SecureAdvisor.com

	Mission
	Background
	Scope
	Projects
	Publications
	Bio
	Contact
	References

Resume: Nigel P. Willson

PDF Version
MS Word Version
Printer Friendly Version

Professional Summary

International Background -- 18 years international security experience gained across England, Australia, France and, the USA. Green card holder.
Director, Security @ Disney -- Establish architecture team, develop successful proactive security management program and, consult to Disney CIO and business units.
Published Author -- Author of security guides, books and, magazine articles.
Security Consultant -- 7+ years hands-on experience consulting to Fortune 500 companies such as, Capital One, Chevron/Texaco, Intel, and World Bank. Published success stories.
Security Engineer -- Develop security protocols and products for U.S. Department of Defense (DoD), e.g., MACDF and WWMCCS.

Experience Summary

Position: Security Consulting Manager
Company: Avaya, Inc.
Location: Pasadena, California, USA
Dates: Aug. 2003 - Present

Lead West region for Risk Mitigation and Managed Security Services within Global Managed Services organization, a division of Avaya, Inc.

Partner with sales channels, i.e., product, services and, business partners to provide business development, pre-sales support and, provide consulting SME expertise for voice and data security.

Focus on strategy, offer development, delivery management, revenue realization, operational efficiencies and, forecasting. Develop, mentor and, manage delivery teams. Provide expert consulting to client base as Trusted Advisor, retainer-based virtual security analyst. Document success stories with marketing.

Research and track security best practices, methodology and international standards such as BS 15000, COBIT, COSO ERMF, ISO 17799, ITIL/ITSM, NIST, NSA IAM, OSSTMM. Focus on risk management and regulatory compliance.

Position: Practice Director, e-Security
Company: Tata Consultancy Services (TCS)
Location: Woodland Hills, California, USA
Dates: Feb. 2002 - Aug. 2003

Developed and operated a new highly successful e-Security Practice providing high-end security consulting to Fortune 500 customers across North America.

Created an innovative business development strategy to market security consulting packages branded as products, namely: Security Health Check (Assessment), Security Code Review, and Security Roadmap (Architecture).
Formed a new e-Security Labs organization to unite security consultants with TCS’ global research, engineering, and testing centers and, synergize thought leadership with real world case studies.
Executed enterprise and e-business focused security client projects to provide managers with a multifaceted view of their company’s security landscape and provide security strategy.
Train TCS engineers on Internet security towards gaining both CISSP and CISA certification.
e-Security Practice was showcased at 2003 RSA Security Conference in San Francisco and is highly recognized in press releases and client case studies.

Position: Senior Consultant / Analyst
Company: The Burton Group
Location: Valencia, California, USA
Dates: Aug. 2000 - Nov. 2001

Led development and expansion of Burton’s security consulting practice.

Participate in standards committees and organizations as an industry security analyst.
Develop Security Reference Architecture with Principles, Technical Positions and, Templates.
Co-Developer of Identity and Access Management (IdM) concepts
Author: Methodology & Best Practices (MBP) Security Project Cookbook
Co-Author Burton’s research report: PKI Vendors, Interoperability & The Market
Senior consultant and industry expert on enterprise security architecture and implementation strategies.
Develop new consulting services packaged and branded as products.
Provide thought leadership and strategy to companies such as Bechtel, Chevron, Intel, and World Bank.

Position: Director, Security & Enterprise Management
Company: Disney Internet Group
Location: North Hollywood, California, USA
Dates: Sept. 1997 - Aug. 2000

Led development of a highly successful I.T. architecture and security program to protect the Internet properties of the Disney Internet Group, a business unit of The Walt Disney Company.

Role was a major challenge and responsibility because Disney has a significant brand name to protect and yet they are a major target of hackers and special interest groups on the Internet.
Conduct security assessments of Disney and their Web hosting partners, Digital Island, Infoseek, Starwave, and UUNET (Worldcom) and address risks and vulnerabilities. Manage relationships.
Unite fragmented IT stakeholders as a team fondly named the ‘brain trust’ to seek consensus and focus upon business-driven ‘secure’ modular and flexible architecture and migration strategy.
Craft and implement a highly successful and proactive security management and operations program that provides necessary standards, change control, process automation, maintenance and, visibility.
Design and build high availability Internet data center based at Orlando, Florida and migrate business critical servers, such as e-commerce and customer databases.
Partner with Gene Kim and Tripwire to develop commercial host-based IDS to detect un-authorized changes, internal or external.
Become technology pilot for Disney’s 26 other business units and a member of Disney Corporate Advanced Technology Strategy team.

