Tim Jackson is an IT professional with over 12 years of experience in security, risk management, and architecture roles. He has held positions such as Security & Quality Coordinator at Lotterywest, Technical Architect – Information Security at FMG, and Information Security Manager at AaE. He has comprehensive experience in security domains like network security, application security, compliance, and forensics. Jackson is looking to further his career in a risk, management, or architectural role and believes he can be a valuable employee through his technical and leadership skills.
While nothing is ever "completely secure," and there is no magic product to make every organization immune from unwanted attackers,this Razorpoint document outlines 10 keys to consider seriously regarding effective network security.
IT Information Security Management Principles, 23 - 26 November 2015 Dubai UAE360 BSI
This 4 day training program combines advanced technology and relevant practical experience to develop your IT security policies & create a robust IT infrastructure.
Information security is critical for modern business models today.
Organizations must be prepared to take crucial steps to strengthen their IT infrastructure from both internal & external threats.
Organizations must look to develop a security network that enhances business operations while improving its security position. Successful security architecture combines a mix of the latest policies & practices, technology, and a robust awareness program.
This 4 day intensive training workshop addresses the latest concerns on IT infrastructure and security. Participants will develop key skills and core competencies that will allow them to meet the ever-changing security demands of the 21st century.
Course Participants will:
- Master the tools & techniques for effective information & network security.
- Discover how to create a complete & sustainable IT security architecture.
- Gain knowledge on how to develop sound security policy together with your security architecture.
- Learn how to perform an IT governance assessment using CoBIT 4.0
- Learn how to perform smart security risk assessment within your organization.
- Gain valuable insights on implementing a proactive & robust security management system.
- Learn how to detect & prevent information security breaches due to inadequate IT security awareness within the organization.
Who should attend:
Vice Presidents, Directors, General Managers
Chief Information Officers
Chief Security Officers
Chief Information Security Officers
Chief Technology Officers
Contact Kris at kris@360bsi.com for further information.
Sécurité Mobile : Votre Entreprise est-elle préparée pour 2020?AGILLY
Bonjour,
Nous avons pensé que ce webinar devrait vous intéresser.
Comment la mobilité, l'Internet des objets et l'intelligence artificielle vont impacter la votre transformation digitale.
Toutes les entreprises modernes s'activent pour accélérer leur transformation numérique, mettant une pression immense sur les responsables informatiques pour la réalisation de projets nouveaux et ambitieux. Cela arrive à un moment où les équipes informatique et de sécurité sont invitées à s'intégrer davantage. Pendant ce temps, la travail quotidien de la gestion des utilisateurs, des appareils, des applications et du contenu devient plus encombrant.
Revivez ce webinar qui présente sur l'étude Forrester, basée sur la contribution de 556 professionnels de l'IT. Découvrez ce que l'avenir réserve pour mobilité, les terminaux et l'IoT en 2020:
Quel équipe IT sera responsable de la sécurisation de l'IoT?
Combien de systèmes seront nécessaires pour gérer les terminaux du futur?
Dans quelle mesure votre environnement de base changera-t-il radicalement dans quelques années?
D'ici 2020, quel pourcentage d'organisations utiliseront l'informatique propulsée par l'Intelligence Artificielle et l'Analyse Cognitive?
Data Loss Prevention technologies are needed to protect data coming into and leaving the organization. There are a number of problems and challenges with the many vendors supplying DLP technology. This presenation reviews some of the Myths around Data Loss Prevention.
While nothing is ever "completely secure," and there is no magic product to make every organization immune from unwanted attackers,this Razorpoint document outlines 10 keys to consider seriously regarding effective network security.
IT Information Security Management Principles, 23 - 26 November 2015 Dubai UAE360 BSI
This 4 day training program combines advanced technology and relevant practical experience to develop your IT security policies & create a robust IT infrastructure.
Information security is critical for modern business models today.
Organizations must be prepared to take crucial steps to strengthen their IT infrastructure from both internal & external threats.
Organizations must look to develop a security network that enhances business operations while improving its security position. Successful security architecture combines a mix of the latest policies & practices, technology, and a robust awareness program.
