Security and Compliance, MaaS360
David is a seasoned security professional with nearly 20 years of experience in risk management, information security, compliance, and policy development. Throughout his career David has performed risk and vulnerability assessments along with making recommendations on network and system design improvements. David’s career has spanned from traditional hardware based security architectures to cloud technologies and virtual environments.
Currently in charge of security and compliance for MaaS360 by IBM, David has managed projects to get Fiberlink SAS70-Type2 and more recently SOC2 Type II. David also recently led Fiberlink through audits to receive Federal Information Security Management Act (FISMA) authorization from GSA for Fiberlink’s MaaS360 Cloud Service offering. David also lead MaaS360 through the FedRAMP JAB ATO process, becoming the first mobile SaaS companies to be certified under FedRAMP. Fiberlink’s customers range from the SME space to Fortune 500 and Federal customers. David has helped ensure that MaaS360 meets the different requirements from these different types of customers including PCI, HIPAA, SoX, and NIST.
David helped design MaaS360’s cloud architecture model, and is an active member of the Cloud Security Alliance including being a co-chair for their Mobile Working Group and contributor to the development of the CSA Cloud Control Matrix as well as being active in several other working groups. David is also the president of the local chapter of the Cloud Security Alliance in the Delaware Valley. Along with work with the Cloud Security Alliance David is a member of the NIST Cloud working groups including their Mobile working group and CyberSecurity working group.
Prior to Fiberlink David worked as a security consultant performing security assessments and project management for multiple fortune 500 companies including Merck, CIGNA, Campbell Soup, Sanofi-Aventis and Wyeth (later purchased by Pfizer). This included overseeing projects that were involved with mergers as was the case with Rhone Poulenc and Sanofi-Aventis and separations as with CIGNA and ACE. David frequently gives presentations on Cloud and Mobile technologies and has presented for ISACA, ISSA, Cloud Security Alliance, InfraGard and GTRA among others. David received the 2012 Ron Knode Service Award for volunteer services at the Cloud Security Alliance and was awarded the “Most Dynamic Speaker” award at the 2012 annual GTRA Security in Government event. David has also been quoted as a subject matter expert in a number of different publications. David is a graduate from Fairleigh Dickenson University with a Bachelor of Science in Electrical Engineering.
Contributions: Co-chair of the Mobile Working Group; co-founder of IoT Working Group; contributor to CCM and Subject Matter Expert Working Groups. President of the CSA Delaware Valley Chapter. Contributor to multiple online publications and served as a speaker on behalf of CSA at third-party events, including InfraGard and ISACA.