Jason Yuen

Information Security Specialist

Washington D.C. Metro Area

Current
Past
Education
  • George Mason University
  • University of Pennsylvania
Connections
83 connections
Industry
Information Technology and Services
Websites

Jason Yuen’s Summary

Offering advanced skills and high-quality performance in the areas of security consulting expertise specializing in the Certification and Accreditation of Federal systems.

Highly-motivated individual with a robust background in security engineering and governance demonstrating knowledge of FISMA, FIPS, OMB, HIPAA, and NIST Guidance. Hands-on experience integrating security principles and industry best practices into all phases of the System Development Life Cycle (SDLC). Served as the Lead Security Analyst and Subject Matter Expert (SME) in security standards, policies, procedures, and methodologies for numerous healthcare projects. Possesses strong communication skills and the ability to work well both within a team and independently. Proven ability to lead a team to complete time-critical tasks delivering quality results successfully.

Jason Yuen’s Specialties:

CompTIA Security+, December 2006

Areas of Expertise:
- Certification & Accreditation
- Risk Management
- Vulnerability Scanning
- Penetration Testing
- Information Security Program Policy Planning / Implementation
- Incident Response
- Security Awareness and Training
- E-Authentication
- Contingency Planning

Jason Yuen’s Experience

  • Information Security Specialist

    Cascades Technologies, Inc.

    (Information Technology and Services industry)

    August 2008Present (1 year 8 months)

    Responsible for the development, implementation and application of Information Resources Management security policies in support of federal security requirements and industry best practices. Functions as the technical expert on security operations.

    - Integrates security practices in the System Development Life Cycle

    - Plans, develops, implements and monitors applications, data and site security

    - Provides oversight and enforcement of security directives, standards, plans and procedures

    - Oversees Security Test and Evaluation activities ensuring certification and accreditation

    - Assess technical security requirements using assessment techniques, tools and methodologies

    - Participates in client interviews as part of the risk assessment, system categorization and security test and evaluation processes

    - Assists with architectural planning and design, ensuring current standards and practices are met with regards to implementation and documentation

  • Consultant

    CGI Federal

    (Public Company; GIB; Information Technology and Services industry)

    July 2006August 2008 (2 years 2 months)

    - Served as the Lead Security Analyst and Subject Matter Expert (SME) in security standards, policies, procedures, and methodologies for numerous healthcare projects

    - Integrated security principles and industry best practices into the System Development Life Cycle (SDLC) including planning, requirements definition, design, development, testing, implementation, and maintenance phases

    - Performed C&A of healthcare systems in accordance with NIST SP 800 Series, and client standards and methodology

    - Developed/updated System Security Plans (SSP), Risk Assessments (RA), and Contingency Plans (CP) in accordance with NIST SP 800 Series

    - Developed internal security testing methodology and approach for conducting vulnerability scanning and penetration testing of web applications

    - Led security testing team in conducting vulnerability scanning and penetration testing on healthcare systems in preparation for the formal Security Test & Evaluation (ST&E)

  • Engineering Assistant

    NAVAIR

    (Government Agency; Defense & Space industry)

    June 2005July 2005 (2 months)

    Summer Internship 2003, 2004, and 2005

    - Assisted with developing experiments as a member of a professional team

    - Consulted with a group of engineers for design alternatives

    - Presented experimental solution to engineers, professors, and ranked officials

    - Provided IT support for the setup and updating of secure PCs (both software and hardware)

    - Handled classified information

Jason Yuen’s Education

  • George Mason University

    M.S. , Information Security & Assurance , 20072010 (expected)

  • University of Pennsylvania

    B.S.E. , Bioengineering, (Minor: Mathematics) , 20022006

Additional Information

Jason Yuen’s Websites:

Jason Yuen’s Groups:

  •    Black Hat
  •    IT SECURITY EXPERT
  •    SecurityMetrics
  •    University of Pennsylvania Alumni
  •    Information Security Network
  •    The Web Application Security Consortium
  •    Information Systems Security Managers

Jason Yuen’s Contact Settings

Interested In:

  • career opportunities
  • consulting offers
  • new ventures
  • job inquiries
  • expertise requests
  • business deals
  • reference requests
  • getting back in touch

View Full Profile

Public profile powered by: LinkedIn

Create a public profile: Sign In or Join Now

View Jason Yuen’s full profile:

  • See who you and Jason Yuen know in common
  • Get introduced to Jason Yuen
  • Contact Jason Yuen directly

View Full Profile