Profiles search
James Costello, CISSP
Senior cybersecurity professional; dedicated to keeping people safe while they are online.
Cypress, TX, United States
Details
Education:
BBA
Management
Texas State University-San Marcos
2008 : 2010
AA
Internetworking Technology
Strayer University
2005 : 2007
Management
Texas State University-San Marcos
2008 : 2010
AA
Internetworking Technology
Strayer University
2005 : 2007
Experience:
2023 : Present
Katy ISD
Cybersecurity Manager
Oversees the approval and training of security standards and practices.
Develops and enhances a cybersecurity control framework based on established industry standards.
Implements security improvements by assessing current situation, evaluating trends, anticipating requirements, conducting periodic audits, and reporting violations.
Manages roles and responsibilities regarding information ownership, classification, accountability, and protection.
Maintains accountability for information security program governance through the Internet Content Filtering Management Governance Committee.
Creates and oversees the successful execution of the security roadmap including roles and responsibilities ensuring acceptable use policies.
Assesses cybersecurity risk posture to ensure that security procedures are compliant with relevant laws, regulations and industry best practices, and initiates programs to achieve and maintain a successful cybersecurity posture.
Develops and maintains relationships to influence security policy, standards and programs and enhance secure interoperability with extended entities such as third-party vendors.
Creates and manages cybersecurity communications, training and awareness programs.
Develop and maintain the cybersecurity risk assessment process, including the reporting and oversight of treatment efforts to address findings.
Provides strategic risk guidance for IT projects including the evaluation and recommendation of technical controls and solutions.
Works with the appropriate resources to monitor the external threat environment for emerging threats and advises relevant stake holders on the appropriate courses of action.
Leads the development and management of a comprehensive Threat and Vulnerability Management program.
Oversees cybersecurity incident response capabilities and directs enhancements to align with industry standards.
Serves as the Chief Privacy Specialist for the district.
2018 :
Cypress-Fairbanks ISD
IT Security Specialist
• Ensure the effectiveness of network/system protections including : Firewalls, IDS, switches, routers, VPNs, anti-virus
• Ensure patch management and lifecycle best practices are being maintained
• Execute information security projects as assigned
• Serve as an information security consultant on all projects and deployments/changes
• Design and document security systems, processes and procedures
• Design new and modify existing security controls which align with established information security policies
• Develop process documentation that align with existing information security policies
• Conduct training format and seminars for all associates defining proper security techniques
• Audit systems for vulnerabilities and provide recommendations on proper mitigations
• Perform network penetration tests and evaluate
• Audit and report for compliance to policies, standards, and controls
• Execute internal investigations as directed
• Ensure PCI and SOX related initiatives are successfully implemented
• Identify, report, and resolve security violations
• Detect behaviors of users/systems and determine if an incident has occurred
• Create and execute breach exercises and run books
• Respond to and recommend remediation of medium to high level incidents. Escalate to senior leadership as appropriate
• Ensure maturity models are mapped and milestones are obtained
• Current knowledge of threats and attack vectors
2016 : 2018
Charming Charlie
IT Security Analyst
• Enhanced core infrastructure performance, security, and capabilities with new routers, switches, VoIP system, storage solution, servers, and more.
• Strengthened team cohesiveness and skills by improving team communication and encouraging employee training plans for team of system administrators, network engineers, and database architects.
• Saved hundreds of thousands of dollars by negotiating dozens of contracts through our contract management system.
• Improved IT Security by designing policy, maintenance plans, and implementation of new hardware/software.
• Communicated IT events to senior management and company through well-articulated and easy to understand reports, presentations, and email.
2014 : 2016
LEO A DALY
Enterprise Technology Manager
• Successfully completed numerous server, network, and software projects as project manager, including the integration of another company’s IT resources with over 250 IT systems in 7 countries.
• Lead and assisted IT Support managers to provide excellent support services through installations, maintenance, testing, analysis, updates, and problem resolution for all hardware and software elements to more than 1600 end user systems in over 16 countries.
• Created valuable processes, procedures and documentation, including Service Level Agreements, to ensure that IT efficiently meets the needs of the company.
• Researched, evaluated and recommended technologies to help advance company technology.
• Identified and fixed vulnerabilities with IT policies and systems, resulting in increased uptime, productivity, and large financial savings.
2012 : 2014
Team Industrial Services
IT Technical Lead & Senior Desktop Support Technician
Katy ISD
Cybersecurity Manager
Oversees the approval and training of security standards and practices.
Develops and enhances a cybersecurity control framework based on established industry standards.
Implements security improvements by assessing current situation, evaluating trends, anticipating requirements, conducting periodic audits, and reporting violations.
Manages roles and responsibilities regarding information ownership, classification, accountability, and protection.
