Robert T.

McGregor, CISSP 2809 Lakehollow Lane

Flower Mound, TX 75028
Mobile: 972-841-4418
Email: rmad48f2@westpost.net
CORE STRENGTHS Certified Information System Security Professional [cert. #27843]
Highly skilled multi-level presenter and security evangelist
15 years experience designing/implementing network security solutions
Enterprise level governance and consultation of all implementations
PCI/SOX/GLB/ISO auditing, implementing, testing, and evidence experience
Security operations development, procedures, and controls
Conduct system security evaluations, audits, reviews, web app audits
Certification practices, risk identification, ranking, and mitigation
External third party accreditation reviews
Liaison/advisor/SME all levels of internal/external INFOSEC issues

WORK EXPERIENCE:
Verizon Communications, Senior Member / Management
5/2007 - Present
Enterprise/LOB level primary authority for advice, consultation, and direction i
n all areas related to INFOSEC. Consult, plan and conduct security consultations
for internal and external accreditation projects. Recommend new revised securit
y measures and countermeasures. Provide technical guidance and advisement to tec
hnical specialists and engineers in areas such as security engineering lifecycle
, network communication, and systems development, and documentation. Specialize
d experience in analyzing, planning, designing, implementing, documenting, asses
sing, and managing the enterprise security structural framework; overseeing and
enforcing data security standards for protection of information systems; and rec
ommending appropriate security safeguards.
Accomplishments: - Established baseline system architecture against industry sta
ndards and best practices for audit and governance purposes. PCI DSS. - Introduc
e, oversee the security assessments for external third party applications, vendo
rs, and service providers. B2B. - Orchestrated major change and streamlined secu
rity practices and processes for B2C. Streamline and improve the security accred
itation review process.
Bank of America [CFC], Senior Security Architect/Engineer/Consultant
8/2006 - 5/2007
Subject matter expert concerning hacking technologies and team leader for the Ex
ploit Management Team [EMT]. Primary authority for advice and assistance in the
areas of security architecture, systems auditing, security tools, and all areas
related to INFOSEC. Conduct risk and vulnerability assessments. Responsibilities
focused on establishing and maintaining a successful information security compl
iance program;
Accomplishments: - Conducted gap analysis and inventory of system compliance and
implemented cross functional advisory committee. - Successfully proposed, imple
mented, and maintained 20+ security risk reduction programs with 100% mitigation
and resolution.
Computer Associates, Senior Consultant
8/2003 - 8/2006
Subject Matter Expert concerning network forensics investigations. Architected a
nd implemented forensic investigation practices. Conduct risk and vulnerability
assessments. Recommend new revised security measures and countermeasures to C-le
vel and senior management.
Accomplishments: - Performed investigations into network intrusions and access c
ontrol violations improving the investigative process. - Provided consulting, gu
idance and coordination to business units and departments on information securit
y. - Member and trainer for Rapid Response Investigation Team - Expert knowledg
e and of use of SILENTRUNNER, former NSA forensics toolkit.
VeriSign, Inc Information Security Practice Consulting Manager
5/2000 - 8/2002
Responsible for the overall strategic direction, growth and management of the Se
curity Assessment, Penetration Testing, and Virus Incident Protection Eradicatio
n & Response (VIPER) practices within VeriSign.
Accomplishments: - Architected, developed, and implemented multiple regulatory c
ompliance practices to include NIST, SOX, GLBA, HIPAA, and PCI practices for Aud
its against known standards and compliances. - Creator and Team Leader for VIPER
, a self managed rapid response team dealing with computer intrusions and forens
ics formed of the most talented security experts at VeriSign.

Radio Shack, Security Engineer

8/1999 - 5/2000
Participated in business application security design. Perform evaluation, analys
is and recommendation on information security components of the information tech
nology infrastructure. Collect and compile information security measurement and
metrics on an enterprise level. Performed investigations into network intrusions
and access control violations. Documented security policies, guidelines, proced
ures and best practices. Provide consulting, guidance and coordination to busine
ss units and departments on information security.
Accomplishments: - Implemented first Incident Response Team for RS.
FEDERAL LAW ENFORCEMENT Department of Justice BoP, Senior Officer GS-7
05/1994-8/1997
Conducted site surveys to ensure institutions were secure against threats. Prepa
red written reports. Advised officials on physical and logical control procedure
s and practices. Analyze and evaluate plans, programs, projects, policies, stand
ards, guidelines, and procedures to develop the basis for institutionalizing and
reviewing security concerns and implications.
Accomplishments: - Implemented Sniper deployment policy and procedure for use in
hostage rescue deployments. Member of elite hostage rescue team during 1995 hos
tage crisis.
United States Marine Corps Scout Sniper / Marksmanship Instructor E-5 Sergeant
12/1986-8/1992
Member of elite hostage rescue team. Conduct covert surveillance operations. Ad
vise unit commanders concerning clandestine military operations. Analyze and eva
luate plans, programs, projects, policies, standards, guidelines, and procedures
to develop the basis for institutionalizing and reviewing security concerns and
implications.
Accomplishments: - Awarded Meritorious Mast for clandestine operation surveillan
ce and recovery of enemy encryption data 1990
EDUCATION Tarleton State University Stephenville, TX US Bachelor's Degree - 6/20
05
Currently obtaining M.S. in Information Assurance at Capitol College Laurel, MD.
- 12/2011