Professional Paranoid

James P Callahan
james.p.callahan 'at' gmail.com

A talented manager with a record of achieving extraordinary results, motivating task oriented teams to bring complex projects to successful, on-time and on-budget completions. A highly skilled security expert with expertise in developing implementing and managing enterprise wide multi-faceted security solutions, both in the federal and private sector. Experienced in the design, application and maintenance of multiple security disciplines, including information security; physical security; personnel security as well as legal aspects of security implementations. An exceptional communicator with experience preparing and presenting instruction and written guidance; taking complex issues and tailoring them to specific audiences, in easy to understand formats. Current Top Secret with Full Scope Poly. MITRE ATT&CK Contributor.

Summary of Management Experience

Over thirty five years experience in a variety of successful positions directing and managing task oriented teams and sub-elements of up to 80 persons including eighteen years leadership experience on active military duty and two consecutive director level positions in the private sector Information Technology industry. Held an assortment of titles including, Director, Special Agent in Charge, Team Leader, Operations Officer, Staff Security Officer, Lead Investigator and Liaison Officer. Conferred numerous honors and awards for performance and lauded as best among peers on efficiency reports.

Education & Certifications

* Bachelor of Science, University of the State of New York Regents College 1996

* Information Systems Security Engineering Professional (ISSEP) 2010

* Certified Information Systems Security Professional (CISSP) 2007

* Certified Ethical Hacker (CEH) 2010

* Certified Splunk Knowledge Manager 2015

* Certified Splunk Core Power User 2018

* Splunk Certified Cybersecurity Defense Analyst 2024

* Splunk Certified Cybersecurity Defense Engineer 2024

* Certified Splunk Enterprise Security Administrator 2022

* German Foreign Language Proficiency (Defense Language Institute) 1985

* Advanced Computer Investigators Course for Special Agents (Network Investigations/Computer Forensics) 1999

Professional Experience

October 2009 - Present: Sr. Principal Consultant (Two contracted positions with worksite at Ft Meade, Maryland)
UScontracting; Prime Solutions; National Security Interest Company and IBM (by acquisition)

Security Operations Center (SOC) Senior Principal Cyber Security Detection Engineer and Threat Hunter, Aug 2010-Present
Develop and engineer advanced tools and techniques in order to proactively mine multiple data sources and feeds detecting subtle anomalies not easily discovered through automated alerting processes. Aid in resolving these anomalies leveraging detailed infrastructure knowledge. Continually seek out new sources of data and tools to leverage in these analytical efforts. Provides advanced detailed security analysis based on aggregate data from both internal and external sources. . Subsequently responsible to support the sustainment of that operational maturity growth during tenure in assignment.
Key Contributions:
-Developed process for examination of open source reporting for relevant application to supported infrastructure.
-Engineered process for creating baseline data sets for normal data flows to quickly identify abnormalities.
-Engineered and documented processes to leverage on hand office tool suite in order to provide advanced analytics with visualization. This filled gaps in analytic capability at no additional expense to supported organization.
-Served as charter member and senior mentor for an advanced analytics team, having team formed and formalized around individual capability and skill.
-On boarded and mentored team lead for newly formed team provided advice and assistance for administrative, mission and technical aspects of this team.
-Served as informal mentor for assigned personnel in areas of expertise.
-Personally and/or in concert with SOC team members, identified, triaged and resolved numerous situational and systemic systems security anomalies resulting in continual exceptional laudatory comments and remarks at the group level of the supported organization.
-Provided requirements for, and aided in creating new data sources based on previously untapped network connection information.
-Authored Standard Operatizing Procedures regarding SOC leveraging of unique corporate data sources assuring compliance with law and organizational policy.
-Assured availability of data mining systems and tools under purview of control.
-Served as Technical Task Order Lead for contractor personnel across multiple supported organizations, assuring staffing qualifications and contract reporting requirements. Was selected for this role, as a sub-contractor over several prime contractor personnel who could have fulfilled this duty. This TTO was the largest Contractor population across this specific contract.
-Selected by office level senior to assist in addressing sensitive matter, providing project management skills and alleviating administrative and analytic burden for short fuse, high visibility matter.
-Provided security engineering integration support for SOC commercial and government developed analytics solutions, ensuring relevance of results for junior analysts.

