1.
'
321.501.1380
*
thomas@thomasdelaine.com
www.thomasdelaine.com
www.linkedin.com/in/thomasdelaine
Currently
reside
in
Melbourne,
FL.
S T R A T E G I C A L L Y
F O C U S E D
I N F O R M A T I O N
A S S U R A N C E
&
D A T A
S E C U R I T Y
D I R E C T O R
benchmarking
the
necessary
technology
governance
and
processes
to
avert
information
security
risk
and
profit
loss
e x e c u t i v e
s u m m a r y
Critical-‐thinking
technology
strategist
and
Certified
Information
Systems
Security
Professional
(CISSP)
with
Top
Security
Clearance
and
master-‐level
expertise
in
information
assurance
(IA)
and
information
security
(IS).
Consistently
called
upon
to
solve
the
most
complex
technology
issues
surrounding
operational
effectiveness,
cost
and
risk.
Trusted,
respected
advisor
to
leadership
teams,
integral
in
establishing
and
maintaining
enterprise
vision,
strategy,
programs
and
solutions
to
prevent
internal
and
external
security
breaches
and
compliance
issues.
Well
versed
in
diverse
regulatory
touch
points
for
defense,
government
and
commercial
organizations.
Person
of
action
and
integrity,
adept
at
maximizing
resources
on
complex,
mission-‐critical
projects
and
rallying
success-‐focused
teams
around
a
unified
vision.
c r i t i c a l
s k i l l
s e t
• Strategic
Business
Planning
• 7-‐Figure
Budget
Management
• Test
Development/Management
• Operations
Leadership
• Team
Leadership
• Training
Development
• Governance/Policy
Making
• Disaster
Recovery
Planning
• IS
Risk
&
Gap
Analysis
• Business
Continuity
Planning
• Auditing/Compliance
• Logistics
Planning
• Project/Program
Management
• Incident
Management
• Executive
Client
Engagement
p r o f e s s i o n a l
e m p l o y m e n t
h i s t o r y
DIRECTOR,
INFORMATION
SECURITY
2013
–
Present
NOTES
Comprehensive
Health
Services,
Inc.
Sought
out
to
leverage
domain
expertise
in
Federal
information
security
practices
and
Payment
Card
Industry
Data
Security
Standards
(PCI-‐DSS),
along
with
Department
of
Defense
ability,
accommodate,
accou ntability,
accountable,
accred itation ,
(DoD)
and
military
experience,
to
launch
first-‐ever
information
security
system
and
IT
risk
adap t,
ad visor,
align,
aligned ,
analytical,
analyze,
as sess ment,
ass et,
ass ets ,
assu ran ce ,
au dit,
awarenes s,
bachelor's
d egree,
bu sine ss,
capability,
certification,
c ertified,
c hallenging,
CISSP,
c larifying,
collaborate,
c ollaborative,
c ommunicate ,
commun icating,
commu nication,
comp liance,
comp uter
scie nce ,
comp uting,
management
program.
Ensure
seamless
delivery
of
large
occupational
health
and
wellness
concept,
c onceptu al,
c on fid entiality,
c onfigure,
c on figured ,
cons ensu s,
consu ltant,
continuity,
control,
c oordinate,
coord inating,
coordin ation,
c reate,
cultu re,
database ,
datum,
day-‐
to-‐day,
de adline,
d efin e,
defining,
d emons trate,
de monstrated,
solutions
for
government
agencies
by
introducing
compliance
standards
into
subcontractor
de partmen t
of
defens e,
detection,
d eve lop,
d eveloping,
director,
DOD,
drive
line,
effective ly,
effe ctivenes s,
employee,
enable,
en abling,
en cryption ,
engage,
en hancement,
ens ure,
ente rprise,
en vironment,
evaluation,
e volve ,
experience,
expertise,
f amiliarity,
proposal
review
process
and
benchmarks
for
training
requirements.
function al,
governan ce,
guid eline,
HIP PA,
iden tify,
imp lemen t,
implementation,
in dus try,
information,
information
system,
information
t ech nology,
information
assu rance ,
in fras tru cture,
initiative ,
in novative,
integrate,
integrated,
interact,
in terpersonal,
ISO
270 01,
lead ,
le adersh ip,
level,
leveragin g,
lin e
of
bus iness ,
manage,
m anagement,
m aster's
degree,
m etric,
m etrics ,
m itigation,
monitor,
m on itoring,
m orale,
m otivate,
m otivated,
N IST ,
on-‐goin g,
• With
direct
reporting
line
to
CFO,
currently
plotting
course
to
prioritize
initial
$500K
op eration,
o peration s,
organiz e,
outreach,
o vers ee,
oversight,
PCI-‐
DSS,
personn el,
PII,
plan ,
policy,
practice,
prese ntation,
p rivacy,
prioritize ,
proactive,
p roblem
solvin g,
p rocess,
p roficiency,
program,
proven,
provid e,
regulatory,
relate,
related,
report,
budget,
rationalize
IT
expenses
and
negotiate
purchasing
agreements
with
vendors.
