Bio Cybersymposium

T.J. Bowling

Eglin Air Force Base, Florida

Information Security Trusted Advisor | DevSecOps Team Leader | Architect/Engineer/Scientist | CISSP CISM ITIL

DoD Cleared Information Technology Leader: Strong Engineering Background and Communication Skills. Multilingual (English, Spanish, German) with extensive global multicultural experience.

Specializing in Information Security, Cyber Security, DevSecOps (CI/CD pipeline), Legacy DataCenter, High Availability, Incident Response, Hybrid and Multi-Cloud Security Architecture. Experienced in Governance, Risk & Compliance. Creator of Policy, Process, Playbook and Standard Operating Procedures (SOP), establishing, maintaining and improving enterprise information security programs. Evangelist for Continuous Improvement / Continuous Delivery, Automation and Process Maturity.

Experienced Expert Witness and Broadcast Media Guest, Public Speaker and Published Author, with Industry expertise in Security Operations, Compliance, Governance, Policy, Risk, Cyber Threat Intelligence, Exercises & Wargames (RedTeam / CTF). Federal and Financial experience implementing NIST 800, Cyber Security Framework (CSF/CMMC), ISACA Risk IT, Maturity Model, and early evangelism for the MITRE Adversarial Tactics, Techniques & Common Knowledge (ATT&CK) Framework.

ARA
Sr. DevSecOps Engineer | Supervisor

September 2023 - Present (6 months)

Eglin, AFB

Analytic, Software and Engineering Solutions (ASES): Team Lead enhancing CI/CD pipelines, infrastructure, security automation, collaborating with cross-functional teams, implementing cutting-edge solutions & scalability. Leading security projects, Cloud Security Architectures: MS Azure, AWS & GCP, OpenStack, FISMA/FedRAMP, NIST 800/RMF/CSF/CMMC & continuous Authority to Operate (cATO) in a classified environment. Using Linux (RHEL/Ubuntu), Python/Bash, GitLab, Ansible & Terraform. Integrated compliance of security program & federal requirements. Continuous scanning, vulnerability assessment & management, penetration testing of multiple applications & infrastructure. (C#/C++, Java/JavaScript & Node.JS)
Mega Services LLC
Cyber Security Trusted Advisor

April 2023 - September 2023 (6 months)

Atlanta Metropolitan Area

Contracted to directly advise the President/CEO on Strategy, Technology, Operations & Service Delivery, Leadership & Management, addressing in depth Cyber Security needs. Automated Availability, Confidentiality & Integrity by capitalizing on experience in communications & architecture of security solutions. Automated Processes, Procedures & implemented AI solution (Azure/Bard/ChatGPT) to automate Cloud and Content Delivery Botify, Zoho, Python & JavaScript. In the role of CISO, supported Audit & Compliance: PCI-DSS & SOC II, Third Party Reviews, SAST/DAST & Cyber Threat Intel. Successfully completed project under budget and ahead of schedule.
TransUnion
Information Security Officer (ISO) | Advisor

April 2018 - April 2023 (5 years 1 month)

Atlanta Metropolitan Area

U.S. Markets Technology, requiring hands-on security engineering and architecture of security solutions. In-depth analysis and reporting in the Vulnerability Threat Management Program of Corporate Governance, Risk and Compliance (GRC). DevSecOps Advisor/Approver in the STAR process and PI/Agile sprints; SAST/DAST/SCA, OWASP, Kubernetes Orchestration & Management, Puppet. Improved Incident Response & Vulnerability Management; AgileCentral, Archer, BlueLava, Kenna, Splunk, PowerShell, Remedy & Jira. Leading projects, CI/CD, Cloud Security Architectures: MS Azure, AWS & GCP, FedRAMP, NIST 800/CSF & CMMC + ISO 27000. Ongoing PCI-DSS/PA-DSS, SOC II (1&2), Third Party Reviews, Internal Audit, PII/PHI Protection & M&A Policy Compliance.
Bank of America
Information Systems Security Engineer | AVP

December 2011 - April 2018 (6 years 5 months)

Atlanta Metropolitan Area

Global Information Security (GIS) – Led teams ranging in size from 3 to 7 employees and contractors. Supported Asset Inventory Management with context. Led results driven change using Factor Analysis of Information Risk (FAIR) and performed Third Party risk assessments for industrial clients using ISA/IEC 62443 in the GIS Transformation for the Audit & GRC teams. Led Cyber Threat Intel (OSINT), Metrics & KRI for IDS/IPS Incident Response: SourceFire/SNORT, after leading Exercises & Wargames (CAPP/QD2/FSISAC). Worked daily building coalitions and reporting using tools: SIEM, PKI, MFA, & ActiveDirectory (AD). ArcSight, Archer, PowerShell, PowerPoint, SharePoint, Visio, Excel, & OneNote.

Defense Language Institute Latin American Spanish & Culture · (1984 - 1985)
Centre for Development of Advanced Computing Post graduate diploma, Diploma in advance computing (DAC) · (2017 - 2018)
United States Air Force Academy Cadet · (1982 - 1984)
University of Tennessee, Knoxville Bachelor of Science - BS, Electrical Engineering · (1988 - 1992)

Project Management
Management
Cyber Threat Intelligence (CTI)

CYBER SYMPOSIUMS

RECENT EVENTS:

T.J. Bowling

THE DEMOFORUM