This 4 day intensive training workshop addresses the latest concerns on IT infrastructure and security. Participants will develop key skills and core competencies that will allow them to meet the ever-changing security demands of the 21st century.
Course Participants will:
- Master the tools & techniques for effective information & network security.
- Discover how to create a complete & sustainable IT security architecture.
- Gain knowledge on how to develop sound security policy together with your security architecture.
- Learn how to perform an IT governance assessment using CoBIT 4.0
- Learn how to perform smart security risk assessment within your organization.
- Gain valuable insights on implementing a proactive & robust security management system.
- Learn how to detect & prevent information security breaches due to inadequate IT security awareness within the organization.
Who should attend:
Vice Presidents, Directors, General Managers
Chief Information Officers
Chief Security Officers
Chief Information Security Officers
Chief Technology Officers
Contact Kris at kris@360bsi.com for further information.
Sécurité Mobile : Votre Entreprise est-elle préparée pour 2020?AGILLY
Bonjour,
Nous avons pensé que ce webinar devrait vous intéresser.
Comment la mobilité, l'Internet des objets et l'intelligence artificielle vont impacter la votre transformation digitale.
Toutes les entreprises modernes s'activent pour accélérer leur transformation numérique, mettant une pression immense sur les responsables informatiques pour la réalisation de projets nouveaux et ambitieux. Cela arrive à un moment où les équipes informatique et de sécurité sont invitées à s'intégrer davantage. Pendant ce temps, la travail quotidien de la gestion des utilisateurs, des appareils, des applications et du contenu devient plus encombrant.
Revivez ce webinar qui présente sur l'étude Forrester, basée sur la contribution de 556 professionnels de l'IT. Découvrez ce que l'avenir réserve pour mobilité, les terminaux et l'IoT en 2020:
Quel équipe IT sera responsable de la sécurisation de l'IoT?
Combien de systèmes seront nécessaires pour gérer les terminaux du futur?
Dans quelle mesure votre environnement de base changera-t-il radicalement dans quelques années?
D'ici 2020, quel pourcentage d'organisations utiliseront l'informatique propulsée par l'Intelligence Artificielle et l'Analyse Cognitive?
Data Loss Prevention technologies are needed to protect data coming into and leaving the organization. There are a number of problems and challenges with the many vendors supplying DLP technology. This presenation reviews some of the Myths around Data Loss Prevention.
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTripwire
Major healthcare providers are tasked with protecting patient data and maintaining complex security compliance requirements enforced through rigorous audits. Mercy Health, a major Midwestern hospital system, became a Tripwire customer in 2013. Using Tripwire technology, they created a successful IT service by integrating their ITSM tool, streamlining their reporting process and more.
Mercy Health and Tripwire show you how to:
-Implement effective change management
-Strengthen security in Epic records systems
-Streamline the audit process
An Overview of Information Systems Security Measures in Zimbabwean Small and ...researchinventy
This paper reports on the Information Systems (IS) securitymeasures implemented by small and medium size enterprises (SMEs) in Zimbabwe. A survey questionnaire was distributed to 32 randomly selected participants in order to investigate the security measures and practices in their respective organisations. The results indicated that over 50% of the respondents had installed firewalls, while more than 80% carried out regular software updates and none of the respondents had intrusion detection systems. The researchers recommended that SMEs work to enhance their knowledge on the different IS threats in order to enable the implementation of preventive measures.
Data loss is considered by security experts to be one of the most serious threats that businesses currently face.
Maintaining the confidentiality of personal information and data is an essential factor in operating a successful business. People must be able to trust that their service provider takes the appropriate measures to implement security controls that will ultimately protect their privacy.
However, some of the largest and most reputable organizations have fallen victim to data loss security breaches resulting in significant legal, financial, and reputation loss, including [1]:
The Bank of America: Losing the personal employee information of over one million employees
The United States Government: Losing data related to the military
Heartland Payment Systems: Transferring credit card information and other personal records of over 130 million customers
In 2013, it was estimated that data breaches had resulted in the exploitation of over 800 million personal records [2]. This number is also expected to rise over the next several years given the advanced tools that cybercriminals use to steal information and data.
