Chief Information Security Officer
Chief Security Consultant
MS-ISA | CISSP | CCSP | CEH | CHFI | Security+ | Network+ | A+
***Available for Media Comment***
***Available for Panelist and Conference Session Speaker***
***Available for Consulting***
Proven security professional and leader of security teams and programs within a Cloud Service environment, specializing in security education, program design and architecture, compliance, and privacy and vendor vulnerability assessments. An expert on the application of FedRAMP, HIPAA, GLBA, SOX, GDPR, and PCI-DSS in a multi-tenant environment. I have a passion for helping the average person and new security professionals understand the why, what, when and how of security.
My current role as CISO is responsible for developing and enhancing an information security program, maintaining compliance with multiple regulations or directives (FedRAMP, HIPAA, PCI-DSS, GDPR), specializing in the documentation, preparing for and conduct of audits, and accomplishing annual compliance checks by the development of a repeatable assurance program that allows for measurement of security posture, year over year. Experienced in the art of communicating control responsibilities in cloud services to customers and internal agents and agencies, preparing for audits and accomplishing annual Service Organizations / Vendor assessment and compliance processes by the development of a repeatable assurance program that allows for measurement of security posture, year over year.
I am an expert in assisting smaller and mid-size companies in presenting their security posture to potential business partners, guiding you through the complex and sometimes daunting process of answering vendor security/posture questionnaires, developing a compliant security program, and remaining compliant with client demands.
Want to know more about Mark and what he does and can do for you? Listen to this October 2018 podcast/interview where Mark describes how he got into this position, how he maintains the certifications he has and his expertise in cloud and data center security.
Education / Certifications
Western Governors University, MS-Information Security and Assurance 2017
Lincoln Christian University, BA-General Ministry 2010, Cum Laude
– Certified Information Systems Security Professional (CISSP)
– Certified Cloud Security Professional (CCSP)
– Certified Ethical Hacker (CEHv9)
– Computer Hacking Forensic Investigator (CHFIv8)
– Security + (COMPTIA)
– Network + (COMPTIA)
– A+ (COMPTIA)
– Technology and Security Leadership, Management and Strategy (Current Chief Information Security Officer, Former Chief Technology Officer in the higher education arena.)
– Cloud Security
– Ethical Hacking
– Network Security
– Physical Security
– Privacy Professional (IAPP, GDPR)
– CRISC Training
– Policy Compliance and Auditing
– Federal Information Security Management Act (FISMA)
– CSP FedRAMP compliance
– Sarbanes-Oxley (SOX)
– Gramm Leach Bliley Act (GLBa)
– Risk Assessment
– COBIT / ITIL
– Citrix ZenApp 6.5
– Windows Server 2008 R2 w (Roles – RDP/DNS/AD/DHCP)
– Server Administration and Management
– Network Administration and Management
– Workstation Administration and Management
Chief Information Security Officer – DataBank, Ltd.
Cloud Service Provider / Data Center Operator
January 2015 – Current
The primary function of a Security Consultant is to perform security-centric design, development, and research on infrastructure technologies and tools; designs and implementations; infrastructure architecture; and upgrades of products recommending and ensuring proper security controls are implemented.
The Security Consultant has a pivotal role in the development of policy, standards, guidelines and strategies, ensuring compliance with laws, regulations and other similar matters in the financial industry to include the assessment of vendors for compliance with GLBa, FinCEN, SARS, FISMA, HIPAA/HITECH, PCI/DSS and others.
Provides general IT support, IT management, Information Security and web design support to small and medium sized business clients in central IL and IN. As the Consultant, I have conducted numerous information security assessments and legal and regulatory compliance checks, most recently with a customer requiring FISMA certification. Developed and installed a hybrid cloud / localized backup and recovery program. Conducted and installation of Microsoft Small Business Server and Server 2008 and associated components. Installed and established in working order Google Apps for Business and for Not For Profits.
Lincoln Christian University’s top technology executive. In concert with the cabinet and keeping with organization established strategy, The CTO was responsible for developing policy, the organization’s technical vision, maintaining an annual budget of $800k+, supervising ten employees and leading all aspects of the company’s technology and information security development. Responsible for all facets of Information Security and compliance with related legal and regulatory matters including Sarbanes-Oxley, FERPA, HIPAA, etc. Wrote and implemented the first organizational Information Security Program. Conducted numerous physical and logical security assessments, including jointly hosted sites where tenant relations are involved. Confidentially conducted forensic investigations to comply with HR, legal requirements, and RIAA requests. Ensure software complies with established application security standards. Built, tested and maintained business continuity program. Implemented and maintained numerous security devices including firewalls, VLANS / network security IDS /IPS, and proximity card software and hardware devices.
Workstation Support Specialist – Farm Bureau Insurance
Organizations / Associations
International Association of Privacy Professionals
Lincoln and Logan County Economic Development Partnership (2011-2014)
Certified Ethical Hacker
Computer Hacking Forensic Investigator
SANS CISSP Bootcamp
IAPP Privacy Foundations
MySQL in a Nutshell
Noel-Levitz Connections Now Customer Service Training
Microsoft Windows Group Policy
Interconnecting Cisco Network Devices
Novell Advanced Administration (Novell 4)
Bindview NDS and Netware
ICN Total Vendor Management
System Scanner IDS (Internet Security Systems)
Internet Security Scanner (Vulnerability Assessment) (Internet Security Systems)
Site Scanner (ID/PS) (Internet Security Systems)
American Management Association Communication and Interpersonal Skills
Encase Forensics Intermediate Course
ASIS: Introduction to Physical Security
Taqua Voice over IP Switch Training
Cisco Network Associate Training
Microsoft SQL Server 2000
Last Updated: 9/24/2018