Keith C. Routzahn
MBA, CISSP, CISM, CISA, CGEIT, PMP
PO Box 973, East Helena, MT, 59635, 406-***-****, abj70c@r.postjobfree.com
Responsible for providing security program development support in implementing
quality security programs and integrating key indicators such as risk
management, performance measurement, and program management for the benefit of
program decision making. Additionally, responsible for providing
administrative, physical, and functional security support for reviewing and
implementing security architectures and security policies. Extensive
experience with ISO, FISMA, HIPAA Privacy and Security, security training,
executive-level security support services, certification and accreditation,
international and federal security regulations, healthcare, security
architectures, security program development and security-focused system
development lifecycle methodologies.
Relevant Experience
Duty First Consulting
Director 2009-present
Working with the Department of Veterans Affairs (VA) Training and Education
division in support of their efforts to map learning events to the InfoSec
parenthetical of the IT Roadmap Competency Model. Activities have included
identifying, evaluating and mapping learning events to competencies and
proficiency levels for the VA's Information Security workforce. Completed
security assessments of various companies.
BearingPoint
Manager 2005-2009
. Superior leadership and knowledge of Information Technology Systems
and Application Programming, Hardware and Software analysis and
implementation, Information Security, Training, Program & Project,
Auditing, Configuration, Quality Assurance, Human Resources Management,
ISO Security, HIPAA Privacy and Security, healthcare, and
policy/procedure development within Healthcare.
. Over 38 years extensive experience with Information Technology management
engaging in the design/development, administration, and operations of IT
system functions or programs. Also managed the delivery of IT services to
a physical location/site.
. In conjunction with HITRUST developed a common security framework for
healthcare. Developed and reviewed controls to ensure compliance with
ISO, HIPAA, NIST, PIC, and CoBIT requirements. Partner with the project
management office ensuring compliance and direction.
. Project Manager for the design and implementation of an Information
System Project Improvement Program for a large Massachusetts state agency
consisting of programs for Enterprise Security Policy/System Security
Plan, Self Assessment, Patch Management, Certification and Accreditation,
Critical Security Function Training/Awareness, Risk Assessment, Physical
security Planning, and Contingency Plan development and testing.
Programs followed standards directed from NIST and FISMA.
Blue Cross Blue Shield Montana
Systems Security Officer/Manager 1988-2005
. Over 17 year's significant healthcare experience in directing IT
programming, help desk management and support, policy and procedures
development, and system security to support HIPAA and CMS privacy and
security based on a congressional initiative, and managing projects and
programs of large cross-functional applications in a matrix environment.
Prepared HIPAA privacy and security programs and managed the collection
and analysis of numerous security-related documentation including
policy/procedure development, risk management plans, vulnerability
assessments, system architectures, system design, incident response
plans, physical security planning, and security awareness and training
documentation. Duties as Systems Security Official supported BCBSMT,
Medicare, and CMS also included an assessment of twelve core security
areas, including technical assessments, targeted surveys, and an
organization assessment based on HIPAA privacy and security, ISO, FISMA,
FISCAM, NIST, and CoBIT standards. Led the Certification and
Accreditation (C&A) process for governmental Medicare A and B initiatives
based on FISMA, NIST, and CoBIT standards for BCBSMT.
. Managed project to implement a security program for Y2K. The project
required significant interaction with multiple, department, contractors
and government employees, as well as the creation of original templates
and deliverables based on ISO and NIST guidance.
. Developed/supported complex computerized programs, systems, and
processes. Performed analysis, design and programming tasks for complex
new/existing systems for a state agency. Prepared programs and reports in
providing support for internal and external information requirements.
Performed system(s) review, quality assurance, testing and documentation
of complex programs/systems. Assisted in problem resolution for
production systems. Coordinated with external agencies to provide support
for developed systems.
. Experienced financial professional with background in implementing
financial systems. Has over 10 years experience in the implementation and
training of financial systems. Established and documented processes to
help insure the continued integrity of financial results through analysis
of trends and fluctuation analysis. Assured entities adhere to worldwide
compliance with general accounting policies and SOX requirements.
Enhanced accounting policies to clarify the types of transactions that
address specific accounts as the complexity and reach of a business
continued to increase.
US Army/Marine Corps
Command Sergeant Major 1969-2006
. 37 years providing leadership, guidance, and adherence to personnel
management, performance, training, appearance, and conduct standards for
personnel in support of security for national defense for the US
Army/Marine Corps. Provided leadership and consultation regarding process
improvements. Managed training, discipline, and team morale for 300+
employees. Successful establishment, implementation, and monitoring of
budgets in excess of $100M and organization's operations budgets worth
billions of dollars. Extensive experience in international and federal
security (policy & procedure), physical security planning and
implementation, cost accounting, business planning, strategic planning,
implementing and directing personnel and training management in
developing high quality units.
Education
. Bachelor of Science Degree, Concentration in Business Management,
University of MT
. Bachelor of Science Degree, Concentration in Business, Rochville
University
. Master's of Business, Rochville University
. Graduate of the Yale School of Management, Executive Leadership
Program
. Training in numerous topics ranging from network fundamentals to
security governance.