Interestingly, it is not just cybercriminals who represent a threat as:
64% of data loss is caused by well-meaning insiders.
50% of employees leave with data.
$3.5 million average cost of a security breach.
Considering these extensive data breaches, it is practical for organizations to understand where their critical data is located and understanding current security controls that can stop data loss.
Data Loss Prevention (DLP) solutions locate critical and personal data for organizations and help prevent data loss. By having a deeper understanding of efficient DLP security controls, you will help protect the reputation of your organization.
For more information contact: rkopaee@riskview.ca
https://www.threatview.ca
http://www.riskview.ca
Improving Incident Response: Building a More Efficient IT InfrastructureEmulex Corporation
This webcast will focus on the results of a study Emulex commissioned from Forrester Consulting that evaluates the range of issues that enterprise IT staffs are facing while managing the performance of their business-critical application and business services. The results of the study, entitled “Improving Incident Response: Building a More Efficient IT Infrastructure,” indicate that a lack of network visibility negatively impacts the ability of IT staff to identify and resolve application performance issues, which leads to substantial business productivity loss.
Symantec Data Loss Prevention. Las tendencias mundiales nos muestran que el mayor porcentaje de perdida y robo de datos responde a la falta de visibilidad y el error en el manejo de los mismos. Conozca como prevenirse.
When data that is critical to cybersecurity tools remains in silos, everyone loses. This siloed approach diminishes the value of the data and leaves organizations with incomplete visibility, significant management overhead, and uncertainty about which security tools are actually necessary to ingest and analyze the data to protect the business.
These slides--based on the webinar--help answer the following questions:
- Which cybersecurity tools are necessary for full internal and external coverage, and which are redundant or outdated?
-What are the signs that a vendor can back up their promises, or that they’re exaggerating their product’s capabilities?
-How can you leverage machine learning to reduce security response time?
- How can you combine the strengths of a big data model with adaptive machine learning for more accurate, effective security protection and detection capabilities?
This presentation will explore suggestions for ways Security people in Central Ohio can and do collaborate to improve Security practices within and external to organizations. This will explore ISACs, ISAOs, partnerships such as the Collaboratory, Internships, ISSA, etc.
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...infoLock Technologies
Learn how you can leverage Symantec DLP's superior detection technologies and comprehensive coverage to protect your confidential data against theft not only from malicious insiders but also well-meaning employees - while enabling you to comply with global data privacy laws and safeguard your reputation.
DSS ITSEC 2013 Conference 07.11.2013 - For your eyes only - Symantec PGP Re-L...Andris Soroka
Presentation from one of the remarkable IT Security events in the Baltic States organized by “Data Security Solutions” (www.dss.lv ) Event took place in Riga, on 7th of November, 2013 and was visited by more than 400 participants at event place and more than 300 via online live streaming.
Overview of Data Loss Prevention (DLP) TechnologyLiwei Ren任力偉
DLP is a technology that detects potential data breach incidents in timely manner and prevents them by monitoring data in-use (endpoints), in-motion (network traffic), and at-rest (data storage). It has been driven by regulatory compliances and intellectual property protection. This talk will introduce DLP models that describe the capabilities and scope that a DLP system should cover. A few system categories will be discussed accordingly with high-level system architecture. DLP is an interesting technology in that it provides advanced content inspection techniques. As such, a few content inspection techniques will be proposed and investigated in rigorous terms.
Enterprise Strategy Group: The Big Data Security Analytics Era is HereEMC
This analyst report explains that organizations can no longer rely on preventive security systems, point security tools, manual processes, and hardened configurations to protect against targeted attacks. Henceforth, security management must be based on continuous monitoring and big data analysis for situational awareness and rapid decisions.