reportin g,
requ ire,
req uirement,
resource,
responsible,
respons ible
for,
risk,
role,
savvy,
s corecard,
s ecu rity,
se curity
department,
security
meas ure,
security
meas ures,
s ecu rity
system,
sen ior,
service,
services ,
skill,
s olution,
solve,
solvin g,
SOX,
sp oken
commu nication,
stand ard,
statues ,
s teering
committee,
strategic,
stron g,
system,
t actical,
TCP ,
TCP/ IP,
t eam,
te chnical,
t echnology,
• Outlining
roadmaps
for
comprehensive
risk
assessment
of
information
security
gaps
and
time ly,
t ranslate,
t rainin g,
u nderstand,
u nd erstandable,
un derstan ding,
u pdate,
v end or,
v uln erability,
w ork
load
strengths,
identifying
areas
of
opportunity
to
optimize
business
processes
and
development
of
implementation
strategy.
• Formulating
plan
to
engage
with
department
heads
across
corporate
compliance,
audit,
legal
and
HR
management
to
align
reporting
with
SOX,
HIPAA,
PCI-‐DSS,
DoD,
VA,
State
Department
and
Department
of
Homeland
Security
(DHS)
information
security
requirements.
IT
SECURITY
GOVERNANCE
ANALYST
2011
–
2012
JetBlue
Airways
Engaged
to
entrench
PCI-‐DSS
culture
across
the
enterprise
and
overcome
4-‐year
history
of
noncompliance.
Immediately
strengthened
PCI
environment
with
new
governance,
controls,
documentation
management
system
and
information
security
training
program—crucial
to
preventing
additional
tens
of
thousands
in
bank
fines
and
shielding
sensitive
customer
information
assets
across
all
enterprise
networks.
Thomas
P.
DeLaine,
Jr.
|
Page
1
of
3
2. IT
SECURITY
GOVERNANCE
ANALYST,
JetBlue
Airways
(continued)
NOTES
• Set
foundation
for
companywide
PCI-‐DSS
compliance
by
creating
and
formalizing
document
management
system
for
10
separate
information
security
domains
and
outlining
policies,
standards
and
procedures
to
simplify
process
management
reporting.
• Authored
Corporate
Information
Security
Policy,
9
supporting
information
security
policies
and
30
information
security
standards
in
adherence
with
stringent
PCI-‐DSS
requirements.
• Positioned
company
to
meet
statutory
privacy
laws
and
information
security
and
PCI-‐DSS
regulatory
requirements
by
restructuring
and
standardizing
upgraded
information
security
training
program.
SENIOR
CONSULTANT
2000
–
2011
A&N
Associates,
Inc.
Recruited
to
assist
this
$3M
public-‐sector
technical
consulting
firm
to
penetrate
DoD
and
Federal
markets
based
on
TS
Clearance
and
previous
DoD
and
22-‐year
Communications
Security
(COMSEC)
experience.
Applied
skill
in
cryptologic
key
management,
policy/standard
development,
training
development
and
documentation
management
across
varied
assignments
during
tenure.
Forged
long-‐term
industry
relationships
with
vendors
to
include
Raytheon
and
General
Dynamics.
Select
projects
and
enterprise
impact:
• Assumed
role
as
key
liaison
to
U.S.
Defense
Department
program
management
offices
(PMOs)
in
various
capacities—from
IT
transition,
ITIL-‐based
system
engineering
and
acquisition
management
to
risk/gap/economic
analysis,
testing
strategy
and
database
implementations.
• Overcame
critical
gaps
in
DoD
COMSEC
accounting
system,
realized
$224K
cost
savings
in
test
development
and
cut
redesign
time
75%
by
overhauling
data
collection
process
and
creating
new
test
report
template
for
key
management
system.
• Met
9-‐month
deadline
for
Analysis
of
Alternatives
(AoA)
development
project
for
DoD
Public
Key
Infrastructure
(PKI)
program
by
combating
issues
of
DoD
identity
management
infrastructure
impacting
entire
DoD.
• Proved
instrumental
in
shaping
policy
and
technical
development
strategy
in
pivotal
areas
including
digital
signatures,
network
policy
and
software
certificate
usage
as
advisor
to
U.S.
Army
Chief
Information
Officer/G6
Cyber
Directorate
(headquarters).
• Ensured
DoD-‐wide
compliance
with
strict
HIPAA
requirements
as
human
identity
verification
source.
COMMUNICATIONS
SECURITY
OFFICER
1998
–
2000
U.S.
Navy
Washington,
DC
Counseled
Chief
of
Naval
Operations
on
information
assurance
strategy
while
overseeing
20-‐
strong
team,
$600K
budget
as
well
as
technical
operations
and
related
projects.
