Information Security Architect
Resume:
Thomas Keown CISM, CEH
*********@*****.*** Cell 402-***-****
Director of Infrastructure / Information Security Officer
I feel my years as a director of infrastructure has been invaluable as a building block towards becoming a successful IT Governance and Security executive. Hands on experience in all aspects of GRC, including creation of all standards, policies and procedures, and awareness training. Building and managing a nationwide infrastructures has given me valuable insight into “big picture” considerations related to the implementation of security / compliance programs. I have learned how to handle the healthy dynamic tension between the business needs and the need for security. I am able to communicate equally as well with C-Level executives and front line users as well as presenting to large groups of convention attendees.
Information Security
Governance
NIST
HIPAA
PCI-DSS
Regulatory Compliance
Risk Management
Data Lifecycle Management
Nationwide Infrastructure Development
Change Management
Team / Project Management
Internal Audit
Cyber-Security Framework
Risk Awareness Training
Gap Analysis
ITIL/COBIT
Policy and Procedures
Continuous Process Improvement
Multi-Location, Distributed Deployments
Distributed Citrix
Co-Location implementations
Disaster Recovery
System Architecture
Risk Assessment / Impact Analysis
Cloud technologies
Research and Development
Professional Experience
Arizona State Retirement System (ASRS) 2/16 – Present
Chief Information Security Officer
My goal was to protect ASRS information assets against risks in order for those assets to maintain their
confidentiality, integrity and availability, and thus their value to the organization. To date I have:
Written the goals and objectives for the ASRS security program
Developed a full set of information security policies based on risk potential.
Worked to improve the risk based approach to governance.
Selected appropriate NIST controls upon which to build procedures
Provided guidance to build a comprehensive set of fraud control alerts
Hired four information security engineers
Internal Audit Work
Coordinated with the Privacy Officer to create a full data lifecycle management process
Acquired and/or implemented the following tools:
oMcAfee Endpoint Protection
oSecurity Event and Incident Management (SIEM) – Dell Secureworks
oData Loss Prevention (DLP) - Forcepoint
oAutomated Patch Management (SCCM)
oNessus and Nexpose Vulnerability Scanners
oVeracode Application Scanner (static and dynamic)
oNetwork Analysis via Red Seal and SolarWinds
oImplemented a Security Metrics Portal
Current working on:
oPrioritizing and eliminating gaps found in previous gap analysis.
oFocusing on access control and user behavior analytics
oProject steps needed to address the SANS top 20 / Cyber Security Framework
oWorking with other business units to better define system ownership and boundaries.
I regularly interact with C-Level group, Department managers, project stakeholders and Board of Directors to ensure security initiatives are given proper consideration and priorities while still meeting organizational strategic goals. Every month I meet with other state agency ISOs to collaborate on security initiatives and share best practices.
First Data Corporation, Omaha NE (via Tekmark Global Solutions) 8/15 – 12/15
Information Security Engineer
Evaluate all firewall requests from to ensure PCI Compliance
Help review, update, and enforce First Data security standards
Work with infrastructure team to resolve conflicts
Observe and report opportunities to improve security compliance
Mosaic Omaha, Nebraska 2004 – Aug 2015
Mosaic and its legacy companies have been in business for 101 years, providing care, support and advocacy for intellectually challenged individuals. With headquarters on a campus in Omaha, services extend from Arizona to Connecticut.
Director of Infrastructure / Security Officer 2010 – 2015
Manage Infrastructure and Security teams.
Responsible for corporate information security, governance, risk management and HIPAA compliance, including P&P.
Capacity planning, 24/7 high availability builds and all purchasing/budgeting associated with same.
Manage all IT vendor relationships
Prepare for external audits
Oversee proof of concept and research into migrating private cloud into public cloud
Monitor, research and evaluate emerging technologies.
Data Storage and Security Administrator 2004 - 2010
Design and Implementation of Back Up / Disaster Recovery System and Plan
Lead in implementation of COBIT functionality guidelines.
Analyze data growth and storage needs in conjunction with building storage to stay ahead of needs.
Evaluate enterprise wide security in home office and hosted facility.
Administer accounts and folder security for nationwide data farm.
Key in researching, designing and building linux based private cloud..
Lead in implementing nationwide conversion from local networks to thin client / server system.
Assist in transition from Exchange email to Google Apps for email and calendaring
Chairman, Board of Directors – Lutheran Information Technology Network
2010 – Present (a volunteer position)
LITN (Lutheran Information Technology Network) is an affinity group under the Lutheran
Services of America (LSA) umbrella. There are approximately 40 member organizations in
LITN. We meet twice a year for topical conferences. LITN also has a list-serve that allows
members to share ideas, product experiences and provide mutual assistance. LITN provides
help and guidance for smaller LSA agencies that don't have full time IT departments.
Gateway Computer Company North Sioux City, SD 2002 – 2004
Business Technical Support
Trained as consumer technical support representative
Promoted to Business technical support
Selected for advanced support to include wireless, networking and peripherals.
Sales and Marketing Various 1984 – 2002
Worked in direct sales and marketing capacity for 20 years with various companies in the Lincoln, Omaha and Sioux City areas.
Technical Proficiencies
Platforms: Windows (Desktop) 9x – Windows 8, MS Active Directory,Citrix XenDesktop 7.1, Linux (Desktop) Ubuntu/SuSE Windows (Server) 2000/2003/2008R2/2012R2, Linux (Server) Ubuntu / SuSE /CentOS/Kubuntu
Networking: LAN/WAN Administration,Wireless, Fiber Channel Fabric Management
Hardware: Dell Rack Servers, IBM Blade Center, Compellent SAN, Meraki Wireless and wired switches, Cisco Fiber Switches, Multiple local and IP based auxiliary components. Various NAS devices
Tools: CoBIT, ITIL, Splunk, RedSeal, Forcepoint, Secureworks, Nessus/Tenable, Metasploit, OpenLdap, Norton/Symantec Utilities, Cacti, Snort, Fabric Manager, Nagios, Cron, Rsync, ACL permissions
Languages: Understand Shell and Perl but do only very basic scripting
Education
CEH Certification April 2014
CISM Certification - ISACA July 2013
University of Nebraska – Omaha Bachelors degree 8/2010
University of Nebraska – Omaha Masters Degree – MIS - enrolled
A+ Certification Certified March 2003
Windows 2000 Pro Certified March 2003
Windows 2000 Server Certified May 2003
Linux + Certified May 2006
Xiotech Certified Engineer- SAN Storage Certified January 2007
VMWare Training New Horizons
US Army (Honorable Discharge) Radio and Computer Repair
Professional Memberships
ISACA
Contact this candidate