Delia Amidon:  

Leia Amidon (nee Delia Butcher) -- I miss you all. Much love and happiness to everyone. Live the best possible life for you, and enjoy every second. ============================ Leia Amidon CISSP Principal, Sunstorm Security Group Consultant: Senior Information Security Architect and Analyst Silicon Valley Corporate Anchor / San Francisco sunstormsecurity.com -- Malicious Mind Podcast maliciousmind.com ========================= Resume: Executive Summary ========================= Established proficient security strategist with 18 years executive experience with in-house corporate and consulting audit methodologies, policy compliance. Experience in conducting global enterprise risk assessments, penetration testing, security application and architecture development. Experienced in global enterprise security, and conducting end-to-end information security audits. Other duties included assessment of in-house interoperability, networking appliances (routers/firewalls/ACLs), databases, audit management application, operations best-standards , LANs, VLANs, WANs, web servers, cradle-to-public offering SAS70 policy authorship, code review, ERP audits, ISP and collocation facility assessment, and the assessment of wireless, and satellite operations. Hold significant experience in security operations project development, including internal audit preparation, milestone management, and business-correlated metrics. Have directed and delivered successful standards-based audit compliance projects. Strong working knowledge of risk-based control assurance models. Have conducted authoritative external independent audits as a partner in a security consulting practice. Audit standard experience includes SAS-70, ISO 17799, COBIT, SunTone, SysTrust, HIPAA, SOX (Sarbens-Oxley), data classification, and multiple ERP application solution audits (Oracle, SAP.) Working fluency with further common US, Canadian, and European audit regulations and standards. Experienced in investigation and research as a subject-matter expert in developing defense-in-depth architecture and methodology for securing mixed-platform global network enterprises, and distributed computing operating system environments (UNIXes, Linux, Windows, Macintosh, VAX.) Considerable work in risk assessment and construction of metrics for cost-benefit recommendations and experienced with executive-level presentations. Reportage included policy recommendations calibrated to specific business risk and business process. Security consultant with practical hands-on expertise and certification in multiple facets of intrusion detection, authoring unique signature identification, extrapolation of anomaly signatures, penetration testing, computer forensics, subject-matter court testimony, and vulnerability analysis. Experience in authoring, managing, achieving consensus for compliance, and establishing lifecycle oversight for corporate policies. Policy and procedure experience include: organizational general security policies and procedures, networks, systems administration, change control, business continuity and disaster recovery, incident response and emergency escalation, code review and QA security methodologies, intrusion detection and NOCs, third-party connection contracts, IT operations, and other internal security control policies and procedure. Knowledgeable in establishing security lifecycle programs, goals, and metrics via monitoring applications. Experienced in curricula development and in-house client IT security classroom training. Veteran at documentation of policies and procedures, data classification, and analysis. Accomplished in forging consensus among all levels of project and corporate stake-holders in security initiatives and audit compliance goals. Adept in negotiating practical, technically-sound, and diplomatic solutions with project stakeholders. Have served as both a departmental director and team mentor in corporate headquarters environments, and as a Senior Partner in private consulting practice. Background in extensive consultative travel. Exhibited leadership in the conduct and practice of directing audit and penetration testing teams in the field. Client list includes constituents of the Fortune 50, major banking, brokerage, government and global fiduciary entities, including both major New York stock exchanges. Have consulted to US Military Command and defense contracting organizations, leading information technology innovators and top-tier Silicon Valley firms, hardware and software electronics manufacturers, venture capital firms, space and aeronautics contractors, oil and gas companies, HMOs and health providers, telecommunications multinationals, transportation organizations, and international technology management corporations. Adept, articulate public speaker, with strong background in corporate and seminar presentations. Proficient at technical security documentation, security tradecraft methodology architecture development and policy authorship. Experienced at researching, authoring, producing, and presenting original multimedia (slides, graphics, and film/video content) for information security conference engagements. Education/Curricula =================== Michigan State University - Communications: Multidisciplinary BA/BS Program. (Work Study: Intern, Computer Sciences Department, Mainframe Input-Output Tech) University of California at Santa Clara - Network Adm...Expand for more