Download PDF

Work experience

May 2016Present

IT Security Manager, MSIA-UPE, CISSP, GIAC-GSLC

City of Port St. Lucie

The City's first IT Security Manager within the 8th. largest municipality in the State of Florida who reports directly to the Chief Information Officer and works in a collaborative manner with the Chief Information Officer, IT staff, and all other municipal stakeholders to design, maintain, and continually improve upon the organizational enterprise security program. Reviews work of staff and that of contractors. Work is complex and of considerable difficulty and includes the application of technical knowledge and skills in maintaining the hardware and software used in protecting information and its infrastructure from external or internal threats while assuring compliance with statutory and regulatory requirements regarding information access and security through the establishment and implementation of policies and procedures and employee training. Interacts with peers in the Infrastructure, Applications and GIS Divisions as well as with City Administration to both share the security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and cooperation through an IT Security Governance and Risk Management Framework complimented by the creation of a Computer Security Incident Response Team (CSIRT).   Supervisor:  Chief Information Officer, Bill Jones

Information Security Governance & Risk Management Framework
IT Internal and External Audits
IT Policies and Procedures
Information Assurance & Cyber Security
IT Security, Education, Training & Awareness (SETA)
Computer Security Incident Response Team Manager (CSIRTM)

Jan 2017Present

Information Security & Assurance Subject Matter Expert (SME) - DSST 2016 & DSST 2017

Prometric

Working with a team of Information Security Subject Matter Experts (SME's) via remote consultancy work to participate and help develop technology-enabled testing and assessment solutions for Prometric clients.

July 2017Dec 2017

GIAC Strategic Planning Policy and Leadership (SME) Subject Matter Expert - MGT514 GSTRT Exam

SANS Institute

Worked as an alumnus of SANS MGT514 with a team Information Security Subject Matter Experts (SME's) via remote consultancy work to participate and help develop the GSTRT exam for the SANS course MGT514 Strategic Planning Policy and Leadership for the SANS Institute.

Feb 2016May 2016

Information Technology Security Manager, MSIA-UPE, CISSP

Town of Davie

The Town's first IT Security Manager who reports directly to the Information Technology Director and works in a collaborative manner with the IT Director, IT staff, and all other municipal stakeholders to design, create, and maintain the organizational enterprise security program. The Information Security Manager performs two core functions for the enterprise. The first is overseeing the operations of the enterprise's security solutions through management of the organization's security analysts. The second is establishing an enterprise security stance through policy, architecture and training processes. Secondary tasks will include the selection of appropriate security solutions, and oversight of any vulnerability audits and assessments. The Information Security Manager is expected to interface with peers in the Infrastructure, Applications and GIS divisions as well as with the leaders of the business units to both share the corporate security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and co-operation.  Supervisor:  Director of Information Technology, Nelson Martinez.

Information Security Risk Management Framework

Security, Training, Education, and Awareness (SETA)

IT Policies and Procedures

Information Assurance & Cyber Security

Jan 2015Jan 2016

Acting MIS Director, MSIA-UPE, CISSP

City of Fort Pierce

Acting MIS Director of a municipality reporting directly to the City Manager while working collaboratively with other stakeholders and vendors. Managed a departmental budget of $1.1M with an Operating Budget of $.6M and a Personnel Budget of $.5M with 5 FTE's. Directed the mission, vision, and developed the administration of the IT strategy consisting of hardware/software standards and IT related policies and procedures. Responsible for all facets of information security and compliance. Department provides 24x7 operations support for over 100 applications and 14 business units. Highly responsible administrative and managerial work that includes process evaluation and design, vendor coordination and management systems evaluation, systems design, programming, computer operations, voice networks, technical support, and end-user training and support. 

Department Responsibilities

The Management Information Systems (MIS) Department is an internal service department that is responsible for providing technical and informational support to all city departments.  MIS is responsible for providing enterprise-wide communication, information management and other technological services that support the City's core business operations and delivery of services to the residents of Fort Pierce. The department supports voice and data needs for over 250 users at 7 locations and maintains more that 20 servers and a mid-range computer system.  Supervisor:  City Manager, Nick Mimms.


