User:Mchalmers

From OWASP
Jump to: navigation, search
150px-Chalmers%2C_Matthew.jpg
Currently I'm the Chief Auditor–Information Technology for Marshfield Clinic. I've earned both management and technical certifications such as the CISM and CEH as well as a Master of Science in Information Assurance en route to a Doctor of Science (Sc.D.) expected in 2017. I specialize in information technology audit, compliance, control, governance, risk management, security, and usability. I've been involved with OWASP since about 2002. I can be reached at matthew dot chalmers at owasp dot org.

OWASP Involvement

OWASP Wiki

OWASP Projects

OWASP Chapters

  • Founding member of the original DC Local Chapter (which became the DC-Maryland chapter, then the Washington DC chapter)
    • Active member 2004-2005
    • Recorded meeting minutes and maintained chapter web pages (pre-wiki)
  • Founder and former chapter leader of the original Milwaukee chapter
  • "Member-at-Large"

Non-OWASP Involvement

"Credentials"

Certifications

  • CISM - Certified Information Security Manager
  • CISA - Certified Information Systems Auditor
  • CRMA - Certified in Risk Management Assurance
  • GSNA - GIAC-certified Systems and Network Auditor
  • GCFA - GIAC Certified Forensic Analyst
  • CCSK - Certified in Cloud Security Knowledge
  • CEH - Certified Ethical Hacker
  • CCISO - Certified Chief Information Security Officer
  • ACE - AccessData Certified Examiner
  • CHS - Certified in Homeland Security (Level III)
  • CFR-D - Certified First Responder with Defibrillation
  • ITIL Foundation Certified (Version 3)

Education

Training

  • CITI - Human Subjects Research (10/2014)
  • IIA - Risk-Based, Process-Oriented & Performance-Driven Operational Auditing (6/2013)
  • IIA/Audimation - Antifraud Controls using Data Mining and Continuous Monitoring Techniques (8/2011)
  • MISTI/ISACA - Auditing & Securing Cloud-Based Services (1/2011)
  • ISACA - Information Security Management & Strategies for Implementing IT Governance (12/2010)
  • PDS/SOScorp - ITIL v3 Foundation Course (9/2008)
  • SANS – Computer Forensics, Investigation, and Response (4/2008)
  • Entellus Technology Group – SAP ERP Basis Auditing & Security Risks (12/2007)
  • SAP America – Virsa Compliance Calibrator Training (10/2006)
  • IIA/Deloitte – SAP ERP Technical Audit (8/2006)
  • SPI Dynamics – Web Application Security Assessment with WebInspect (11/2005)
  • SANS – Hacker Techniques, Exploits and Incident Handling (10/2005)
  • Infosec Institute – Advanced Ethical Hacking: Expert Penetration Testing (1/2005)
  • Mile2/SMU – Certified Ethical Hacker Training (7/2004)
  • Foundstone – Ultimate Web Hacking (9/2003)
  • Siegeworks – Advanced AppAuditor Training (12/2002)
  • SANS – Auditing Networks, Perimeters, and Systems (4/2002)
  • Sanctum – AppScan AppAuditor Training (5/2001)
  • National Cryptologic School - Information Systems Security Engineering (2/2000)
  • National Cryptologic School - Operational Information Systems Security (11/1999)
  • American Red Cross - Emergency Medical Response (5/1995)

Miscellany

linkedin-icon.png 592053_47853226208_1055406790_q.jpg academia-small.png photo.jpg acm_logo.gif ba86ae99ee34618394f7418cd801e7a9_normal.jpeg