Select
projects
and
enterprise
impact:
• Solved
prevailing
data
translation
issues
and
coordinated
efforts
of
National
Security
Agency
and
service
teams,
ensuring
zero
disruption
to
mission-‐critical
operations
across
900+
sites
during
DoD-‐wide
migration
of
legacy
system
to
COMSEC
accounting
system.
Launched
first-‐ever
U.S.
Navy
user
certification
program.
• Called
in
at
the
eleventh
hour
to
conduct
mandatory
security
assessment
and
generate
inspection
report
for
U.S.
Naval
Postgraduate
School.
Met
aggressive
3-‐week
target
with
18
days
to
spare
and
advised
on
shaping
systems
integration
plan
to
incorporate
information
security
as
a
key
priority.
Thomas
P.
DeLaine,
Jr.
|
Page
2
of
3
3. a d d i t i o n a l
c a r e e r
h i s t o r y
SIGNALS
WARFARE
OFFICER
USS
LAKE
ERIE
(CG
70)
Optimized
$400K
budget
and
performance
of
16
staff
while
carrying
out
highly
classified
cryptologic
key
management,
electronic
warfare
and
signal
intelligence
projects
for
DoD.
Advised
key
leadership
on
USS
LAKE
ERIE
and
battle
group
accountable
for
Persian
Gulf
theater
of
war
operations.
LOGISTICS
SUPPORT
DIVISION
OFFICER
Naval
Security
Group
Activity,
Pearl
Harbor,
HI
Prompted
$3.5M
annual
cost
savings
for
Fleet
Electronic
Support
Department
by
consolidating
calibration
lab
facilities
and
refurbishing
equipment.
Saved
$25K+
per
year
in
testing
by
collaborating
with
Naval
Magazine
Lualualei
to
initiate
test
equipment
calibration.
Trimmed
excess
equipment
holdings
32%
by
recycling
$900K+
in
obsolete
electronic
equipment
and
supplies
to
support
foreign
military
efforts,
key
to
winning
“Best
Large
Maintenance
Activity”
recognition.
“[T.J.’s]
distinctive
accomplishments,
unrelenting
perseverance
and
steadfast
devotion
to
duty
reflected
credit
upon
himself
and
were
in
keeping
with
the
highest
traditions
of
the
United
States
Naval
Service.”—Commander
in
Chief,
U.S.
Pacific
Fleet
ENLISTED
EDUCATIONAL
ADVANCEMENT
PROGRAM
(EEAP)
DIVISION
OFFICER
Naval
Station,
Pearl
Harbor,
HI
Juggled
full-‐time
work
and
academic
priorities
while
raising
training
commitment
of
37-‐member
EEAP
team
enrolled
in
5
state
bachelor
programs.
Established
division-‐wide
scholastic
precedent
and
compelled
56%
of
crew
to
earn
3.8
GPA
or
higher
by
earning
both
BA
and
MBA
in
2
years,
maintaining
personal
GPA
requirements
and
graduating
Magna
Cum
Laude
with
Leadership
Distinction.
Influenced
policy
decisions
as
Student
Body
President
and
Strategic
Planning
Committee
member.
c r e d e n t i a l s
a n d
t e c h n o l o g y
s k i l l s
• MBA,
Human
Resources
Management,
Magna
Cum
Laude
with
Leadership
Distinction,
Chaminade
University
of
Honolulu,
School
of
Business,
Honolulu,
HI
• BA
in
Business
Administration,
Chaminade
University
of
Honolulu,
School
of
Business,
Honolulu,
HI
2
• Certified
Information
Systems
Security
Professional
(CISSP)
-‐
ISC (#120222)
• Provisional
Auditor,
Information
Security
Management
Systems
Scheme
(ISO
27001)
-‐
RABQSA
International
(#110754)
—Technical
Snapshot—
• MS
Active
Directory,
X.500,
X.509,
Online
Certificate
Status
Protocol
(OCSP),
Certificate
Revocation
List
(CRL),
PKCS
#7,
PKCS
#12,
and
Lightweight
Directory
Access
Protocol
(LDAP).
• Information
Technology
Infrastructure
Library
(ITIL)
framework
in
systems
engineering
and
acquisition
management
support.
• U.S.
Defense
Department
PMO
Environments:
user
requirement;
concept
of
operations;
analysis
of
operational
effectiveness,
cost,
risks
of
proposed
material/non-‐material
solutions
to
gaps
and
shortfalls;
economic
analysis,
capability
development
and
test/evaluation
documentation.
• PCI-‐required
Controls:
access
management,
network
security,
system
security,
risk
assessment,
data
security
and
management,
incident
response,
network
monitoring,
testing
and
information
security.
c o n t a c t
'
321.501.1380
*
thomas@thomasdelaine.com
www.thomasdelaine.com
www.linkedin.com/in/thomasdelaine
Currently
reside
in
Melbourne,
FL.
Thomas
P.
DeLaine,
Jr.
|
Page
3
of
3