The Management Information Systems department support areas include the following services:

Application Software
AS / 400 Mid-range Computer
Cyber Security
Database management
Email management
File maintenance
Financial and community development applications
Firewalls, Routers, and Switches
Help desk
Information Assurance
Internet access
IT Policies and Procedures
Operations System Software
Programming
System Analysis
Training
VOIP Telephone System Management
WAN/LAN Management

Jul 1998Jan 2015

Unified Network & Security Administrator - CISSP & Security+

City of Fort Pierce

Direct backup to the Director of Management Information Systems (MIS) for all City-wide data and voice information system operations while being directly held responsible for the continuous operational stability, efficiency, and security of the City’s enterprise-wide information systems.  Supervisor: MIS Director, Marjorie B. Gaskin.

Unified Security and Network Administrator professional experience and duties as they pertain to the 10 domains of knowledge of the CISSP CBK.  Please  also consider the Comptia Security+ and Microsoft Certified System Administrator (MCSA) certification  as additional information assurance experience. 

Access Control – Administration of an enterprise Microsoft domain-based network environment with an IBM Power 8 Midrange computer by managing an active directory and AS400 object-oriented environment consisting of users, groups, and organizational units to enforce via group policies (GPO) access controls to limit access to sensitive information at the domain level of the network through the concept of least privilege.Duration: twelve plus years of experience.

Telecommunications and Network Security – The City’s enterprise network operates and is managed through the Network Administrator within an air-gap defense network environment provided by a managed Internet Service Provider (ISP).Therein, the Network Administrator coordinates with the network operations center of the managed ISP provider to collaborate and mitigate known threats to the City’s via QRADAR (SIEM tool) and monitor WAN/LAN bandwidth metrics via other WAN applications such as eHealth.The Network Administrator also monitors and manages the municipal owned gateway firewalls, routers, and switches used over the managed ISP throughout 7 sites total which are provided WAN connectivity within a state-wide air-gap defense network provided by the managed ISP provider.TCP/IP is the primary data and voice communications protocol used throughout the City’s network as managed by the Network Administrator and additional measures such as employing the use of self-signed certificates for network devices to communicate via encrypted channels such as HTTPS and/or SSL is employed.In addition, site to site VPN’s are managed between the routers of the managed ISP provider and the routers of the City’s enterprise network via the Network Administrator to encrypt traffic end to end.

Telecommunications and Network Security (continued) – All external mobile device and computer connections can only access the City’s enterprise network through the use of the aforementioned site to site VPN or client to LAN VPN’s through a Cisco VPN client or Juniper SSL VPN to encrypt TCP/IP traffic end to end between the remote node and the City’s enterprise network for all TCP/IP data communications. The Network Administrator has also configured layer 2 and layer 3 TCP/IP measures to help prevent MAC Flooding, VLAN Hopping for VOIP and NAT/PAT to help prevent network foot printing. Duration:ten plus years of experience.

Information Security Governance and Risk Management – The Network Administrator has documented, trained users, and helped to implement a City-wide PCI-DSS policy for PCI-DSS compliance impacting all e-commerce transactions. The Network Administrator has also helped to document, update, and implement an Internet Access Telecommunications policy, an E-mail Usage and Retention policy, and a City-wide business continuity and disaster recovery policy with procedures and user training.The Network Administrator helps to ensure operational PCI-DSS compliance and works with the Finance Department to recertify via SAQ and quarterly technological tests for PCI-DSS compliance on an annualized basis.Duration:ten plus years of experience.

Business Continuity and Disaster Recovery Planning – The Network Administrator setup a disaster recovery solution known as NOMAX for the IBM Power 8 Midrange Computer which helps meets the requirements of the enterprise-wide business continuity and disaster recovery plan as well as helped to ensure the reliable processes of backing up critical systems such as Microsoft domain controllers, applications servers, and data storage devices via the traditional “grandfather” system of tape backups as a complimentary and redundant method to the NOMAX disaster recovery solution to help ensure the continuity of municipal operations and/or to help recover in the event of a human-factor, technological, and/or natural disaster.Duration: eight plus years of experience.