Information System Security Engineer - Oct 2009-Aug 2010
Providing consulting type information systems security engineering advice and assistance to new and existing projects and programs across supported agency. This includes identifying and costing of solutions; preparing and/or editing appropriate certification and accreditation documentation; advocating solutions with the Designated Approving
Authority.
Key Contributions:
-Designed and received formal written approval for implementation of non-standard Cross Domain Connection (PL5).
-Developed reporting metrics framework and tracking for customer organization to quantify work product success and work load.
-Participated as a principal content provider and project champion for training effort to facilitate transition from DCID 6/3 Certification and Accreditation process to the NIST Risk Management Framework
-Developed, proceduralized and authored weekly threat reporting process, taking hundreds of threat reports from multiple sources and condensing into the customer organization
-Weekly Threat Roll-Up. This report was designed to provide customer organization with mission relevant threat data that may impact the recommendation on how to design or accredit Agency systems.
-Conducted in depth non-standard product evaluation to determine appropriateness and suitability for purpose of proposed shared encrypted storage product to provide shared storage capability for disparate classification levels.
-Provided subject matter expertise and thought leadership in support of customer organization vendor demonstration process for continuous monitoring product selection. This included participating in writing and administering use cases and tests for ten different candidate vendor products and initial product requirement enumeration for selected vendor. Also participated as customer advisor during initial dialog with organization responsible for implementation.
-Hand selected to provide initial evaluation of Information Assurance status relative to security engineering for Agency involvement in US Army collection platform modernization of Guardrail Common Sensor.

January 2009 - October 2009: Director, Data Center Operations & Strategy
Barclaycard US/Barclay’s Bank Delaware
125 S. West Street, Wilmington, DE
Brief Description: Responsible to provide thought leadership to senior IT management, IT operations, technical staff and project management to proactively assist in defining specifications, solutions, direction, and architecture principals for data center operations and strategy. Construct the statistical and analytical methods necessary to understand, evaluate and recommend improvements to current data center operations and future strategies. Concludes on options, risks, cost/benefit analysis, integration issues, gaps, and impact on business processes of the current and proposed data center technology. Conducts cost analysis studies to determine feasibility of various approaches to maintain operational environment. Leads the research for data center infrastructure advancements to ensure that the enterprise-wide data center infrastructure is continuously improved and aligned with the industry and company standards; designs and provides updates to standards to enhance solutions.
Key Contributions
-Developed socialized and received formal approval for first ever organizational long term data center strategy document.
-Developed data center migration plans to implement strategy.
-Cultivated relationship with sister company to aid in implementation of strategy and leverage synergies in application and equipment sharing.
-Championed and implemented 'Green' initiative in data center power consumption, ultimately saving an estimated 28% in data center cooling costs.
-Developed, socialized and received formal approval for first ever formal organizational IT asset disposal program.

January 2008 - January 2009: Director, Recovery Services and Records Management,
Barclaycard US/Barclay’s Bank Delaware
125 S. West Street, Wilmington, DE
Responsible for developing and directing two teams of subject matter experts assuring development and maintenance of critical business processes compliant with Barclays UK corporate strategy while tailored to US operational environment. Specifically, directing the company's business continuity and disaster recovery program as well as the records management function as part of the information security and risk management department. This includes directing functional area programs of risk based assessments and mitigation strategies covering internal systems and processes as well as external vendors. Working with business and technology partners developing incident response and recovery strategies for time-sensitive functions. Working with record holding business units and database administrators on information life cycle management as part of the overall enterprise content management (ECM) initiative.
Key Contributions:
-Initiated consolidated records management program including publishing corporate wide operational standard; adoption of steering committee charter; and hiring head count.
-Oversaw and coordinated continuity and recovery aspects of two major technology migrations involving four separate data center environments assuring adequacy of strategy and implementation to meet recovery objectives as defined by service level agreements.
-Working with human resources department, served as project lead for information security department job family alignment project, writing job descriptions for all Infosec department positions including retitling of all positions to standard corporate framework, quantifying general job requirements and creating consistent career path as well as job progression for each position.
-Provided executive education for continuity and recovery operations including table top exercise.
-Managed recovery hosting vendor relationship during critical migration.
-Standardized and validated records recall procedure for over 100 relevant records for compliance with federal rules of civil procedure (FRCP) litigation retention and discovery requirements.
-Validated and/or initiated records destruction procedures and protocols for both internal and external (vendor) held corporate records.

October 2004 - January 2008: Senior Operations Executive/Director, Customer Data Center Security,

Verizon Business (by acquisition) & MCI

1 Digex Plaza, Beltsville, MD, 20705

Responsible for strategic planning; implementation; management and direction for security policy, procedures and protocols for 15 Premium Collocation Data Centers and four managed hosting data centers (two domestic and two international). Provides compliance advice and assistance for hosting operations to meet customer contractual obligations across all supported industries and standards. Working closely with sales, marketing, and product management, provides direction and support to address customer specific environmental security and compliance issues and concerns for all hosting products Provides outsourced consulting services regarding data center security.