Position: Principal Security Consultant
Company: SSDS, Inc.
Location: Fairfax, Virginia, USA
Dates: Sept. 1995 - Aug. 1997

Led as chief security consultant to support pre-sales, develop proposals, negotiate contracts, manage technical project delivery, consult and, manage customer relationships

Focus on security audit and risk assessment, security policy development, network security perimeter architecture, single sign-on architecture and implementation, e-commerce and e-business.
Develop “Security Process Maturity Model” to visualize the building blocks for successful security.
Author of feature article, a 7-page spread on Security Process Maturity Model, published in the June 1997 edition of eBusiness Advisor magazine.
Engaged as chief architect to design and implement a new e-business startup for SOHO services. o Proposed and delivered a multi-million dollar 25 person project for a secure single sign-on (SSO) solution to a major utility in Newark, New Jersey.
Contracted as a consultant to a major financial corporation based in Richmond, Virginia to provide a security assessment, develop a security organization and program and, a secure Internet strategy.
Conducted a security vulnerability assessment, developed an ISO 17799 based security policy and, an Internet strategy for an international law attorney company based in Washington DC.

Position: World-Wide I.S. Security Manager
Company: Bull SA
Location: Paris, France
Dates: June 1992 - Aug. 1995

Transferred from Bull HN in Phoenix to Bull SA headquarters, a part of Groupe Bull to lead the development of corporate-wide security policy, methodology and, strategy for I.S. departments across 22 countries.

Develop network packet filter firewall based on Bull’s UNIX operating system as a secure gateway.
Leverage public domain security tools such as COPS and Tripwire to secure worldwide network of UNIX servers and create scripts to consolidate reported data.
Implement early Web server and Mosaic browser technology to provide a security information server with CERT security alert database. o Develop a set of global and local security policies for applications, networks, and systems and information classification guidelines.
Initiate Security Committee with cross-section of country directors to review, approve and, implement. o Initiate communication program with security managers including monthly newsletters and mailing list.
Establish annual country objectives and develop ‘Security Indicators’, an Excel-based tool to consolidate data metrics and map current results to objectives.

Position: Product Manager / Developer
Company: Bull HN
Location: Phoenix, Arizona, USA
Dates: Oct. 1990 - June 1992

Led product management and development extension of the System Security Manager (SSM) product, a GCOS8 mainframe operating system component.

Developed, supported, and maintained the product and enhanced its usability with security management and administration tools.

Recognition resulted in a transfer to the Bull corporate headquarters in Paris, France.

Position: Product Manager / Developer *
Company: Telecom Australia
Location: Melbourne, Australia
Dates: Jan. 1990 - Oct. 1990

Hired under contract to develop and implement a new Honeywell GCOS8 mainframe operating system component to provide a high performance and reliable Queue Management Service (QMS).

* Under contract: Hank Walsh Associates, 475 Fifth Avenue, New York, NY, USA.

Link between Transaction Processing software (TP8) and new hyper-channel technology connecting regional Telecom Australia databases.
Code was developed in assembler and based upon UNIX FIFO queue management principles.
Critical service was implemented and thoroughly tested and proved to be a major success.

Position: Product Manager / Developer *
Company: Honeywell Federal Systems, Inc.
Location: McLean, Virginia, USA
Dates: Mar. 1986 - Dec. 1989

Hired under contract to develop and implement a new major GCOS8 mainframe operating system component known as, Enhanced Secure Logon (ESLO), a part of the System Security Manager (SSM) product.

* Under contract: Hank Walsh Associates, 475 Fifth Avenue, New York, NY, USA.

Initially developed for U.S. DoD World-Wide Military Command and Control System (WWMCCS) sites, multi-level security code was used successfully in the Gulf War.
Migrated code to the commercial Bull GCOS8 mainframe operating system.
Additionally, managed teams of up to 30 engineers working on development projects such as, Military Airlift Command Deployment Flow (MACDF).