Physical (Environmental) Security – The Network Administrator monitors and manages Facility Commander which is a server, database, hardware, and software/application based physical building security solution for City Hall.The Facility Commander unified command and control physical access control security solution employs PTZ, Infrared, and motion cameras for digital video surveillance and recording as well as integrated access control features such as single and dual factor authentication via an employee photo identification badge and RFID chip to access sensitive areas along with biometric and keypad options for dual factor authentication to access highly sensitive locations.Electronic door strikes and electronic magnetic locks are deployed with RFID readers to enforce access control with the support of video surveillance within a unified solution managed by the Network Administrator.Duration:6 plus years of experience.

Network Management & Network Security Experience

Connectivity & Hardware: Layer 4 Firewalls, Layer 4/3 Routers, Layer 3/2 Switches, IBM (iSeries) Power System, IBM Blade Center, DNS Servers, DHCP Servers, Web Servers, Ethernet, Fast Ethernet, Gigabyte Ethernet, single and multimode fiber, WAN, LAN, TCP/IP, and RAID systems. 

Router and Switch Technologies: Frame-relay, PPP, Access Control List (ACL), Network Address Translation (NAT), Port Address Translation (PAT), RIPng, RIP, RIPv2, OSPF, EIGRP SNMP, SNMPv3, SMTP, ARP, TCP, UDP, Static Routing, Stub Routing, VLAN Trunking, VLAN, VTP, STP, Etherchannel, and Portfast.

Peripheral Technologies: IPS/IDS, Firewall, VPN, Tunneling,VoIP, IP Phone, Catalyst, QoS, PoE, CME, CUE, Port Security, MAC Address Filtering.

Network & Digital Forensic Technologies: Niksun, Juniper Security Threat Manager SIEM, IBM QRADAR SIEM, Wireshark, Solarwinds, Sonicwall, PUTTY, Gargoyle, Maltego, WinHex, FTK Tools, DD, Encase, & Cisco CLI & SDM.

Desktop Technologies: Windows OS 10, 7, 5250 emulation, and Server 2012, 2008, 2003 - Microsoft AD, Lotus Notes 9, Microsoft Office & Visio, Polycom VOIP. 

Jun 1996Present

Virtual Chief Information Security Officer (VCISO) - CISSP, GIAC-GSLC & Security +

Megabyte Concepts

Acts as a virtual CISO to provide information security and assurance services in coordination with user-level education and training to clients via instituting a security, education, training and awareness (SETA) program. Specialization in information security policies and procedures along with a service emphasis on helping organizations achieve a desired state of information security and assurance thru working with the people, processes (workflow), policies and procedures, and the technology of the organization guided by an applicable IT Security Governance and Risk Management framework with supporting policies and procedures that aligns the organization to the industry standard while supporting the risk tolerance, objectives, mission, and vision of the organization.

Oct 2012Present

Adjunct Professor - Cyber Security - Subject Matter Expert (SME) - MSIA-UPE, CISSP, GIAC-GSLC

Indian River State College

Adjunct Professor and Subject Matter Expert (SME) employed to help develop and teach undergraduate Cyber Security courses ISM 3321 – Information Security Essentials and ISM 4323 - Information Security Policy Administration online thru the Virtual Campus at Indian River State College (IRSC) within the college's new Bachelor's of Information System Management and Cyber Security degree. Serves as a Subject Matter Expert (SME) through IRSC via the nationwide Quality Matters (QM) Program for ISM 4323 - Information Security Policy Administration and for ISM 3321 Information Security Essentials. IRSC has earned the 2015, 2016, & 2017 nationwide Aspen Institute Top 10 Prize for Community College Excellence.  Supervisor: Jose Farinos, Vice President & Dean of Advanced Technology.

ISM 3321 – Information Security Essentials

ISM 4323 - Information Security Policy Administration

ISM 3321 Course Description

The management of information security problems is covered including attack methods; detection and prevention techniques, cryptography, firewalls and intrusion detection systems; security policies and risk management; and incident response.

ISM 4323 Course Description

The management of information security provides the foundation for understanding the key issues associated with protecting an organization’s digital information assets through the people, policies and procedures, processes, and technology the organization employ’s to help the organization develop a cost-effective, efficient, and compliance-oriented information security operational environment. Appropriate measurement, governance, and reporting methods will also be discussed which assist organizational management in making better information security governance and IT risk management decisions. Students will be exposed to the spectrum of management information security activities, methodologies, laws, policies and procedures, IT risk management, and information security governance.

