 |
Nigel P.
Willson
Tel.:
661.297.3209
www.secureadvisor.com
nige@secureadvisor.com |
Professional Summary
- International Background -- 18
years international security experience gained across England, Australia,
France and, the USA. Green card holder.
- Director, Security @ Disney --
Establish architecture team, develop successful proactive security management
program and, consult to Disney CIO and business units.
- Published Author -- Author of
security guides, books and, magazine articles.
- Security Consultant -- 7+ years
hands-on experience consulting to Fortune 500 companies such as, Capital One,
Chevron/Texaco, Intel, and World Bank. Published success stories.
- Security Engineer -- Develop
security protocols and products for U.S. Department of Defense (DoD), e.g.,
MACDF and WWMCCS.
Experience Summary
Position: Security Consulting
Manager
Company: Enterprise Security Practice, Avaya, Inc.
Location: Pasadena, California, USA
Dates: Aug. 2003 -
Present
Lead West region for Risk Mitigation
and Managed Security Services within Global Managed Services organization, a
division of Avaya, Inc.
Partner
with sales channels, i.e., product, services and, business partners to provide
business development, pre-sales support and, provide consulting SME expertise
for voice and data security.
Focus
on strategy, offer development, delivery management, revenue realization,
operational efficiencies and, forecasting. Develop, mentor and, manage delivery
teams. Provide expert consulting to client base as Trusted Advisor,
retainer-based virtual security analyst. Document success stories with
marketing.
Research and track
security best practices, methodology and international standards such as BS
15000, COBIT, COSO ERMF, ISO 17799, ITIL/ITSM, NIST, NSA IAM, OSSTMM. Focus on
risk management and regulatory compliance.
Position: Practice Director,
e-Security
Company: Tata Consultancy Services
(TCS)
Location: Woodland Hills, California, USA
Dates:
Feb. 2002 - Aug. 2003
Developed and operated a new highly
successful e-Security Practice providing high-end security consulting to
Fortune 500 customers across North America.
- Created an innovative business
development strategy to market security consulting packages branded as
products, namely: Security Health Check (Assessment), Security Code Review, and
Security Roadmap (Architecture).
- Formed a new e-Security Labs
organization to unite security consultants with TCS’ global research,
engineering, and testing centers and, synergize thought leadership with real
world case studies.
- Executed enterprise and e-business
focused security client projects to provide managers with a multifaceted view
of their company’s security landscape and provide security strategy.
- Train TCS engineers on Internet
security towards gaining both CISSP and CISA certification.
- e-Security Practice was showcased at
2003 RSA Security Conference in San Francisco and is highly recognized in press
releases and client case studies.
Position: Senior Consultant /
Analyst
Company: The Burton Group
Location: Valencia,
California, USA
Dates: Aug. 2000 - Nov. 2001
Led development and expansion of
Burton’s security consulting practice.
- Participate in standards committees and
organizations as an industry security analyst.
- Develop Security Reference Architecture
with Principles, Technical Positions and, Templates.
- Co-Developer of Identity and Access
Management (IdM) concepts
- Author: Methodology & Best
Practices (MBP) Security Project Cookbook
- Co-Author Burton’s research
report: PKI Vendors, Interoperability & The Market
- Senior consultant and industry expert
on enterprise security architecture and implementation strategies.
- Develop new consulting services
packaged and branded as products.
- Provide thought leadership and strategy
to companies such as Bechtel, Chevron, Intel, and World Bank.
Position: Director, Security &
Enterprise Management
Company: Disney Internet Group
Location: North Hollywood, California, USA
Dates: Sept.
1997 - Aug. 2000
Led development of a highly successful
I.T. architecture and security program to protect the Internet properties of
the Disney Internet Group, a business unit of The Walt Disney
Company.
- Role was a major challenge and
responsibility because Disney has a significant brand name to protect and yet
they are a major target of hackers and special interest groups on the Internet.
- Conduct security assessments of Disney
and their Web hosting partners, Digital Island, Infoseek, Starwave, and UUNET
(Worldcom) and address risks and vulnerabilities. Manage relationships.
- Unite fragmented IT stakeholders as a
team fondly named the ‘brain trust’ to seek consensus and focus upon
business-driven ‘secure’ modular and flexible architecture and
migration strategy.
- Craft and implement a highly successful
and proactive security management and operations program that provides
necessary standards, change control, process automation, maintenance and,
visibility.
- Design and build high availability
Internet data center based at Orlando, Florida and migrate business critical
servers, such as e-commerce and customer databases.
