Executive Overview: Over 20 years of leadership experience in information technology with a specialization in the improvement of business profitability. Experience in the management of the budget with the alignment of information assurance standards. Director and liaison with external agencies, such as law enforcement and other advisory boards to ensure the maintenance of a strong organization security posture.
Strengths and abilities: Simple technical interpretations to executives and non-technical staff, identification of corporate risks and threats. Managing the technical teams to achieve the information assurance approach. Demonstrated development of corporate security policies, procedures, and strategies. Outstanding knowledge of cloud security, continuity planning, vulnerability assessment tools, monitoring, risk management, incident response, managed security services, and compliance audits. Strategic planning and experience with applicable regulatory frameworks and standards (e.g., FISMA, SOX, DIACAP, PCI, and ICD 503)
TS/SCI with CI Poly
What can Mister Terrific do for you?
Feel Good, Feel Better, Feel Wonderful!
Contact Information
JP Hill III
jphill_3rd@hotmail.com
469.844.1525
Senior Consultant III @ From January 2014 to Present (1 year 10 months) Dallas/Fort Worth AreaPresident @ From October 2011 to Present (4 years 1 month) Dallas/Fort Worth AreaDirector of Information Assurance @ Note: This is the now defunct satellite company from Dallas, TX.
Summary:
Functioned as the AOS, Inc. CISO with the strategic roadmap for Information Security, Risk, Audit, and Compliance. Function as the Facility Security Officer (FSO), the Chief Physical Security Officer (CPSO) and the Communications Security (COMSEC).
Key results:
Provided direction in development and implementation of a comprehensive security strategy. Implemented security controls in accordance with customer compliance. Created and enforced client information security standards. Managed corporate security policies, standards and procedures. Assessed security controls and metrics reporting regarding security and compliance data. From May 2012 to February 2014 (1 year 10 months) Dallas/Fort Worth AreaInformation System Security Officer - Information Assurance Manager @ Summary:
Delivered satellite solutions to customers as well as Tier 2 and 3 support for customer satellite systems. Operated as a Pre-Sales Engineer to define customer needs and design solutions. Provided support as a Post-Sales Engineer to ensure delivery, installation and operation of customer purchased products.
Key results:
Aligned client IA structure with the NIST 800-53 and ICD 503 security controls. Created and enforced client information security policies, standards and procedures. Monitored compliance with information technology standards. From May 2012 to February 2014 (1 year 10 months) McLean, VirginiaVP, Information Assurance @ Define and facilitate the risk assessment process, including the reporting and oversight of treatment efforts to address findings. Assist in the creation of the corporate and client information security training. Create corporate security policies, standards, and procedures. Ensure programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings. Develop continuity and disaster recovery strategies. Guarantee the framework for the governance of enterprise assets through assessments. Recommendation of security products and solutions based on customer and corporate requirements. From August 2011 to January 2014 (2 years 6 months) Waxahachie, TXInformation Assurance Practice Manager @ • Assisted in procurement and business development with the security responses to proposals
• Developed the corporate Information Assurance (IA) strategy
• Aligned the IA strategy to with company goals and objectives
• Ensured information security exists throughout company processes
• Created security architectures for customer demonstrations and presentations
• Initiated the corporate IA marketing strategy
• Managed IA related budgeting and staffing activities
• Managed the development and implementation of customer enterprise security applications
• Developed and maintained relationships with internal client organizations
• Ensure infrastructure and application security requirements
• Evaluated and implemented security Service Level Agreements and performance
Program Manager (US Mint)
FISMA Compliance
Certification and Accreditation Engineer/Program Manager, United States Mint Contract:
• Managed a team of security engineers, who wrote and updated security documentation based on the guidelines in the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-37 as well as US Mint policy updates
• Identified and evaluated risks to provide management with information for resolutions
• Assisted management in the construction of the Plan of Action and Milestone (POA&M) reports
• Provided consulting services for the also testing and reporting on the Contingency Plans and Disaster Recovery Plans in accordance with the NIST SP 800-84
• Assisted the project teams with security in the System Development Life Cycle (SDLC)
• Evaluated the Mint’s continuity of operation plan (COOP) to ensure the recovery of IT capabilities in the event of a disaster From August 2004 to August 2008 (4 years 1 month) Network Security Manager @ • Responded to incidents and events reviewed security policies
• Examined and analyzed server logs, evaluated and assessed VPN/remote access logs
• Reviewed security accreditation documentation, developed and implemented security metrics
• Reviewed CERT and SANS alerts, reviewed, analyzed and reported firewall logs
• Performed security analysis and testing of new software as well as software patches and updates
• Created security reviews of new hardware devices and analysis and reported on anti-virus updates
• Established risk analysis for disaster recovery planning
• Developed technical analysis, policies, and procedures
• Provided incident response and performed semi-annual testing of response procedures
• Supported security auditing or penetration testing of systems and networks
• Administered network security using Active Directory, users and groups, file and directory permissions, and platform security configuration
• Administered virus detection software and distributed critical virus alerts to end users
• Operated with application owners and business managers to determine security requirements
• Served as the custodian for security administration policies and procedures From January 2001 to August 2004 (3 years 8 months) Reston, VA
Master of Science (MS), Information Assurance @ Capitol College From 2006 to 2010 Bachelor of Science Degree, Information Technology-Cyber Security @ Potomac College-Herndon From 2005 to 2006 JP Hill is skilled in: CISSP, Information Security, Security, Computer Security, Business Continuity, Information Assurance, Vulnerability Assessment, Network Security, Disaster Recovery, Penetration Testing, Program Management, Networking, Vulnerability Management, Information Technology, Governance, Leadership, Project Management, DoD, Computer Forensics, Enterprise Architecture, Risk Management, Management, Security Clearance, NIST, Risk Assessment, Data Center, Information Security..., FISMA, Virtualization, Process Improvement, Budgets, Integration, Software Documentation, Financial Risk, Vendor Management, DIACAP, ITIL, Physical Security, Sarbanes-Oxley Act, Intrusion Detection, PMP, IT Strategy, IT Management, PCI DSS, Security Audits, Compliance, Consulting, Healthcare Information..., Cloud Computing, ICD-503