Leadership
Mark A. Houpt
Chief Information Security Officer, Chief Security Consultant
MS-ISA | CISSP | CCSP | CEH | CHFI | Security+ | Network+ | A+
***Available for Media Comment***
***Available for Panelist and Conference Session Speaker***
***Available for Consulting***
Summary
Proven security professional and leader of security teams and programs within a Cloud Service environment, specializing in security education, program design and architecture, compliance, and privacy and vendor vulnerability assessments. An expert on the application of FedRAMP, HIPAA, GLBA, SOX, GDPR, and PCI-DSS in a multi-tenant environment. I have a passion for helping the average person and new security professionals understand the why, what, when and how of security.
My current role as CISO is responsible for developing and enhancing an information security program, maintaining compliance with multiple regulations or directives (FedRAMP, HIPAA, PCI-DSS, GDPR), specializing in the documentation, preparing for and conduct of audits, and accomplishing annual compliance checks by the development of a repeatable assurance program that allows for measurement of security posture, year over year. Experienced in the art of communicating control responsibilities in cloud services to customers and internal agents and agencies, preparing for audits and accomplishing annual Service Organizations / Vendor assessment and compliance processes by the development of a repeatable assurance program that allows for measurement of security posture, year over year.
I am an expert in assisting smaller and mid-size companies in presenting their security posture to potential business partners, guiding you through the complex and sometimes daunting process of answering vendor security/posture questionnaires, developing a compliant security program, and remaining compliant with client demands.
Want to know more about Mark and what he does and can do for you? Listen to this October 2018 podcast/interview where Mark describes how he got into this position, how he maintains the certifications he has and his expertise in cloud and data center security.
Education / Certifications
Higher Education:
Western Governors University, MS-Information Security and Assurance 2017
Lincoln Christian University, BA-General Ministry 2010, Cum Laude
Certifications:
- Certified Information Systems Security Professional (CISSP)
- Certified Cloud Security Professional (CCSP)
- Certified Ethical Hacker (CEHv9)
- Computer Hacking Forensic Investigator (CHFIv8)
- Security + (COMPTIA)
- Network + (COMPTIA)
- A+ (COMPTIA)
Specialties
- Technology and Security Leadership, Management and Strategy (Current Chief Information Security Officer, Former Chief Technology Officer in the higher education arena.)
- Cloud Security
- Ethical Hacking
- Network Security
- Physical Security
- Privacy Professional (IAPP, GDPR)
- CRISC Training
- Policy Compliance and Auditing
- Federal Information Security Management Act (FISMA)
- CSP FedRAMP compliance
- Sarbanes-Oxley (SOX)
- Gramm Leach Bliley Act (GLBa)
- Risk Assessment
- COBIT / ITIL
- FAIR
- Citrix ZenApp 6.5
- Windows Server 2008 R2 w (Roles – RDP/DNS/AD/DHCP)
- Server Administration and Management
- Network Administration and Management
- Workstation Administration and Management
Work Experience
Chief Information Security Officer – DataBank, Ltd.
Cloud Service Provider / Data Center Operator
Dallas, Texas
January 2015 – Current
Technical Analyst – Security (Business Application Security) – State Farm Mutual Insurance Company
–
The primary function of a Security Consultant is to perform security-centric design, development, and research on infrastructure technologies and tools; designs and implementations; infrastructure architecture; and upgrades of products recommending and ensuring proper security controls are implemented.
The Security Consultant has a pivotal role in the development of policy, standards, guidelines and strategies, ensuring compliance with laws, regulations and other similar matters in the financial industry to include the assessment of vendors for compliance with GLBa, FinCEN, SARS, FISMA, HIPAA/HITECH, PCI/DSS and others.
President / Chief Consultant – 3rd Wire Technologies
– Current
Provides general IT support, IT management, Information Security and web design support to small and medium sized business clients in central IL and IN. As the Consultant, I have conducted numerous information security assessments and legal and regulatory compliance checks, most recently with a customer requiring FISMA certification. Developed and installed a hybrid cloud / localized backup and recovery program. Conducted and installation of Microsoft Small Business Server and Server 2008 and associated components. Installed and established in working order Google Apps for Business and for Not For Profits.
Chief Technology Officer / Chief Information Security Officer – Lincoln Christian University
–
Lincoln Christian University’s top technology executive. In concert with the cabinet and keeping with organization established strategy, The CTO was responsible for developing policy, the organization’s technical vision, maintaining an annual budget of $800k+, supervising ten employees and leading all aspects of the company’s technology and information security development. Responsible for all facets of Information Security and compliance with related legal and regulatory matters including Sarbanes-Oxley, FERPA, HIPAA, etc. Wrote and implemented the first organizational Information Security Program. Conducted numerous physical and logical security assessments, including jointly hosted sites where tenant relations are involved. Confidentially conducted forensic investigations to comply with HR, legal requirements, and RIAA requests. Ensure software complies with established application security standards. Built, tested and maintained business continuity program. Implemented and maintained numerous security devices including firewalls, VLANS / network security IDS /IPS, and proximity card software and hardware devices.
Sr. Information Security Architect – Sallie Mae, Inc
–
Technical Operations Manager – Four Bytes Inc (AKA Integrity Online)
– January
Workstation Support Specialist – Farm Bureau Insurance
–
Help Desk Technician – Alverno Administrative Services
– June
Cryptologic Technician (Operations) – United States Navy
–
Organizations / Associations
Professional:
(ISC)2
International Association of Privacy Professionals
ASIS International
ISACA
Infragard
Comptia
Community:
Toastmasters International
Lincoln and Logan County Economic Development Partnership (2011-2014)
Courses
- Certified Ethical Hacker
- Computer Hacking Forensic Investigator
- SANS CISSP Bootcamp
- IAPP Privacy Foundations
- MySQL in a Nutshell
- Noel-Levitz Connections Now Customer Service Training
- Microsoft Windows Group Policy
- Interconnecting Cisco Network Devices
- Sidewinder Firewall
- Novell Advanced Administration (Novell 4)
- Bindview NDS and Netware
- ICN Total Vendor Management
- System Scanner IDS (Internet Security Systems)
- Internet Security Scanner (Vulnerability Assessment) (Internet Security Systems)
- Site Scanner (ID/PS) (Internet Security Systems)
- American Management Association Communication and Interpersonal Skills
- Encase Forensics Intermediate Course
- ASIS: Introduction to Physical Security
- Taqua Voice over IP Switch Training
- Cisco Network Associate Training
- Microsoft SQL Server 2000
Serving clients all over the United States.