- Partner with Gene Kim and Tripwire to
develop commercial host-based IDS to detect un-authorized changes, internal or
external.
- Become technology pilot for
Disney’s 26 other business units and a member of Disney Corporate Advanced
Technology Strategy team.
Position: Principal Security
Consultant
Company: SSDS, Inc.
Location: Fairfax,
Virginia, USA
Dates: Sept. 1995 - Aug. 1997
Led as chief security consultant to
support pre-sales, develop proposals, negotiate contracts, manage technical
project delivery, consult and, manage customer relationships
- Focus on security audit and risk
assessment, security policy development, network security perimeter
architecture, single sign-on architecture and implementation, e-commerce and
e-business.
- Develop “Security Process Maturity
Model” to visualize the building blocks for successful security.
- Author of feature article, a 7-page
spread on Security Process Maturity Model, published in the June 1997 edition
of eBusiness Advisor magazine.
- Engaged as chief architect to design
and implement a new e-business startup for SOHO services. o Proposed and
delivered a multi-million dollar 25 person project for a secure single sign-on
(SSO) solution to a major utility in Newark, New Jersey.
- Contracted as a consultant to a major
financial corporation based in Richmond, Virginia to provide a security
assessment, develop a security organization and program and, a secure Internet
strategy.
- Conducted a security vulnerability
assessment, developed an ISO 17799 based security policy and, an Internet
strategy for an international law attorney company based in Washington DC.
Position: World-Wide I.S. Security
Manager
Company: Bull SA
Location: Paris, France
Dates: June 1992 - Aug. 1995
Transferred from Bull HN in Phoenix to
Bull SA headquarters, a part of Groupe Bull to lead the development of
corporate-wide security policy, methodology and, strategy for I.S. departments
across 22 countries.
- Develop network packet filter firewall
based on Bull’s UNIX operating system as a secure gateway.
- Leverage public domain security tools
such as COPS and Tripwire to secure worldwide network of UNIX servers and
create scripts to consolidate reported data.
- Implement early Web server and Mosaic
browser technology to provide a security information server with CERT security
alert database. o Develop a set of global and local security policies for
applications, networks, and systems and information classification guidelines.
- Initiate Security Committee with
cross-section of country directors to review, approve and, implement. o
Initiate communication program with security managers including monthly
newsletters and mailing list.
- Establish annual country objectives and
develop ‘Security Indicators’, an Excel-based tool to consolidate
data metrics and map current results to objectives.
Position: Product Manager /
Developer
Company: Bull HN
Location: Phoenix, Arizona,
USA
Dates: Oct. 1990 - June 1992
Led product management and development
extension of the System Security Manager (SSM) product, a GCOS8 mainframe
operating system component.
Developed, supported, and maintained the
product and enhanced its usability with security management and administration
tools.
Recognition resulted in a transfer to the
Bull corporate headquarters in Paris, France.
Position: Product Manager /
Developer *
Company: Telecom Australia
Location:
Melbourne, Australia
Dates: Jan. 1990 - Oct. 1990
Hired under contract to develop and
implement a new Honeywell GCOS8 mainframe operating system component to provide
a high performance and reliable Queue Management Service (QMS).
* Under contract: Hank Walsh Associates,
475 Fifth Avenue, New York, NY, USA.
- Link between Transaction Processing
software (TP8) and new hyper-channel technology connecting regional Telecom
Australia databases.
- Code was developed in assembler and
based upon UNIX FIFO queue management principles.
- Critical service was implemented and
thoroughly tested and proved to be a major success.
Position: Product Manager /
Developer *
Company: Honeywell Federal Systems, Inc.
Location: McLean, Virginia, USA
Dates: Mar. 1986 - Dec.
1989
Hired under contract to develop and
implement a new major GCOS8 mainframe operating system component known as,
Enhanced Secure Logon (ESLO), a part of the System Security Manager (SSM)
product.
* Under contract: Hank Walsh Associates,
475 Fifth Avenue, New York, NY, USA.
- Initially developed for U.S. DoD
World-Wide Military Command and Control System (WWMCCS) sites, multi-level
security code was used successfully in the Gulf War.
- Migrated code to the commercial Bull
GCOS8 mainframe operating system.
- Additionally, managed teams of up to 30
engineers working on development projects such as, Military Airlift Command
Deployment Flow (MACDF).
This page was updated:
08-16-2004
by Nigel
Willson
nige@secureadvisor.com