Secure Info, Corp. Work Values

Daily Duties at Secure Info, Corp.:

What I was hired to do: - Provide expert consulting services to private sector companies in conjunction with the use of a tool that SIC was developing to assist in evaluating levels of compliance within a private sector company. - Helped with the development of that compliance evaluation tool by assisting with the development of regulatory and industry standards content which the tool would use to evaluate compliance levels. I also had to cross-map all related industry and regulatory standards within the content engine of that tool. What I ended up doing: - The evaluation tool failed because the development team could not get the presentation and input functions to work correctly. I was reassigned to the Federal and DOD consultation team retaining my title as Principal Information Engineer. However, in this position I was a team leader for Information Assurance projects. - My team provided compliance evaluation services for the Lockheed Martin C-130J trainer program. We tested the security controls of the simulator systems to ensure they met applicable compliance standards. We also developed in-depth documentation of the simulator systems that contained all system components, applications, and data processed as well the applied security controls. I had to evaluate this information for potential gaps in the security controls that would allow unauthorized access to the simulator systems, sabotage of those systems, or would bring potential harm to the operators and users of those systems. I then had to formulate recommendations to address and mitigate those gaps (findings) and present those results and recommendations to Lockheed Martin senior project management as well as to the Air Force Training Command. - Our efforts on that project prompted Lockheed Martin to have me submit a proposal to extend our involvement on that project for another three years. I developed a proposal that was accepted by Lockheed Martin and SIC was awarded a three year contract worth $1.12M.

What they like about Secure Info, Corp.:

Working in an organization that is technologically advanced, creative, and innovative is critical in your assessment of hiring companies. Less important to you are stability of the organization, the length of time an organization has been in business, and the business' plans for the future. You prefer a fast-moving company that will take risks to achieve its goals and objectives. The length of time the company has been in business is irrelevant. Maintaining status quo is unnecessary. You thrive on change, uncertainty and the upside of potential business risks, especially those associated with innovation. Stability for the long haul is not nearly as important as is working in an atmosphere that is charged with a sense of urgency and constant change.

Tags

CISSP, CISO, Compliance, Governance, IT Audit, Information Security, CIO, Project Management, Program Management, Vulnerability Management, Risk Management, Threat Assessment, NIST SP 800-53, ISO 27001, SOX, COBIT, HIPAA, Penetration Testing

Skills

P&L responsibilities, Sales Support, Software Implementation, Requirements Analysis & Specification, Leadership , Experienced in evaluating and mitigating risks to information assets, facilities, and personnel., Proficient in identifying and evaluating the severity of threats to an organization, its personnel, information assets, and facilities. , Proficient in creating, disseminating and maintaining policies and procedures within an organization., Adept at leading vulnerability and penetration testing efforts against large diverse information system environments., Experience in all 10 domains of information security (CISSP certified), Experience with a broad range of data protection schemas employing various encryption methods., Proficient in developing security-in-depth architecture strategies for protecting information assets.

These are some of the questions we asked our climbers about their experiences with Secure Info, Corp.: