.us/index.aspx?NID=289 Zoning Board of Appeals]
+
** [http://www.village.grafton.wi.us/index.aspx?NID=289 Zoning Board of Appeals], 2011-2012
* [http://www.webappsec.org/ WASC] (Web Application Security Consortium)
+
* [http://www.webappsec.org/ WASC] (Web Application Security Consortium) [http://projects.webappsec.org/w/page/13246984/WASC-Community Articles Peer Review Team] member
** [http://projects.webappsec.org/w/page/13246984/WASC-Community WASC Articles Peer Review Team Member]
+
  
 
=="Credentials"==
 
=="Credentials"==

Revision as of 11:19, 8 February 2012

150px-Chalmers%2C_Matthew.jpg
I have been doing information security and related work my entire professional career, since earning my bachelor's degree from the Missouri University of Science & Technology (formerly the University of Missouri-Rolla). I have worked for public, private, government and non-profit organizations in the defense, finance, manufacturing and healthcare industries including the National Security Agency, JPMorgan Chase and Rockwell Automation; currently I am Chief Auditor - Information Technologies at Marshfield Clinic Health System. I hold the CISA, CRMA, GSNA, GCFA, CEH and CHS certifications and I am ITIL v3 Foundation certified. I specialize in information technology assessment, audit, compliance, control, governance, management and security.


I have been involved with OWASP since about 2002 and can be reached at matthew dot chalmers at owasp dot org.


Contents

OWASP Involvement

OWASP Wiki

OWASP Projects

OWASP Chapters

  • Founding member of the original DC Local Chapter (which became the DC-Maryland chapter, then the Washington DC chapter).
    • Active member 2004-2005.
    • Recorded meeting minutes and maintained chapter web pages (pre-wiki).
  • "Member-at-Large" of the Chicago and Madison Local Chapters.
  • Founder and former chapter leader of the mailing list-only Milwaukee Local Chapter.

Non-OWASP Involvement

"Credentials"

Certifications

  • CISA - Certified Information Systems Auditor
  • CRMA - Certified in Risk Management Assurance
  • GSNA - GIAC Certified Systems and Network Auditor
  • GCFA - GIAC Certified Forensic Analyst
  • CEH - Certified Ethical Hacker
  • CHS - Certified in Homeland Security (Level III)

Education & Training

  • MISTI/ISACA - Auditing & Securing Cloud-Based Services (1/2011)
  • ISACA - Information Security Management Course & Strategies for Implementing IT Governance Course (12/2010)
  • PDS/SOScorp - ITIL v3 Foundation Course (9/2008)
  • SANS – Computer Forensics, Investigation, and Response (4/2008)
  • Entellus Technology Group – SAP ERP Basis Auditing & Security Risks (12/2007)
  • SAP America – Virsa Compliance Calibrator Training (10/2006)
  • IIA/Deloitte – SAP ERP Technical Audit (8/2006)
  • SPI Dynamics – Web Application Security Assessment with WebInspect (11/2005)
  • SANS – Hacker Techniques, Exploits and Incident Handling (10/2005)
  • Infosec Institute – Advanced Ethical Hacking: Expert Penetration Testing (1/2005)
  • EC-Council/Mile2 – Certified Ethical Hacker Training (7/2004)
  • Foundstone – Ultimate Web Hacking (9/2003)
  • Siegeworks – Advanced AppAuditor Training (12/2002)
  • SANS – Auditing Networks, Perimeters, and Systems (4/2002)
  • Sanctum – AppScan AppAuditor Training (5/2001)
  • Bank One University (1/2001 – 2/2005)
    • Numerous soft skills courses including Planning and Executing Projects, Understanding Personality Styles, Incident Management, Presentation Skills, SMART Goals, and Using the Gallup Q12
  • National Cryptologic School (2/1997 – 11/2000)
    • Over 45 classified & unclassified courses including Information Systems Security Engineering, Technical Writing & Documentation, Encryption Key Management, Operational Information Systems Security, Computer Network Exploitation, and Operations Security
  • Naval Technical Training Center Detachment/Naval Center for Information Dominance Detachment at Goodfellow AFB (7/1996 - 12/1996)
    • Course X3ABR1N333A 011/014 (classified)
  • Naval Security Group Detachment/Naval Center for Information Dominance Detachment at Presidio of Monterey (4/1995 - 7/1996)
    • Course A-232-0021 (classified)
  • University of Missouri-Rolla (8/1990 - 12/1994)
    • Artium baccalaurei in psychology and philosophy; minors in computer science, history and French

Miscellany

social-linkedin-box-blue-icon.png social-facebook-box-blue-icon.png