At the highest level, our mission continues to be about keeping our customers (companies and governments) safe from ever-evolving digital threats, so they are confident to move business forward. Our strategy to accomplish this mission centers around four key pillars: Advanced Threat Protection, Information Protection for On Premise and Cloud, Security as a Service -- all anchored by a Unified Security Analytics Platform. Symantec Data Loss Prevention is a foundational product in the Information Protection for On Premise and Cloud pillar.
Everyone knows that storing and accessing data and applications in the cloud and on mobile devices provides makes work much easier and productive by allowing employees to work everywhere they need to.
It allows for great business agility – applications are always up to date, new functionality and processes can be deployed and activated quickly and organizations can adjust things on the fly if they need to.
It also brings the convenience factor – all employees to work in the way that they need to, collaboration and sharing is made vastly easier with cloud applications and storage.
But it brings with it all the challenges of securing devices and applications that your don’t own, and whilst saying NO might be the right thing for security, end users will find a way around it. Right now, close to 30% of employees use their personal devices for work. And that number is on the rise, potentially turning BYOD into Bring Your Own Disaster.
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTripwire
Major healthcare providers are tasked with protecting patient data and maintaining complex security compliance requirements enforced through rigorous audits. Mercy Health, a major Midwestern hospital system, became a Tripwire customer in 2013. Using Tripwire technology, they created a successful IT service by integrating their ITSM tool, streamlining their reporting process and more.
Mercy Health and Tripwire show you how to:
-Implement effective change management
-Strengthen security in Epic records systems
-Streamline the audit process
An Overview of Information Systems Security Measures in Zimbabwean Small and ...researchinventy
This paper reports on the Information Systems (IS) securitymeasures implemented by small and medium size enterprises (SMEs) in Zimbabwe. A survey questionnaire was distributed to 32 randomly selected participants in order to investigate the security measures and practices in their respective organisations. The results indicated that over 50% of the respondents had installed firewalls, while more than 80% carried out regular software updates and none of the respondents had intrusion detection systems. The researchers recommended that SMEs work to enhance their knowledge on the different IS threats in order to enable the implementation of preventive measures.
Data loss is considered by security experts to be one of the most serious threats that businesses currently face.
Maintaining the confidentiality of personal information and data is an essential factor in operating a successful business. People must be able to trust that their service provider takes the appropriate measures to implement security controls that will ultimately protect their privacy.
However, some of the largest and most reputable organizations have fallen victim to data loss security breaches resulting in significant legal, financial, and reputation loss, including [1]:
The Bank of America: Losing the personal employee information of over one million employees
The United States Government: Losing data related to the military
Heartland Payment Systems: Transferring credit card information and other personal records of over 130 million customers
In 2013, it was estimated that data breaches had resulted in the exploitation of over 800 million personal records [2]. This number is also expected to rise over the next several years given the advanced tools that cybercriminals use to steal information and data.
Interestingly, it is not just cybercriminals who represent a threat as:
64% of data loss is caused by well-meaning insiders.
50% of employees leave with data.
$3.5 million average cost of a security breach.
Considering these extensive data breaches, it is practical for organizations to understand where their critical data is located and understanding current security controls that can stop data loss.
Data Loss Prevention (DLP) solutions locate critical and personal data for organizations and help prevent data loss. By having a deeper understanding of efficient DLP security controls, you will help protect the reputation of your organization.
For more information contact: rkopaee@riskview.ca
https://www.threatview.ca
http://www.riskview.ca
Improving Incident Response: Building a More Efficient IT InfrastructureEmulex Corporation
This webcast will focus on the results of a study Emulex commissioned from Forrester Consulting that evaluates the range of issues that enterprise IT staffs are facing while managing the performance of their business-critical application and business services. The results of the study, entitled “Improving Incident Response: Building a More Efficient IT Infrastructure,” indicate that a lack of network visibility negatively impacts the ability of IT staff to identify and resolve application performance issues, which leads to substantial business productivity loss.
Symantec Data Loss Prevention. Las tendencias mundiales nos muestran que el mayor porcentaje de perdida y robo de datos responde a la falta de visibilidad y el error en el manejo de los mismos. Conozca como prevenirse.