Jun 1990Jun 1996

Network Administrator - CNA 3.1x

M.A. Hanna, Inc./PolyOne Corporation

Network Administrator reports to the Operations Manager and Vice President of Operations while administering and managing a 25 node Novell 3.1x network in a hybrid network environment with Microsoft Windows NT 3.51 & 4.0 servers with wide area network access to an AS/400 via an IBM 5394 controller at a scientific polymer research, technological, and light manufacturing and testing center.  Supervisor:  Joline Rivard, Office Manager.

Jun 1988Jun 1990

Office, Accounting, Tax, and Computer Assistant

Lashbrook & Associates, PA

Assisted in processing client’s seasonal tax returns, performed general office and accounting assistant functions for front office and accounting staff, and helped provide general computer support for all staff of the firm as a backup to the computer programmer.  Supervisor:  Garth Lashbrook, Owner/C.P.A.

Interest

World Travel, Computer Technology, Poetry, Philosophy, Golf, Billiards, Volleyball, Restoring Antique Trucks, Martial Arts, and Exercise 

Education

Sep 2010Jun 2012

Master of Science with Honors - Information Assurance

Norwich University

Achieved a 4.0 GPA and graduated with Honors!  Upsilon Pi Epsilon (UPE) - International Honor Society for the Computing and Information Disciplines (Lifetime Member) - June 2012, Norwich University Alumni. Achieved CISSP certification.

Jun 2001May 2007

Bachelor of Arts - Management Information Systems - Security Track

Florida Atlantic University

Information Technology and Operations Management (ITOM) - Florida Atlantic University (FAU) - Distinguished Alumnus - May 2012. Achieved a 3.157 GPA with concentation in computer forensics, Florida Atlantic University Alumni.

Aug 2002Dec 2006

Cisco Network Academy, Network Security, and Microsoft Certification Tracks

Indian River State College

Achieved a 3.25 GPA. Completed the Cisco Network Academy (CCNA) track and Microsoft Certified System Administrator (MCSA) track to become Comptia Security + and MCSA certified.

Jun 1990May 1995

Associate of Arts - Liberal Arts

Broward Community College

Broward Community College Alumni, Completed Novell Network 3.1X Administrator course to become a Certified Novell Administrator (CNA) at FAU and Achieved a 3.0 GPA. Future Business Leaders of America - Phi Beta Lamda member (FBLA - PBL) FBLA District Certificate Award (3rd Place Economics).

Certifications

Jun 2018Jun 2022

Global Security Leadership Certification (GSLC)

GIAC

GIAC ID: 5544197

Exam Certification Objectives & Outcome Statements 

 Change Management and Incident Handling for Managers 

The candidate will understand the risks of incidents and unplanned changes, identify requirements for effective change management and incident response programs, and demonstrate understanding of the basic legal issues in incident and evidence handling 

Common Attacks and Malware 

The candidate will be able to identify common network attack methods, types of malicious code, and strategies used to mitigate those threats 

Managing Access Control 

The candidate will demonstrate an understanding of the fundamental theory of access control, secure authentication and authorization, and threats to account credentials and system access 

Managing Defense in Depth and Security Policy 

The candidate will demonstrate an understanding of the terminology and concepts of Defense-in-Depth, assessing security posture, and using security policy to meet the security needs of the organization 

Managing Disaster Recovery and Contingency Planning 

The candidate will demonstrate familiarity with the theory and techniques of cyber warfare. The candidate will be able to lead Business Continuity and Disaster Recovery teams, and understand the risk posed by natural disasters, large scale disruptions, and cyber warfare 

Managing Employees and Total Cost of Ownership 

The candidate will demonstrate an understanding of effective communication and negotiation tactics, managing employee priorities, use TCO analysis for proposed solutions and projects, and applying due diligence to reduce legal liability and the risk of fraud 

Managing Operational Security 

The candidate will demonstrate an understanding of operational security (OPSEC) principles, as well as offensive and defensive OPSEC techniques 

Managing Physical Security and Facility Safety 

The candidate will demonstrate the ability to advocate for and integrate security requirements into facility, safety and procurement processes, including physical access and dealing with vendors 

Managing Privacy and Web Security 

The candidate will demonstrate an understanding of the privacy concerns of individuals, strategies for maintaining data privacy on private and public networks, and understand the risks posed to data by steganography, web applications, and Internet communications 