Maintains accountability for information security program governance through the Internet Content Filtering Management Governance Committee.
Creates and oversees the successful execution of the security roadmap including roles and responsibilities ensuring acceptable use policies.
Assesses cybersecurity risk posture to ensure that security procedures are compliant with relevant laws, regulations and industry best practices, and initiates programs to achieve and maintain a successful cybersecurity posture.
Develops and maintains relationships to influence security policy, standards and programs and enhance secure interoperability with extended entities such as third-party vendors.
Creates and manages cybersecurity communications, training and awareness programs.
Develop and maintain the cybersecurity risk assessment process, including the reporting and oversight of treatment efforts to address findings.
Provides strategic risk guidance for IT projects including the evaluation and recommendation of technical controls and solutions.
Works with the appropriate resources to monitor the external threat environment for emerging threats and advises relevant stake holders on the appropriate courses of action.
Leads the development and management of a comprehensive Threat and Vulnerability Management program.
Oversees cybersecurity incident response capabilities and directs enhancements to align with industry standards.
Serves as the Chief Privacy Specialist for the district.
2018 :
Cypress-Fairbanks ISD
IT Security Specialist
• Ensure the effectiveness of network/system protections including : Firewalls, IDS, switches, routers, VPNs, anti-virus
• Ensure patch management and lifecycle best practices are being maintained
• Execute information security projects as assigned
• Serve as an information security consultant on all projects and deployments/changes
• Design and document security systems, processes and procedures
• Design new and modify existing security controls which align with established information security policies
• Develop process documentation that align with existing information security policies
• Conduct training format and seminars for all associates defining proper security techniques
• Audit systems for vulnerabilities and provide recommendations on proper mitigations
• Perform network penetration tests and evaluate
• Audit and report for compliance to policies, standards, and controls
• Execute internal investigations as directed
• Ensure PCI and SOX related initiatives are successfully implemented
• Identify, report, and resolve security violations
• Detect behaviors of users/systems and determine if an incident has occurred
• Create and execute breach exercises and run books
• Respond to and recommend remediation of medium to high level incidents. Escalate to senior leadership as appropriate
• Ensure maturity models are mapped and milestones are obtained
• Current knowledge of threats and attack vectors
2016 : 2018
Charming Charlie
IT Security Analyst
• Enhanced core infrastructure performance, security, and capabilities with new routers, switches, VoIP system, storage solution, servers, and more.
• Strengthened team cohesiveness and skills by improving team communication and encouraging employee training plans for team of system administrators, network engineers, and database architects.
• Saved hundreds of thousands of dollars by negotiating dozens of contracts through our contract management system.
• Improved IT Security by designing policy, maintenance plans, and implementation of new hardware/software.
• Communicated IT events to senior management and company through well-articulated and easy to understand reports, presentations, and email.
2014 : 2016
LEO A DALY
Enterprise Technology Manager
• Successfully completed numerous server, network, and software projects as project manager, including the integration of another company’s IT resources with over 250 IT systems in 7 countries.
• Lead and assisted IT Support managers to provide excellent support services through installations, maintenance, testing, analysis, updates, and problem resolution for all hardware and software elements to more than 1600 end user systems in over 16 countries.
• Created valuable processes, procedures and documentation, including Service Level Agreements, to ensure that IT efficiently meets the needs of the company.
• Researched, evaluated and recommended technologies to help advance company technology.
• Identified and fixed vulnerabilities with IT policies and systems, resulting in increased uptime, productivity, and large financial savings.
2012 : 2014
Team Industrial Services
IT Technical Lead & Senior Desktop Support Technician
Company:
Katy ISD
Years of Experience:
22
Skills
Active Directory, Cisco Technologies, CompTIA A+ Certification, Computer Hardware, Computer Hardware Troubleshooting, Computer Repair, Computer Security, DHCP, Disaster Recovery, Firewalls, Group Policy, Help Desk Support, HP, Information Assurance, Information Security, Information Security Management, Information Technology, ITIL, IT Management, IT Service Management, IT Strategy, LAN-WAN, Leadership, Management, Microsoft Exchange, Microsoft Office, Network Administration, Networking, Network Security, Printers, Project Management, Routers, Security, Security+, Servers, SharePoint, Software Documentation, Switches, System Administration, Technical Support, Troubleshooting, Vendor Management, VMware, Vulnerability Assessment, WAN, Windows, Windows Server
About
Highly motivated, proactive, and hard working cybersecurity professional with over 25 years of IT work experience, more than 10 years specifically in a cybersecurity role and more than 10 years in IT management. Proven history of successful problem solving, decision making, policy direction, and personnel management, as shown by rapid promotions and several awards. Talent for motivating and working effectively with people from all cultures and backgrounds.
Profile Photo