When data that is critical to cybersecurity tools remains in silos, everyone loses. This siloed approach diminishes the value of the data and leaves organizations with incomplete visibility, significant management overhead, and uncertainty about which security tools are actually necessary to ingest and analyze the data to protect the business.
These slides--based on the webinar--help answer the following questions:
- Which cybersecurity tools are necessary for full internal and external coverage, and which are redundant or outdated?
-What are the signs that a vendor can back up their promises, or that they’re exaggerating their product’s capabilities?
-How can you leverage machine learning to reduce security response time?
- How can you combine the strengths of a big data model with adaptive machine learning for more accurate, effective security protection and detection capabilities?
This presentation will explore suggestions for ways Security people in Central Ohio can and do collaborate to improve Security practices within and external to organizations. This will explore ISACs, ISAOs, partnerships such as the Collaboratory, Internships, ISSA, etc.
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...infoLock Technologies
Learn how you can leverage Symantec DLP's superior detection technologies and comprehensive coverage to protect your confidential data against theft not only from malicious insiders but also well-meaning employees - while enabling you to comply with global data privacy laws and safeguard your reputation.
DSS ITSEC 2013 Conference 07.11.2013 - For your eyes only - Symantec PGP Re-L...Andris Soroka
Presentation from one of the remarkable IT Security events in the Baltic States organized by “Data Security Solutions” (www.dss.lv ) Event took place in Riga, on 7th of November, 2013 and was visited by more than 400 participants at event place and more than 300 via online live streaming.
Overview of Data Loss Prevention (DLP) TechnologyLiwei Ren任力偉
DLP is a technology that detects potential data breach incidents in timely manner and prevents them by monitoring data in-use (endpoints), in-motion (network traffic), and at-rest (data storage). It has been driven by regulatory compliances and intellectual property protection. This talk will introduce DLP models that describe the capabilities and scope that a DLP system should cover. A few system categories will be discussed accordingly with high-level system architecture. DLP is an interesting technology in that it provides advanced content inspection techniques. As such, a few content inspection techniques will be proposed and investigated in rigorous terms.
Enterprise Strategy Group: The Big Data Security Analytics Era is HereEMC
This analyst report explains that organizations can no longer rely on preventive security systems, point security tools, manual processes, and hardened configurations to protect against targeted attacks. Henceforth, security management must be based on continuous monitoring and big data analysis for situational awareness and rapid decisions.
At the highest level, our mission continues to be about keeping our customers (companies and governments) safe from ever-evolving digital threats, so they are confident to move business forward. Our strategy to accomplish this mission centers around four key pillars: Advanced Threat Protection, Information Protection for On Premise and Cloud, Security as a Service -- all anchored by a Unified Security Analytics Platform. Symantec Data Loss Prevention is a foundational product in the Information Protection for On Premise and Cloud pillar.
Everyone knows that storing and accessing data and applications in the cloud and on mobile devices provides makes work much easier and productive by allowing employees to work everywhere they need to.
It allows for great business agility – applications are always up to date, new functionality and processes can be deployed and activated quickly and organizations can adjust things on the fly if they need to.
It also brings the convenience factor – all employees to work in the way that they need to, collaboration and sharing is made vastly easier with cloud applications and storage.
But it brings with it all the challenges of securing devices and applications that your don’t own, and whilst saying NO might be the right thing for security, end users will find a way around it. Right now, close to 30% of employees use their personal devices for work. And that number is on the rise, potentially turning BYOD into Bring Your Own Disaster.
IT Information Security Management Principles, 28 February - 02 March 2016 Du...360 BSI
This 4 day training program combines advanced technology and relevant practical experience to develop your IT security policies & create a robust IT infrastructure.
Information security is critical for modern business models today.
Organizations must be prepared to take crucial steps to strengthen their IT infrastructure from both internal & external threats.
Organizations must look to develop a security network that enhances business operations while improving its security position. Successful security architecture combines a mix of the latest policies & practices, technology, and a robust awareness program.
This 4 day intensive training workshop addresses the latest concerns on IT infrastructure and security. Participants will develop key skills and core competencies that will allow them to meet the ever-changing security demands of the 21st century.