Managing Risk and Ethics 

The candidate will demonstrate the ability to evaluate and manage risk and will be familiar with ethical issues pertaining to IT/Information Security 

Managing Security Awareness and Protecting Intellectual Property 

The candidate will be able to identify and protect intellectual property and intangible assets, including an understanding of secure software development processes, honeypots and honeytokens, and managing an organizational security awareness program 

Managing the Network Infrastructure 

The candidate will demonstrate an understanding of common LAN and WAN technologies, including network infrastructure, virtualization, MAC and IP addressing, VoIP, DNS, and common threats to network services 

Managing the Quality and Growth of the Security Organization 

The candidate will demonstrate an understanding of hiring and managing a global security team and achieving sustainable growth, including the principles of cultural awareness, quality, and continuous process improvement 

Managing the Use of Cryptography 

The candidate will demonstrate an understanding of symmetric, asymmetric and hashing algorithms, PKI and key management, and understand the common uses of cryptography in securing network data and communications 

Managing Vulnerabilities 

The candidate will demonstrate an understanding of common approaches, methods, and tools used to gather information externally and internally, and how to effectively prioritize and remediate vulnerable systems and devices 

Managing Wireless Security 

The candidate will demonstrate an understanding of wireless networking technologies and risks, including security considerations for 802.11 and Bluetooth devices 

Network and Endpoint Security Technologies 

The candidate will demonstrate an understanding of security technologies and devices used to prevent and detect network and endpoint threats, including filtering, IPS/IDS, virtualization, logging, and correlation 

Network Protocols for Managers 

The candidate will demonstrate understanding of the terminology and concepts of network protocols and how to assess competent network engineers 

Project Management and Business Situational Awareness 

The candidate will demonstrate familiarity with the terminology, concepts and phases of project management as well as identifying and modeling effective business situational awareness 

Selling and Managing the Mission 

The candidate will demonstrate an understanding of how to use mission statements and security frameworks to align security with the business, and how to effectively promote security within an organization  

Aug 2012Aug 2021

Certified Information Systems Security Professional (CISSP)

ISC2

ISC2 ID: 425088

Exam Certification Objectives & Outcome Statements 

Security and Risk Management (Security, Risk, Compliance, Law, Regulations, and Business Continuity) 

Confidentiality, integrity, and availability concepts  

Security governance principles 

Compliance 

Legal and regulatory issues 

Professional ethic 

Security policies, standards, procedures and guidelines 

Asset Security (Protecting Security of Assets) 

Information and asset classification 

Ownership (e.g. data owners, system owners) 

Protect privacy 

Appropriate retention 

Data security controls 

Handling requirements (e.g. markings, labels, storage) 

Security Engineering (Engineering and Management of Security) 

Engineering processes using secure design principles 

Security models fundamental concepts 

Security evaluation models 

Security capabilities of information systems 

Security architectures, designs, and solution elements vulnerabilities 

Web-based systems vulnerabilities 

Mobile systems vulnerabilities 

Embedded devices and cyber-physical systems vulnerabilities 

Cryptography 

Site and facility design secure principles 

Physical security 
   

Communication and Network Security (Designing and Protecting Network Security) 

Secure network architecture design (e.g. IP and non-IP protocols, segmentation) 

Secure network components 

Secure communication channels 

Network attacks 
   

Identity and Access Management (Controlling Access and Managing Identity) 

Physical and logical assets control 

Identification and authentication of people and devices 

Identity as a service (e.g. cloud identity) 

Third-party identity services(e.g. on-premise) 

Access control attacks 

Identity and access provisioning lifecycle (e.g. provisioning review) 
   

Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing) 

Assessment and test strategies 

Security process data (e.g. management and operational controls) 

Security control testing 

Test outputs (e.g. automated, manual) 

Security architectures vulnerabilities 

Security Operations (Foundation Concepts, Investigations, Incident Management, and Disaster Recovery) 

Investigations support and requirements 

Logging and monitoring activities 

Provisioning of resources 

Foundational security operations concepts 

Resource protection techniques 

Incident management 

Preventative measures 

Patch and vulnerability management 

Change management processes 

Recovery strategies 

Disaster recovery processes and plans 

Business continuity planning and exercises 

Physical security 

Personnel safety concerns 
 

Software Development Security (Understanding, Applying, and Enforcing Software Security) 

