Ricardo Fitipaldi

Chief Information Security Officer at San Diego State University

San Diego, CA, United States

Details

Education: Master’s Degree

Master of Science in Information Systems (MSIS)

San Diego State University-California State University

2015 : 2018

Bachelor’s Degree

Computer Science

University of California, San Diego

2000 : 2004

Bachelor’s Degree

Comparative World Religion

Word of Life Bible Institute

1987 : 1991

Experience: As CISO, I have broad responsibility across several IT domains, including security policies and standards, IT risk management, securing University research, training and awareness, and compliance efforts.

2018 : Present

San Diego State University

Chief Information Security Officer

Currently teaching Cloud Computing Architecture using Amazon Web Services (AWS)

2017 :

UC San Diego Extension

Instructor at UC San Diego Extension

The Infrastructure Liaison Officer (ILO) program was created to provide public and private sector partners responsible for security and emergency management with an awareness of threats to critical infrastructure such as terrorism, espionage, cyber attacks, and natural disasters. The ILO serves as the primary contact with the San Diego Law Enforcement Coordination Center (SD-LECC) and Terrorism Liaison Officers (TLOs), including local law enforcement, fire, and other public safety officials, to help protect their company, regional critical infrastructure, and community.

2016 :

InfraGard San Diego

Infrastructure Liaison Officer

• Made strategic changes to the campus DNS in collaboration with Telecommunications and Network Services (TNS) staff to expedite troubleshooting of network issues and standardize naming conventions for network devices, resulting in improved client service.

• Provided guidance and technical resources to ITSO staff to deploy and implement new Data Loss Protection (DLP) software.

• Contributed to the CSU Datacenter Networking Security Architecture (DNSA) document as a member of the CSU Datacenter Networking and Security Architecture Group.

• Prepared and delivered presentations to improve awareness of key security topics among campus IT professionals. Presentations included “Intro to SSL”, “Using the CIS Benchmark Tool,” and “Metasploit Penetration Testing.”

• Improved the Security Information and Event Management (SIEM) infrastructure using Splunk.

• Consolidated all firewall and DNS logs into Splunk, significantly speeding up forensic analysis of network traffic, allowing for real time monitoring and alerting, and providing greater insight into campus network traffic.

• Monitor the security of critical campus networks, such as HR, Physical Plant, Business and Finance, and Payroll.

• Conduct network vulnerability assessments using tools to evaluate attack vectors and identify system vulnerabilities. Develop remediation plans and security procedures to ensure the adequacy of existing information security controls.

• Perform risk assessments of websites and web applications to determine SSL/TLS readiness, make technical recommendations to the ISO.

• Prepare monthly vulnerability scan to identify devices with unpatched vulnerabilities, prioritize mitigation, and reduce the attack surface of SDSU systems.

• Provide technical support and network design to firewall, intrusion detection systems, VPN solutions.

• Design and implement the campus DNS and Palo Alto VPN with PrivacyIDEA MFA (Multi-Factor Authentication) and network security systems.

2012 : 2018

San Diego State University

Information Security Analyst

• Appointed to lead a special project to design and architect an Azure Cloud infrastructure to expand SDSU’s IT capabilities in computation, application hosting, and storage and increase the campus’ profile as a leading research university.

• Responsible for the security design of the Azure Cloud. Leveraged Azure’s Infrastructure as a Service (IaaS) , Platform as a Service (PaaS) offerings to meet needs of faculty, researchers, management, and staff without sacrificing the campus security posture and policies.

• Prepared and presented, along with project co-lead, a comprehensive analysis of the Azure Cloud to Enterprise Technology Services (ETS) senior management. Discussed design goals, network architecture, security considerations, and recommendations for governance.

• Led research and prototyping of a Red Forest, a dedicated administrative management domain, to mitigate risk to SDSU’s new Azure Active Directory environment and secure high-value user credentials, such as AD domain administrators.

• Consulted with PIs and researchers on the cost efficiency, convenience and security of Azure cloud services : access to new application deployment models, enhanced security and disaster recovery, high availability, and geo redundancy.

• Conducted analysis of usage patterns of Azure services and resources using Power BI to minimize complexities within the cost recovery process, improving ETS’ ability to serve campus clients.

• Manage all aspects of the project and project staff.

2015 : 2018

San Diego State University

Azure Cloud Project, Lead

Company: San Diego State University

Years of Experience: 26

Spoken Language: English, Portuguese, Spanish

Skills

active directory, Amazon Web Services (AWS), bash, bro, C++, Cloud Computing, cloud security, collaborative problem solving, Computer Forensics, Cross-functional Team Leadership, Cybersecurity, data analysis, Email Management, F5 BigIP, information security, java, leadership, management, microsoft azure, microsoft excel, microsoft word, Network Load Balancing, Network Security, NIST 800-171, operating systems, Oracle Database, palo alto networks, perl, Perl Automation, powerpoint, Presentation Skills, Presenter, public speaking, red hat linux, research, Security Policy, siem, Student Development, Student Engagement, Threat & Vulnerability Management, Threat Analysis, U.S. Health Insurance Portability and Accountability Act (HIPAA), University Teaching, Unix Administration, c

About

As a cybersecurity professional with 15 years of experience, I possess strong analytical skills and a critical thinking mindset to provide effective solutions that safeguard my employers against cyber threats. My areas of expertise encompass network security, incident response, vulnerability management, and compliance.

Throughout my career, I have earned a reputation for developing and executing comprehensive security programs that align with the organization's objectives. I am also a compassionate leader who effectively communicates and builds strong partnerships, as well as manages cross-functional teams.

I am currently serving as the Chief Information Security Officer for San Diego State University. In this role, I am responsible for overseeing the cybersecurity department and ensuring that IT security services are deployed to support the university's mission in learning, research, and outreach.