Course Participants will:
- Master the tools & techniques for effective information & network security.
- Discover how to create a complete & sustainable IT security architecture.
- Gain knowledge on how to develop sound security policy together with your security architecture.
- Learn how to perform an IT governance assessment using CoBIT 4.0
- Learn how to perform smart security risk assessment within your organization.
- Gain valuable insights on implementing a proactive & robust security management system.
- Learn how to detect & prevent information security breaches due to inadequate IT security awareness within the organization.
Who should attend:
Vice Presidents, Directors, General Managers
Chief Information Officers
Chief Security Officers
Chief Information Security Officers
Chief Technology Officers
Contact Kris at kris@360bsi.com for further information.
IT Information Security Management Principles, 15 - 18 May 2016 Dubai UAE360 BSI
This 4 day training program combines advanced technology and relevant practical experience to develop your IT security policies & create a robust IT infrastructure.
Information security is critical for modern business models today.
Organizations must be prepared to take crucial steps to strengthen their IT infrastructure from both internal & external threats.
Organizations must look to develop a security network that enhances business operations while improving its security position. Successful security architecture combines a mix of the latest policies & practices, technology, and a robust awareness program.
This 4 day intensive training workshop addresses the latest concerns on IT infrastructure and security. Participants will develop key skills and core competencies that will allow them to meet the ever-changing security demands of the 21st century.
Course Participants will:
- Master the tools & techniques for effective information & network security.
- Discover how to create a complete & sustainable IT security architecture.
- Gain knowledge on how to develop sound security policy together with your security architecture.
- Learn how to perform an IT governance assessment using CoBIT 4.0
- Learn how to perform smart security risk assessment within your organization.
- Gain valuable insights on implementing a proactive & robust security management system.
- Learn how to detect & prevent information security breaches due to inadequate IT security awareness within the organization.
Who should attend:
Vice Presidents, Directors, General Managers
Chief Information Officers
Chief Security Officers
Chief Information Security Officers
Chief Technology Officers
Contact Kris at kris@360bsi.com for further information.
1. TIM JACKSON
13 BeesleyStreet Mobile:0424 504 085
East VictoriaPark6101 Email:timjackson142@hotmail.com
Perth,WA,Australia
__________________________________________________________________________________
Public
Career Summary
18 month experience as a Security & Quality Coordinator Lotterywest)
12 months experience as a Technical Architect – Information Security (FMG)
18 months experience as an Information Security Manager (AaE)
12 month experience as a Senior IT Consultant (EY)
2 and a half years experience as an Information Security Analyst (AaE, FMG)
18 months experience as an IT Auditor (OAG)
Over 4 years experience in network and computer administration (ORSGroup)
I am an IT professional with over 12 years direct industry experience in Perth and Melbourne. I have worked in
management and leadership roles for much of that time in my positions with AaE, E&Y, FMG and Lotterywest. I
have excellent communication skillsand amableto relay technical concepts in non-technical terms at all levels
of the business.I understand that IT exists to serve the business and my management and technical skills and
training allowme to quickly understand business needs and providetechnical and improved process solution
utilizingexistingtechnologies or ata minimal cost.
I am lookingto further my IT career in a risk,management or architectural capacity and believethat I am a
loyal,valuableand dedicated employee.