Security in the software development lifecycle 

Development environment security controls 

Software security effectiveness 

Acquired software security impact 

Jan 2018Jan 2020

Cyber Forensics Incident Recovery

ISC2

Digital Forensics and Incident Response

May 2016Present

Kevin Mitnick Security Awareness Training - 2016

KnowBe4

IT staff and end user cyber security training

Mar 2016Mar 2018

Criminal Justice Information System (CJIS) - Security and Awareness Training (Town of Davie)

Federal Bureau of Investigation (FBI)

Level 3 - Information Technology Security

Dec 2006Dec 2009

Comptia Security +

Comptia Corporation

CompTIA, License CompTIA Career ID# COMP10648179

  • Network Security (CTS2310)
May 2006May 2009

Cisco Network Academy (CCNA 1 - 4)

Cisco Corporation

Cisco router configuration and management for enterprise class networks.

    • Cisco Project (CEN2529 (CCNA4))
    • Advanced Router Technology (CEN2528 (CCNA3))
    • Cisco Router Technology (CEN2527 (CCNA2))
    • Networking Essentials (CEN1283 (CCNA1))
June 2003June 2006

Microsoft Certified Systems Administrator (MCSA)

Microsoft Corportation

Microsoft, License MCP ID # 2981960

  • Administrator WIN2K Director (CEN2305)
  • Implement Windows 2000 Server (CEN2320)
  • Design WIN2K Director (CEN2321)
Apr 2003Apr 2006

Microsoft Certified Professional (MCP)

Microsoft Corporation

Microsoft, License MCP ID # 2981960

Fundamentals of Computer Applications (CGS1003)

Mar 2002Present

Email & Internet Liability

Mark Fiedelhotlz - Attorney

Email and Internet Liability Training

Feb 1995Feb 2000

Certified Novell Administrator (CNA 3.1X)

Novell Corporation
Novell, License 70BDTT0066
Dec 1991Present

Certified H & R Block Tax Preparer

H & R Block

Tax Preparer

Jul 2008Jul 2011

ArcGIS Desktop II: Tools and Functionality

ESRI
Esri, License 44793249
Jun 1992Present

Facilitated Quality Awareness Experience Training

Total Quality Management - PMS Consolidated

Quality Management Training

Sep 1993Present

Intermediate Color Science Training - Color Science Certificate

PMS Consolidated, Inc.

Color Science

Dec 1993Present

Safety Training Observation Program

Dupont Safety Course

MSDS and Safety Training

Aug 2008Present

EEOC Diversity Workshop Certificate of Training

City of Fort Pierce

Personnel Managment

May 2014May 2017

CyberAces Virtual Assessment 1.0 - 85%

SANS Institute
SANS Institute, License ID 1900027
May 2014Nov 2014

Applying the QM Rubric: Using 2011 - 2013 Rubric

Quality Matters Program
Quality Matters Program, License (APPQMR)
Jul 2014Jul 2016

Adult First Aid/CPR/AED

American Red Cross
Certificate ID: GQQU9O
Oct 2014Present

LeaderMetrics (Leadership, Stewardship, & Governance)

3ethos
What key decision-makers need to know when serving in a critical leadership role. Completed the intensive coursework associated with LeaderMetrics and was awarded the 3ethos challenge coin for completing the program regarding the correlated concepts of Leadership, Stewardship, & Governance.
Oct 2014Nov 2016

QM Rubric Update 2014: Using the Rubric 2014 - 2016

Quality Matters Program
QM Quality Matters, License 5th. Edition - 2014 - 2016
Nov 2014Present

St. Lucie Leadership Class XXXII

St. Lucie Chamber of Commerce

Participants agree to a two year commitment with the St. Lucie County Chamber of Commerce.First, they undertake an eleven month program designed to increase their individual and community leadership skills. The class spends one day a month studying specific aspects of the community, such as education, area government, local history, economic development, health and human services, the environment, cultural awareness and quality of life issues. Upon graduation participants are asked to service on a Chamber committee in order to apply their community knowledge and leadership skills for the betterment of St. Lucie County. If you are interested in experiencing a year long adventure and learning about your community in ways you never imagined, please contact the Chamber of Commerce Foundation for more information. This first year leads to additional time in your community as you become active with the Chamber of Commerce and its committees and events.

