Thomas Keown CISM, CEH

ac2qjj@r.postjobfree.com Cell 402-***-****

Director of Infrastructure / Information Security Officer

I feel my years as a director of infrastructure has been invaluable as a building block towards becoming a successful IT Governance and Security executive. Hands on experience in all aspects of GRC, including creation of all standards, policies and procedures, and awareness training. Building and managing a nationwide infrastructures has given me valuable insight into “big picture” considerations related to the implementation of security / compliance programs. I have learned how to handle the healthy dynamic tension between the business needs and the need for security. I am able to communicate equally as well with C-Level executives and front line users as well as presenting to large groups of convention attendees.

Information Security

Governance

NIST

HIPAA

PCI-DSS

Regulatory Compliance

Risk Management

Data Lifecycle Management

Nationwide Infrastructure Development

Change Management

Team / Project Management

Internal Audit

Cyber-Security Framework

Risk Awareness Training

Gap Analysis

ITIL/COBIT

Policy and Procedures

Continuous Process Improvement

Multi-Location, Distributed Deployments

Distributed Citrix

Co-Location implementations

Disaster Recovery

System Architecture

Risk Assessment / Impact Analysis

Cloud technologies

Research and Development

Professional Experience

Arizona State Retirement System (ASRS) 2/16 – Present

Chief Information Security Officer

My goal was to protect ASRS information assets against risks in order for those assets to maintain their

confidentiality, integrity and availability, and thus their value to the organization. To date I have:

Written the goals and objectives for the ASRS security program

Developed a full set of information security policies based on risk potential.

Worked to improve the risk based approach to governance.

Selected appropriate NIST controls upon which to build procedures

Provided guidance to build a comprehensive set of fraud control alerts

Hired four information security engineers

Internal Audit Work

Coordinated with the Privacy Officer to create a full data lifecycle management process

Acquired and/or implemented the following tools:

oMcAfee Endpoint Protection

oSecurity Event and Incident Management (SIEM) – Dell Secureworks

oData Loss Prevention (DLP) - Forcepoint

oAutomated Patch Management (SCCM)

oNessus and Nexpose Vulnerability Scanners

oVeracode Application Scanner (static and dynamic)

oNetwork Analysis via Red Seal and SolarWinds

oImplemented a Security Metrics Portal

Current working on:

oPrioritizing and eliminating gaps found in previous gap analysis.

oFocusing on access control and user behavior analytics

oProject steps needed to address the SANS top 20 / Cyber Security Framework

oWorking with other business units to better define system ownership and boundaries.

I regularly interact with C-Level group, Department managers, project stakeholders and Board of Directors to ensure security initiatives are given proper consideration and priorities while still meeting organizational strategic goals. Every month I meet with other state agency ISOs to collaborate on security initiatives and share best practices.

First Data Corporation, Omaha NE (via Tekmark Global Solutions) 8/15 – 12/15

Information Security Engineer

Evaluate all firewall requests from to ensure PCI Compliance

Help review, update, and enforce First Data security standards

Work with infrastructure team to resolve conflicts

Observe and report opportunities to improve security compliance

Mosaic Omaha, Nebraska 2004 – Aug 2015

Mosaic and its legacy companies have been in business for 101 years, providing care, support and advocacy for intellectually challenged individuals. With headquarters on a campus in Omaha, services extend from Arizona to Connecticut.

Director of Infrastructure / Security Officer 2010 – 2015

Manage Infrastructure and Security teams.

Responsible for corporate information security, governance, risk management and HIPAA compliance, including P&P.

Capacity planning, 24/7 high availability builds and all purchasing/budgeting associated with same.

Manage all IT vendor relationships

Prepare for external audits

Oversee proof of concept and research into migrating private cloud into public cloud

Monitor, research and evaluate emerging technologies.

Data Storage and Security Administrator 2004 - 2010

Design and Implementation of Back Up / Disaster Recovery System and Plan

Lead in implementation of COBIT functionality guidelines.

Analyze data growth and storage needs in conjunction with building storage to stay ahead of needs.

Evaluate enterprise wide security in home office and hosted facility.

Administer accounts and folder security for nationwide data farm.

Key in researching, designing and building linux based private cloud..

Lead in implementing nationwide conversion from local networks to thin client / server system.

Assist in transition from Exchange email to Google Apps for email and calendaring

Chairman, Board of Directors – Lutheran Information Technology Network

2010 – Present (a volunteer position)

LITN (Lutheran Information Technology Network) is an affinity group under the Lutheran

Services of America (LSA) umbrella. There are approximately 40 member organizations in

LITN. We meet twice a year for topical conferences. LITN also has a list-serve that allows

members to share ideas, product experiences and provide mutual assistance. LITN provides

help and guidance for smaller LSA agencies that don't have full time IT departments.

Gateway Computer Company North Sioux City, SD 2002 – 2004

Business Technical Support

Trained as consumer technical support representative

Promoted to Business technical support

Selected for advanced support to include wireless, networking and peripherals.

Sales and Marketing Various 1984 – 2002

Worked in direct sales and marketing capacity for 20 years with various companies in the Lincoln, Omaha and Sioux City areas.

Technical Proficiencies

Platforms: Windows (Desktop) 9x – Windows 8, MS Active Directory,Citrix XenDesktop 7.1, Linux (Desktop) Ubuntu/SuSE Windows (Server) 2000/2003/2008R2/2012R2, Linux (Server) Ubuntu / SuSE /CentOS/Kubuntu

Networking: LAN/WAN Administration,Wireless, Fiber Channel Fabric Management

Hardware: Dell Rack Servers, IBM Blade Center, Compellent SAN, Meraki Wireless and wired switches, Cisco Fiber Switches, Multiple local and IP based auxiliary components. Various NAS devices

Tools: CoBIT, ITIL, Splunk, RedSeal, Forcepoint, Secureworks, Nessus/Tenable, Metasploit, OpenLdap, Norton/Symantec Utilities, Cacti, Snort, Fabric Manager, Nagios, Cron, Rsync, ACL permissions

Languages: Understand Shell and Perl but do only very basic scripting

Education

CEH Certification April 2014

CISM Certification - ISACA July 2013

University of Nebraska – Omaha Bachelors degree 8/2010

University of Nebraska – Omaha Masters Degree – MIS - enrolled

A+ Certification Certified March 2003

Windows 2000 Pro Certified March 2003

Windows 2000 Server Certified May 2003

Linux + Certified May 2006

Xiotech Certified Engineer- SAN Storage Certified January 2007

VMWare Training New Horizons

US Army (Honorable Discharge) Radio and Computer Repair

Professional Memberships

ISACA

Contact this candidate