Professional Competencies
Risk and compliancemanagement
Network Security Architecture
Information Security Architecture
Project management
Application and network penetration testing
Databasedesign and administration
Web application security testing
Network security testing
SharePointdevelopment and administration
Computer forensics
Strategic policy development
General IT controls auditing
Security auditing
Business Continuity and disaster recovery design
Network administration
Windows and Linux desktop administration
Active directory administration
Linux server administration
Developed Competencies
Great verbal and written communication skills
Excellent report writingskills
Strategic minded with tactical ITplanning and implementation skills
2. TIM JACKSON
13 BeesleyStreet Mobile:0424 504 085
East VictoriaPark6101 Email:timjackson142@hotmail.com
Perth,WA,Australia
__________________________________________________________________________________
Public
Collaborativeteam management style
Experienced in resourceand time management
Experienced in projectfinancial management
Experienced atdrivingleadership and decision making workshops
Experienced, friendly and willingmentor for junior staff
Education
Qualifications
Bachelor of Science, Communications and Information Technology
Graduate Diploma of Computer Security
Foundations of ITIL
KP: Problem solvingand decision making
ACE: Computer Forensics
SABSA Security Architect
Trained SANS Penetration tester
Ongoing Professional Development
Diploma of management (2014)
Experience
Lotterywest – (2013 – present)
Security & Quality Coordinator
Integrating security architecture into the project office through the development of business, functional and
non-functional requirements and technical architectures for key projects
I am usingSABSA and TOGAF architectureframeworks to incorporateformal disciplearound the development
of project requirements. Once these requirements aredeveloped I am designingtechnical security
architectures to meet these requirements for the engineers to build.OncebuiltI am security testing the new
systems in test/dev to ensure the actual buildsareconsistentwith the architecture. Where deviations occur I
am performing a risk assessmentto determine the impacton the security of the information assets involved.
Key achievements
- Information Security Strategy and operational plan
- Mobile App Play online security testing
- eDreams ERDMS
- Set up a security testing lab using freeware
- Formalized security architecture governance documentation including principles, procedures and
policy.
3. TIM JACKSON
13 BeesleyStreet Mobile:0424 504 085
East VictoriaPark6101 Email:timjackson142@hotmail.com
Perth,WA,Australia
__________________________________________________________________________________
Public
Fortescue Metal Group (2012 – 2013)
Technical Architect – Information Security
Architected security solutions to address specific business security requirements as well as policy requirements
across multiple security domains
I integrated SABSA based security architectureinto the existingTOGAF architectureframework. I have used
this framework to architectsecurity controls to address business driversfor security as well as takinginto
accountpolicy acrossmultiplesecurity/organizational domains.
Key Achievements
SABSA / TOGAF integration.
Developed security architectural principles
Developed repeatable controls for projects.
Developed / implemented and administered SPLUNK security perimeter monitoring solution.
Current technical lead on ArcSight SEIM project.
iServer, Splunk, ArcSight, TOGAF, SABSA
Fortescue Metal Group (2010 – present)
Information Security Risk Analyst
Consulting on major mining IT projects in support of larger mining expansion initiatives. Providing technical
advice, architectures and designs as well as conducting security testing.
I was instrumental in creatinga management framework for the Information Security business unit.I created
an Information Security Management System (ISMS) consistingof a specialized risk management and controls
framework and associated policies,procedures,standardsand guidelines.I provided technical design and
architectureto major IT projects and performed security testing of new and existingservices.
Key Achievements
Developed Information Security Management Framework.
Developed policies,procedures,standards and guidelines
Provided security design and architecturedocumentation to major miningproj ects.
Performed security testing for major projects.
Designed and developed a divisional IntranetSharePointwebsite.
Technologies
Nessus,Nmap, Canvas,Metasploit,Windows,Active Directory, Cisco routers and switches, Checkpoint, Cisco
ASA firewall,MSBA, Symantec Antivirus,Forefront antivirus,SnortIPS, Checkpoint DLP.
Standards
4. TIM JACKSON
13 BeesleyStreet Mobile:0424 504 085
East VictoriaPark6101 Email:timjackson142@hotmail.com
Perth,WA,Australia
__________________________________________________________________________________
Public
ISO 27001,ISO 27002,ITIL, ISO 4360, HB 436, HB 171
Ernst and Young (2009 – 2010)
Senior IT Consultant
Lead teams providing IT consultancy services to big business including miners, banks, government, insurers and
industry.
As a senior IT consultantI was in chargeof deliveringmultipleconcurrentconsultancy engagements to clients.
I led consultantteams throughout the engagement providingadviceand supportwhen needed. I liaised with
clients to develop and agree engagement scope and budget and I managed internal budgets and resources.I
was responsiblefor writingfinal reports and deliveringrecommendations to clients.Throughout this I have
developed the ability to interpret technical solutionsand deliver them to business stakeholders.
