Joan Ross, CISSP-ISSAP, NSA IAM-IEM, HISP, FTK, FCC GROL, Project+
ad3zmg@r.postjobfree.com +206-***-**** 15230 Mink RD NE. Woodinville, WA 98052 Career Summary
Cybersecurity leader and technologist with 20+ years of security design, engineering, and architecture experience focused on strategic process improvements, teamwork, and the desire to improve upon programs and incident response capabilities. A teacher, mentor, and policy- builder, able to translate directives and requirements into auditable standards and operating procedures and communicate across audiences. High-integrity approach and the desire to instill in others thoughtful, security-minded conversations to foster continuous improvements. Experience
CISO Advisory Services, President
Jan 2013 – Current, Woodinville, WA
Assisting organizations with cybersecurity strategies to improve design, manage risk, and evolve security architectures for new capabilities and technology installations.
• Associate Professor, City University, Seattle, School for Technology & Computing.
• Student Advisory Board President, City University, Seattle, Center for Cybersecurity Innovation (C4CYI).
• Advisory Board Member, City University, Seattle, Center for Cybersecurity Innovation.
• Adjunct Cybersecurity Professor: Cyber Incident Response, Cyber Threat Assessment, Cyber Forensics, Cyber Vulnerability Assessment course development Jan-July 2023.
• AI Cyber Detection and resilient operation consultations for strategic investment.
• Additional representative engagements upon request. NIST RMF. NIST 800-53. COBIT. InsightCyber, Chief Intelligence Officer
June 2020 - Sep 2022, Woodinville, WA
Design NSA authoritative security metric algorithm and create an original public/private cyber intelligence partnership program for this emerging artificial intelligence, tech start-up. Fortinet, Field CISO
Sept 2018 - Mar 2020, Redmond, WA
Detail threat intelligence and tactics curated by Fortinet Security Labs while developing advanced persistent threat (APT) safeguard architectures for customers. Verizon, Principal Client Partner (Field CISO)
Aug 2015 - Oct 2017, Redmond, WA
Contribute to and present (with Secret Service) on annual Data Breach Investigation Report
(DBIR) with U.S. Secret Service regarding current cyber threat intelligence and APT procedures. Supervise other field CISOs as chief of staff to Security CTO. Avanade, Chief Security Officer
Feb 2014 - Apr 2015, Seattle, WA
Improve and evolve security for the new remote management and service delivery of Joan Ross, CISSP-ISSAP, NSA IAM-IEM, HISP, FTK, FCC GROL, Project+ Exchange, SharePoint, and Lynx technology acquisition services. technology acquisition. Supervise Directors over SDLC and SecOps teams. HISP. ISO/IEC 27002. DocuSign, Chief Security Officer
May 2010 - May 2013, Seattle, WA
First CSO for DocuSign responsible for taking the organization from an $8m start-up to a hyper- growth, world-class, center of operational excellence. ISO/IEC 27001 certified, PCI-DSS, and SSAE audited corporation, surpassing all eSign and security industry security expectations. Supervise audit technical teams.
Microsoft, Security Strategist & Architect
Jul 2007 - Jul 2009, Redmond, WA
Secure design management delivery of programmatic and analytic measurements for online technology, balancing resources, and budget. Advance automation, reporting, and score carding of compliance verifications for over 200+ online security service applications within the Global Foundation Services utilizing frameworks from ISC2, HISP, ISO/IEC 27001, NIST, HIPAA, ITIL. enCircle, President
Jan 2001 – Jun 2007, Seattle, WA
Consult using on a variety of projects to advance security within organizations. Clients included Bill & Melinda Gates Foundation and Microsoft for PCI DSS level one audit compliance. ISO 27001:2005. PCI-DSS. SDLC.
Washington Mutual, Vice President, Information Security Jan 2000 - Dec 2000, Seattle, WA
Create and lead and the first CSIRT, computer forensics, and security risk management teams to liaise with Federal Authorities during audits and investigations. Arthur Andersen, Computer Risk Manager
Jan 1999 - Dec 1999
Create and lead Pacific NW eCommerce risk assessment and technology engagement teams.
WRQ, Security Lead, Technical Support
Oct 1992 - Jan 1999
Co-create WRQ security team to design Reflection Secure encryption software. Provide technical support for single sign-on, web-to-host, network, and firewall software products. EDUCATION
Baylor University — Doctoral Studies, Focus on AI for Cyber Detection. Admitted Aug 2020. University of Washington, Seattle, WA — Master of Science Human Centered Design and Engineering (HCDE) 2010
Previous: Executive Master of Business Administration - First Year Previous: Bachelor of Arts, General Studies (Documentary Production)