Jun 2012Present

Upsilon Pi Epsilon (UPE) - Lifetime Member

Norwich University Chapter of UPE - License 2012052814NORWC

Mission Statement

The mission of Upsilon Pi Epsilon is to recognize academic excellence at both the undergraduate and graduate levels in the Computing and Information Disciplines.

The Association will accomplish this mission through programs that:

  • Enable outstanding students to obtain recognition of superior educational achievement that emphasizes the Computing and Information Disciplines as well as liberal arts, sciences, and other professional and interdisciplinary education in the context of individual and societal responsibilities,
  • Assist in maximizing the personal and professional growth of students in UPE by financially supporting scholarships and other creative endeavors that include the discovery, integration, and application of knowledge,
  • Establish significant partnerships with external constituencies interested in promoting and subsidizing high quality computing science education,
  • Seek opportunities to extend individual memberships and chapter activities into additional environments yet to become identified.

Guidelines and Goals

Upsilon Pi Epsilon is an honorary society whose membership consists of outstanding undergraduate and graduate students in Computing and Information Disciplines. Only schools that offer a degree in a computing science-related discipline may be chartered. Likewise, prospective student members must be working toward a degree in Computing and Information Disciplines at the time they are considered for membership. Yet members are chosen not only for their scholastic achievement in a computing science program, but also for distinguishing themselves as true professionals by meeting the standards of the society. Membership is limited to those who can effectively achieve the original goals of the society. These goals include:

  • The recognition of outstanding talent in the field of computing science,
  • The promotion of high scholarship in computing science,
  • The establishment and maintenance of high standards in computing science,
  • The representation of computing science in interdisciplinary communications, and
  • The encouragement of individual contributions to society through computing science.

Endorsements and Affiliation

Upsilon Pi Epsilon is the first and only, existing international honor society in the Computing and Information Disciplines. It has received endorsements from the two largest computer organizations in the world, the Association for Computing Machinery (ACM) and the IEEE Computer Society (IEEE-CS).

UPE is a member of the Association of College Honor Societies (ACHS).

Upsilon Pi Epsilon

  • recognizes academic excellence in the Computing and Information Disciplines.
  • has chapters in various colleges and universities in North America and overseas.
  • is the only honor society that is recognized by the ACM and the IEEE-CS.
  • presents scholarship awards to active members.
  • present scholarship awards to student members of the ACM and the IEEE-CS.
  • presents cash awards to chapters who send representatives to its annual convention.
  • presents cash awards and plaques to all participating teams at the ACM International Scholastic Programming Contest.
  • presents scholarship awards on behalf of industry supporters of the association.
  • presents the ABACUS Award - our most prestigious award presented to an individual who, over several years, has provided extensive support and leadership for student-related activities in the Computing and Information Disciplines.

Custom

Academic Experience Master of Science, Information Assurance - Digital Forensics, Norwich University, 2010 - 2012

    • Computer Forensic Investigations (GI551L)
    • Computer Security Incident Response Team Management (CSIRTM) (GI554A)
    • Information Assurance Management and Analytics (GI542L)
    • Human Factors and Managing Risk (GI532A)
    • Information Assurance Technology (GI522L)
    • Foundations and Historical Underpinnings of Information Assurance (GI512A)

Bachelor of Arts, Management Information Systems - Security Track (Computer Forensics), Florida Atlantic University, 2001 - 2007

      • Computer Forensics (ISM4324)
      • Security Management (ISM4323)
      • Information System Security (ISM4320)
      • Business Data Communications (ISM4220)
      • Database Management Systems (ISM4212)
      • Advanced Systems Analysis and Design (ISM4133)
      • Beginning Business Programming (C++) (ISM3230)
      • Management Information Systems (ISM3011)
      • Certified Novell Administrator 3.1x (10 Week Course at FAU)

Information Technology and Information Security - Cisco Network Academy, Indian River Community College, 2002 - 2006

    • Network Security (CTS2310)
    • Cisco Project (CEN2529 (CCNA4))
    • Advanced Router Technology (CEN2528 (CCNA3))
    • Cisco Router Technology (CEN2527 (CCNA2))
    • Networking Essentials (CEN1283 (CCNA1))
    • Administrator WIN2K Director (CEN2305)
    • Implement Windows 2000 Server (CEN2320)
    • Design WIN2K Director (CEN2321)
    • Fundamentals of Computer Applications (CGS1003)

