Profiles search

Jim Schifalacqua

Cybersecurity Evangelist | Information Security Professional | CISO at Peraton
Bristow, VA, United States

Details

Education: Master of Science

Computer Science

University of Delaware



Bachelor of Science

Computer Science, Minor in Physics

East Stroudsburg University of Pennsylvania
Experience: Senior executive leading the GRC, Security Operations, and Threat & Response functions in a 22,000 person Federal/DoD contractor operating at company and client sites across the US. Recent accomplishments include :

Built out and transitioned to a Virtual SOC providing advanced cyber threat and response using a MSSP

Achieved DFARS/NIST 800-171 compliance and ISO 27001 : 2013 accreditation

Recipient of 2020 CSO50 award for utilization of secure cloud services and virtual SOC across the enterprise.

2018 : Present

Peraton

Vice President, Chief Information Security Officer (CISO)

Independent consultant providing expert “CISO as a Service”, enterprise assessments, and cyber security advisory services to multiple clients.

Have ensured DFARS cyber security compliance to NIST 800-171 requirements at several mid-sized defense contractors, and HIPAA and GDPR compliance at a large healthcare services company providing services to Federal employees and European organizations.

2017 : 2018

Quotient3

Chief Information Security Consultant

Established the comprehensive Information Security Program from the ground up and managed the company’s information security compliance and risk.

Greatly reduced the Information Security risk on the corporate risk register by reducing vulnerabilities, increasing pro-active protective measures, and reducing possible negative consequences by compartmentalizing systems and reducing risk exposure and liability.

Designed and led several enterprise security initiatives, including data classification, internal PKI and encryption, a global SOC, IdAM, Privileged User Management, and the migration of sensitive data to a hybrid Azure/O365 environment.

2012 : 2017

Serco

Vice President, Chief Information Security Officer (CISO)

Established Serco America and it’s predecessor company SI International as a trusted provider of security solutions, services, and expertise to the US Government, having created both new cyber security business and growth of existing client programs across $1B of combined businesses.

Achieved rapid startup compliance and continued operational authorization on major revenue-producing systems including USPTO Patent Classification Services, the HHS/CMS Affordable Healthcare Act paper application processing centers, Federal Retirement Thrift Savings Plan, and the VDOT Advanced Traffic Management System.

Provided Security Engineering and IA solutions and support to US Air Force Space Command, NORTHCOM, AFRL, ARL, and SPAWAR.

Was the first Security Advisor to the US Defense Information Systems Agency (DISA) IPv6 Transition Office, defining the strategy and methods for using IPv6 securely within the DoD.

2000 : 2012

Serco

Director of Cyber Center of Excellence / Cyber Security Operations

(GE Aerospace/Martin Marietta/Lockheed Martin)

Chief Security Architect and INFOSEC Engineering Manager on several large development programs which designed and deployed secure satellite command and control and data messaging systems for the National Reconnaissance Office.

Created the first Lockheed Martin INFOSEC Professional Training and Certification Program.

1990 : 2000

Lockheed Martin

Manager of Information Security Engineering
Company: Peraton
Years of Experience: 43

Skills

Application Security, CISSP, cloud computing, Cloud Security, Computer Security, consulting, disaster recovery, DoD, Enterprise Architecture, enterprise risk management, General Data Protection Regulation (GDPR), Government, Information Assurance, Information Security, Information Security Management, information technology, Integrated Systems, Integration, ISO 27001, IT Strategy, Leadership, Management, Network Architecture, Networking, Network Security, Network Securtiy, PCI DSS, Penetration Testing, Program Management, project management, Requirements Analysis, risk assessment, Risk Management, Security, Security Architecture Design, Security Audits, Security Clearance, Security Engineering, Security Management, Security Policy, Security Training, Software Development, Software Engineering, strategic planning, Strategy, Systems Engineering, u.s. department of defense, vendor management, Vulnerability Assessment, Vulnerability Management

About

Information Security Leader and Expert in Cyber Security with 30 years of hands-on experience in a broad range of cyber security, risk management, security technologies, and enterprise solutions at NSA, Lockheed Martin, GE, Serco, and Peraton.



Proven history of reducing cyber risk, enhancing security capabilities, and increasing value to the business by applying the necessary and appropriate solutions, technologies, and processes using extensive personal knowledge and collaboration with business stakeholders.



Emphasizes the right planning, organizational, team building, and communication techniques to run a collaborative and broadly-supported cyber security program that enhances the business, not encumbers it.



Works competently, closely, and cordially with corporate boards, IT, government and regulatory bodies, business managers, clients, cross-discipline teams, and users in diverse and global environments.



Core competencies include:

• Cyber Strategy and Vision

• Global Information Security Programs

• Security Architecture & Design

• Regulatory Compliance & Governance

• Team Development, Training & Leadership

• Computer Systems, Networks, and Applications

• Security Technologies & Services

• Risk & Vulnerability Assessments / Security Audits

• Policies, Procedures, Standards & Best Practices