CCSP Spotlight: Tim Weil Cybersecurity Professional
Featured interview in the ISC2 CCSP Online Blog (March 2017)
How did you decide upon a career in cybersecurity?
Working in the telecommunications industry through the dot-com era, my core networking skills became less valuable when I obtained the CISSP in 2003. In the federal sector, I worked as a contractor for more than 10 years for more than 10 agencies, specializing in governance, risk and compliance (FISMA/FEDRAMP) and later ISO27001. Cybersecurity as a career, for me, evolved after 10 years in software engineering and 10 years in network engineering and program management.
Why did you get your CCSP®?
I wanted to validate the past five years of industry work that I had done with cloud security companies and systems. Also, as a professional in my mid-sixties, I wanted to challenge myself with a new course of study from (ISC)².
What is a typical day like for you?
In support of our production systems for Continuous Alcohol Monitoring (CAM) and Offender Tracking Management SaaS platforms I provide the following services on a daily basis -
- Cross-functional IT project manager to our DevOps teams with special project emphasis on security initiatives.
- Project manager / coordinator for ISO 27001 & HIPAA implementation projects
- Internal auditor (ISO 27001 / ISO 9001)
- Cloud security architect - cloud migration strategies (Azure PaaS services)
- Evaluate and recommend Cloud Security products (CASB, Threat Intelligence, Application Security, Vulnerability Management scanners, 3rd party penetration testing services)
Can you tell us about a personal career highlight?
In 2014 I was honored by IEEE-USA for my “Professional Achievement for Individuals” for providing conference management (IEEE GLOBECOM/GREENTECH). As Chair of the Washington DC IEEE Section (2009) I developed a 50-year history of engineering and science in the nation’s capital. This electronic archive is available through the IEEE History Center Technology Wiki. Finally, Also, I served as the senior security manager for the National Science Foundation U.S. Antarctic Program from 2010-2012.
How has the CCSP certification helped you in your career?
The certification has given validation to my industry experience and leading edge technology solutions. I was also happy to continue my affiliation and membership with (ISC)² in the form of a second certification. In my position as ‘Securing IT’ editor for IEEE IT Professional magazine I have also benefited from the CCSP curriculum in editing and contributing professional journal articles in cloud topics - Cloud Application Security, Cloud Compliance Requirements and Cloud Data Security Cloud Design Requirements
What is the most useful advice you have for other cloud security professionals?
A good sense of humor will serve you well in the new world of cloud computing. It’s important also to have a strong understanding of the virtualization technologies and vendors that enable cloud-based computing/storage/networking/memory management solutions. Words of advice – ‘avoid vendor lock-in’ in your evaluation of Cloud Service Providers.