Publications Peer Reviewed Papers Improving upon the City of Fort Pierce's Lack of Digital Forensic Investigative Capacity within a Computer Security Incident Response Team (CSIRT) Framework, Computer Forensic Investigations at Norwich University, February 25, 2012. Employing a Security Team Model for Computer Security Incident Response Team Management (CSIRTM) within the City of Fort Pierce, Computer Security Incident Response Team Management (CSIRTM) at Norwich University, November 9, 2011. Adding Value to the City of Fort Pierce's operations through IT and Enterprise Project Management (EPM), Information Assurance Management and Analytics at Norwich University, August 22, 2011. A Comprehensive Operational Risk Management Plan for the City of Fort Pierce, Human Factors and Managing Risk at Norwich Universtiy, May 21, 2011. The City of Fort Pierce's Network Infrastructure Assessment and Strategic Objectives, Information Assurance Technology at Norwich University, February 26, 2011. The City of Fort Pierce's Current State of Information Insecurity, Foundations & History Underpinning Information Assurance at Norwich University, November 20, 2010. Information Systems Security: Past, Present, and Future, Information Systems Security at Florida Atlantic University, May 16, 2006.

Technical Reports and White Papers Network Forensics, Crosstec Corporation, Megabyte Concepts, and Florida Atlantic University, May 1, 2007, Authors: Albert Caballero and Stanley L. Fidge. Regulatory Compliance Whitepaper, Crosstec Corporation, Megabyte Concepts, and Florida Atlantic University, May 1, 2007, Authors: Albert Caballero and Stanley L. Fidge.

Conference Activities SANS Institute - MGT512 – Security Leadership Essentials for Managers (GIAC - GLSC), Miami, FL, 2018 Criminal Justice Information System (CJIS–FDLE-FBI) 30th annual training Symposium, 2017 SANS Institute – MGT514 - IT Security Strategic Planning, Policy, and Leadership (GIAC - GSTRT), Miami, FL 2016 Criminal Justice Information System (CJIS – FDLE - FBI) annual training Symposium, 2016 Florida Public Pension Trustees Association (FPPTA) - Trustees Conference, Bonita Springs, FL, 2012 - 2016 Midrange Service and Support Annual Power Systems Solution Conference - Attendee, Boca Raton, FL, 2005 - 2016 Florida Local Government Information Systems Association (FLGISA) - Attendee, 2006 - 2007, 2013 - 2018 Lyle Sumek Associates, Inc.: Preliminary Leadership and Strategic Planning Session - Management Staff, Fort Pierce, FL,  2011 SANS Security 503 - Intrusion Detection In-Depth 2014 SANS Security 501 - Advanced Security Essentials - Enterprise Defender 2013 SANS Security 1.1 - Security Essentials 2004 SunGard - Public Sector User's Group Conference - Attendee, Lake Mary, FL, 2001 - 2005 SunGard - Public Sector User's Group Conference - Past President, Lake Mary, FL, 2000 IBM iSeries Technical Conference - Attendee, Orlando, FL, 1999

Honors, Awards, and Professional Organizations Norwich University Alumni Association Upsilon Pi Epsilon (UPE) - International Honor Society for the Computing and Information Disciplines, Elected Lifetime Member - Norwich University Chapter Information Technology and Operations Management (ITOM) - Selected as a Distinguished Alumnus - Florida Atlantic University Florida Atlantic University Alumni Association Broward Community College Alumni Association - Charter Member Infragard - Florida (Miami Chapter) ISC2 - CISSP "Member in Good Standing" Sullivan Museum and History Center - Honorary Member Florida Local Government Information Systems Association (FLGISA) - Member Florida Public Pension Trustee Association (FPPTA) - Certified Public Pension Trustee (CPPT) - Member International Society of Poets - Member in Good Standing National Geographic Society

Summary

Curriculum Vitae

Stanley L. Fidge, MSIA - UPE, CISSP, GIAC-GSLC

Born 1971 in Breckenridge, Minnesota USA. Natural-born U.S. Citizen. Married.