Key Achievements
Led teams consultingon major projects for Rio Tinto, ANZ, RAC, Main Roads and the Department of
Shared Services.
Developed a trainingprogramfor risk management delivered to all senior consultants in theAsia
Pacific region.
Developed new technical test plans and testingmethodologies for future engagements.
Developed testing lab capabilities.
Technologies
Windows,Linux, Nessus,Cisco routers and switches,Checkpoint firewalls,ActiveDirectory, Nmap, Metasploit,
Nickto, Office.
Standards
ISO 27001,ISO 27002,ITIL, ISO 4360, HB 436, HB 171,PCI ComplianceStandards
Australian Air Express – AaE (2006 – 2009)
Information Security Risk Manager
I developed the Information Security Department from green field, including staff, security processes and
business integration and technical capabilities.
I was promoted to the roleof Information Security Manager to manage security processes as a resultof the
increased maturity of the Information Security business unitand to manage junior staff.I developed the
Information Security Management System includingthe Risk Management Framework and database,and all
policies,procedures,standardsand guidelines.I mentored and guided junior security staff and provided
security adviceto major business initiatives includingbusinesscontinuity and disaster recovery planning.I was
an integral part of the IT leadership team and contributed to the strategic direction of the IT Department.
Developed the Information Security business unitand management framework.
5. TIM JACKSON
13 BeesleyStreet Mobile:0424 504 085
East VictoriaPark6101 Email:timjackson142@hotmail.com
Perth,WA,Australia
__________________________________________________________________________________
Public
Developed the risk management framework and implemented a risk management database.
Developed policies,procedures,standards and guidelines.
Integrated IT Security processes with existingbusiness processes.
Contributed to major projects.
Contributed to the strategic direction of the IT Department.
Information Security Analyst
I remediated a large number of audit findings, developed projects and initiatives and project managed major
I was brought into this roleto address a largenumber of auditfindings.Through collaboration with key
stakeholders I analyzed the issues and grouped the issues by their root cause.I developed a number of
initiativesand projects designed to address these issues includingprojects to re-architectthe internal network.
I prioritized each project based on the business needs and develop business casesfor each.I acted a project
manager on two of the four major projects and successfully lead engineeringteams in deliveringresults to the
business.Itwas clear that a security division of ITrequired which I recommended to management and was
immediately endorsed and later established.
Key Achievements
Successfully projectmanaged and implemented two major security upgrade projects.
Mitigated 80 auditfindings in 18 months.
Developed policies and procedures.
Integrated basic security practicewithin existingbusiness processes.
Technologies
Cisco routers and switches, Novell, Bluecoat, Checkpoint, McAfee ePolicy orchestrator,Symantec Anti-virus,F5
load balancers,FoundstoneenterpriseIPS
Standards
ISO 27001,ISO 27002,ITIL, ISO 4360, HB 436, HB 171,PCI ComplianceStandards
Office of the Auditor General (2003 – 2006)
I conducted general IT controls audits on behalf of the Western Australia Government in support of ATTEST
financial auditor.
I conducted numerous audits of IT financial,HRand general business systems in order to provide financial
auditors with assurancethatdata extracted from those system could be relied upon. During my involvement
with the OAG I was exposed to numerous financial systems includingSAP and Alesco.
Technologies
Nessus,Nmap, Wikto, Windows,Mac, Office
Standards
6. TIM JACKSON
13 BeesleyStreet Mobile:0424 504 085
East VictoriaPark6101 Email:timjackson142@hotmail.com
Perth,WA,Australia
__________________________________________________________________________________
Public
ISO 27001,ISO 27002,ITIL, ISO 4360, HB 436, HB 171,PCI ComplianceStandards
Personal Interests
I am married and have two children.I have a keen interest in dirtand road bike racingand occasionally
participatein club level competition. I am quite physically fitand enjoy exerciseincludingweights and martial
arts.I also enjoy healthy food and am partial to the occasional glassof red.
References
Contact details provided on request:
TBA
TBA