Chief Information Security Officer @ Los Angeles World Airports
Senior Systems Programmer @ City of Los Angeles
Chief Information Security Officer @ County of Riverside
No education info found.
As Chief Information Security Officer for Los Angeles World Airports, Bob is responsible for information security at LAX International Airport, Ontario International Airport & Van Nuys Airport. Bob’s core expertise is in developing defensive strategies and cyber security operation for critical infrastructure systems. He has fourteen years of professional experience specializing in security operation, risk management, business
As Chief Information Security Officer for Los Angeles World Airports, Bob is responsible for information security at LAX International Airport, Ontario International Airport & Van Nuys Airport. Bob’s core expertise is in developing defensive strategies and cyber security operation for critical infrastructure systems. He has fourteen years of professional experience specializing in security operation, risk management, business continuity planning and computer forensics.
Bob briefed Suzanne E. Spaulding, DHS Under Secretary for National Protection & Programs Directorate, on March 2014 and Thomas Baer, Deputy Director for National Cybersecurity & Communications Integration Center (NCCIC) on May 2015 on Aviation Cyber Security at LAX International Airport. Bob worked with Eileen M. Decker, City of Los Angeles Deputy Mayor for Homeland Security and Public Safety, on architecting the Cyber Intrusion Command Center for City of Los Angeles during 2014-2015. He was an invited panelist consulting eleven ASEAN countries on cyber security led by RSA Executive Chairman Art Coviello (June 2013). He was an invited panelist consulting IDC, Gartner and Forrester analysts at the RSA Conference (February 2014).
Bob was a guest speaker at High Technology Crime Investigation Association, RSA Asia Pacific & Japan 2013 Conference, RSA Security Analytics Summit 2013, RSA Global Summit 2014 and Argyle Executive 2014 CISO Forum.
Bob is a recipient of the CSO Magazine’s CSO40 award (2013) and the Government Technology Magazine’s LA Digital Summit Award (2013). He is a member of the RSA ASOC Customer Advisory Council, Los Angeles Cyber Intrusion Command Center Committee and SoCal CISO Executive Summit.
Specialties: Extensive expertise in SOC operation, SIEM, Malware Detection, GRC, IPS/IDS, Next Gen Firewall, Email Security, Risk Auditing, ISO 27002:2013 and NIST SP800-53 Rev 4
Chief Information Security Officer @ During his current tenure, Bob has successfully designed and built an Advanced Cyber Security Operation Center, implement an IT Business Continuity COOP Plan, implement security awareness and phishing training, performs computer forensics with multiple law enforcements and introduced several security risk management initiatives to measure the effectiveness of the security controls.
Direct all phases of security projects from requirements, secure design, implementation, acceptance testing, support, and maintenance
Architect network infrastructure using security techniques to track advanced persistent threat (APT), spear phishing, drive-by malware, application hacking and other types of cyber threats
Collaborate with DHS to perform risk assessment on critical sensitive systems including a design audit review of an Utility SCADA system
Prevent data exfiltration of intellectual property by customizing SIEM use cases to track any suspicious callback to Command & Control Internet servers
Develop daily intelligence reporting on all cyber threats against Enterprise networks, critical systems, and workstations with seven days trending of threats affecting network environment
Review and approve updates of security intelligence reputation blacklist and malicious domain into the Security Information Event Management
Develop several risk management initiatives to audit the Enterprise networks using SANS Critical Controls, ISO 27002:2013, and NIST standards. In addition, enforce security configuration benchmarks to harden operating systems and applications
Implement Presidential Executive Order 13636 Framework for Improving Critical Infrastructure Cybersecurity using ISO 27001, NIST SP 800-53 Rev 4 and COBIT as informative references
Implement Enterprise Governance, Risk, and Compliance to manage risks with internal security controls and report compliance with regulatory requirements
Align security objectives with business strategies by working with stakeholders From March 2008 to Present (7 years 6 months) Senior Systems Programmer @ Manage an internet infrastructure and cyber security on a Class B Enterprise network. Responsibilities include designing secure architecture, cyber security operation, vulnerability assessments, gap analysis, and computer forensics.
Implement security policies governing corporate security including access control, remote access, email archiving, data classification, mobile devices, NDA and others IT security related policies
Implement vulnerability management to discover and remediate any critical security vulnerabilities
Implement an ongoing risk assessment program which identified critical information assets, remediate threats and vulnerabilities, and implement safeguard through technical controls and security policies
Foster a collaborative approach to implement & enforce security policies, standards, security benchmarks and best practices across the Enterprise networks.
Enforcement of compliance with Federal, State, and Local statutes related to information security and privacy protection including PCI, SB1386, GLBA, SSI, and Title 49 CFR 1520
Experience in security budgeting, contract negotiation, request-for-bid, and security strategic planning From February 2001 to February 2008 (7 years 1 month)
Looking for a different
Get an email address for anyone on LinkedIn with the ContactOut Chrome extension