Key Contributions

-Working through matrixed support relationships throughout the enterprise reviewed diverse security practices at individual data centers to identify, and develop new standards where necessary and deploying those practices across all data centers.

-Provided outsourced consulting services to enterprise class customer in site selection and design of in-house data center.

-Developed and implemented Standardized Access Control Policy in Premium Data Centers, bringing 14 geographically dispersed locations under a single set of physical security processes and protocols.

-Focused security efforts of Premium Data Center operations groups to achieve first ever unqualified SAS70 Type II audit.

-Awarded Network World/AFCOM Secure Data Center of the Year for managed hosting data center.

-Working with legal, sales and product management, participated in complex customer RFPs (bids) to address individually customer unique data center physical and personnel security issues, leading to the first ever physical security SLA for a customer.

June 2000 – October 2004: Director, Security & Business Continuity, Digex Inc.

1 Digex Plaza, Beltsville, MD, 20705

Responsible for all facets of corporate security planning, implementation and management of physical and personnel assets and operations for a private sector hi-tech Internet Service Company. Responsible for the development, management and implementation of corporate business continuity and disaster recovery plans and operations. Responsible for all security and business continuity awareness training and internal corporate threat and vulnerability assessments. Interface directly with customers, assisting with sales and support of company product from a security and business continuity perspective.

Key Contributions

-Oversaw the security aspects of Digex international implementations, establishing security standards and procedures for integrating Digex managed service in non-Digex facilities.

-Reduced overall operating budget by 50% in two years. Reduced headcount; integrated network enabled - cost saving security solutions and eliminated extravagance while increasing corporate wide employee security contentment and awareness.

-Corporate subject matter expert for emerging privacy related issues (HIPPA, GLB, Safe Harbor, etc). Authored customer facing corporate position on compliance requirements as they relate to supporting specific client markets.

-Primary corporate liaison with federal, state and local law enforcement agencies.

-Developed facilities security standards and design criteria integrating these standards into nine new facility construction projects and/or retrofits.

-Developed and implemented standard first ever multi-discipline security policies and procedures for this relatively new company in the transition from a dot com start-up to corporate enterprise.

-Successfully developed and initiated an innovative corporate security awareness program increasing security awareness of all employees to the point of making this corporate security awareness a competitive discriminator.

-Developed employee pre-employment background screening program.

-Personally developed and implemented Security and Business Continuity Intranet Web sites, automating many support procedures and giving immediate employee access to corporate security policies and BC procedures.

1980 – 2000: United States Army, Counterintelligence Chief Warrant Officer Four

Section Chief, Master Instructor, Special Agent in Charge, Intelligence & Security Staff Officer (S2), Team Leader, Operations Officer,

Serving in a variety of positions of increasing complexity and responsibility, provided counterintelligence support to US Army customer agencies and organizations. This support included national security investigations, battlefield force protection support and intelligence analysis, computer crimes investigations and special operations, as well as national and local agency liaison. Also served as instructor and mentor for US Army Intelligence Warrant Officer Corps.

Notable Contributions

- Developed and established effective liaison program with Department of Defense’s Joint Task Force Computer Network Defense, serving on the Law Enforcement/Counterintelligence Cell. This program assisted in coordinating computer/network crimes investigations across multiple DoD and Federal agencies.

- Served for eight months in special duty position US Army Intelligence Representative to Joint National Agency Coordination Group at FBI Headquarters, in Washington DC.

- Deployment After Action Report was published in Center for Army Lessons Learned.

- Lead Intelligence Agent on US Army portion of renowned Solar Sunrise - Pentagon Hacker investigation that eventually led to the conviction of a hacker in a foreign country.

- Assisted in development of Standard Operating Procedures for Intelligence Investigations processing of computer media evidence.

- Developed and implemented organizational professional development web site, the first ever of its type.

- As Special Agent in Charge, lauded on my efficiency report as the "Best in the Battalion" (of 16 peers) earning Distinguished Leader designation.

- Developed and implemented user friendly automated database programs and interface to track and report security issues and inputting message traffic into training simulation.

- Served as organization automation systems advisor, keeping the command informed on automation issues and assisting in maintaining automation resources during Operations Just Cause, Desert Shield and Storm.

- Assisted in design and implementation of first organizational local area network.

- Developed and implemented first ever organizational Automation Systems Security Policy and Program for a 4000 person organization.