LinkedInJim Manico
Jim Manico

Jim Manico

Secure Coding Instructor and Author at Manicode Security

Location
Hawaiian Islands
Industry
Information Technology and Services
Current
  1. Independent,
  2. OWASP
Previous
  1. WhiteHat Security,
  2. Independent Contractor,
  3. Aspect Security
Education
  1. Black Hat US 2007 Training
Recommendations16 people have recommended Jim
500+connections

Join LinkedIn & access Jim's full profile

Join LinkedIn & access Jim's full profile. It's free!

As a LinkedIn member, you'll join 300 million other professionals who are sharing connections, ideas, and opportunities.

  • See who you know in common
  • Get introduced
  • Contact Jim directly
500+connections
Independent

Independent

Secure Coding Instructor and Author

– Present

View full profile

Background

Summary

17+ years experience as a software engineer and architect.
8+ years experience as a secure software development educator.
Global Board Member of the Open Web Application Security Project (OWASP).

Experience

Secure Coding Instructor and Author

Independent
– Present (10 months)Anahola, Kauai, Hawaii

Deliver onsite secure software development education courses.

Global Board Member

OWASP
– Present (6 years 10 months)Global

Elected to the global board of OWASP. Started two year term in January 2013. Active OWASP volunteer since 2008.

Project manager of the OWASP Cheatsheet Series, the OWASP Java Encoder Project and the OWASP HTML Sanitizer Project.

VP Security Architecture

WhiteHat Security
(2 years 7 months)Santa Clara, CA

Web application secure development educator and author. Conference speaker. Product Evangelist. Remediation practice support.

Web Application and Security Architect

Independent Contractor
(1 year 6 months)

Providing web application development and application security services to a wide variety of clients.

Application Security Architect

Aspect Security
(2 years 7 months)

Lead Architect/Developer of an ongoing internal application security vulnerability management web application using J2EE/Java 1.5, Struts 1.3, Hibernate 3, JQuery/Javascript, xHTML/CSS, MySQL. Also developed a prototype XFORMS/Spring module for the Open Medical Record System project (openmrs.org) via Sun Microsystems, Partners in Health and TED.

Application security instructor and editor for 1, 3 and 5 day classes including "Building and Testing Secure Web Application", "Secure Coding for Java EE" and "Application Security Management".

Performed assessments of web applications and software products using architectural review, code review and penetration testing techniques. Experience identifying vulnerabilities associated with Web applications as well as system and network software. Produced detailed reports documenting vulnerabilities and specific mitigation recommendations.

Vice President Software Engineering

CodeMagi Inc.
(5 years 10 months)

Cutting-edge website design. Application Security. Programming (Java, PHP, *ml, AJAX). Database (MySQL, Oracle, Posrgres). Software Engineering Management.

Senior Java Consultant

Blue Slate Solutions
(6 months)

* Played a key role on the Citibank project
* Responsible for mastering and integrating the object-relational mapping tool Hibernate
* Led the design and implementation of a web service data formatting component that had strict performance requirements
* Developed a Java training package for Plug Power

Director of Vendor Relations, Software Engineer, Instructor

SANS Institute
(1 year)

Senior software engineer and director for vendor sales team. ($2 million + in annual sales) Provide Business Development support to other Departments. Perform Vendor Floorshow Manager duties at all national conventions. Train and motivate sales staff. Provide in-depth metrics on department performance. Direct report to CEO. Instructor for the LAMP (Linux, Apache, MySQL and PHP) Track.

Chief Technologist

Kula High and Intermediate
(2 years 4 months)

5th-12th Grade Technology Educator, Physics Educator, Network Administrator, and Head of Technology Department for Elementary, Intermediate and High school.

Senior Java Consultant

Self-employed
(5 years 4 months)

Worked as independent consultant for GE, EchoStar, WebMD, Gazoontite, RateExchange, Fireman's Fund Insurance, Fortune 10 financial institutions and others.

Projects

OWASP .NET Security Cheat Sheet(Link)

An OWASP project that intends to provide quick basic .NET security tips for developers.

Team members:

Skills

  • Web Application Security
  • Application Security
  • Web Applications
  • JavaScript
  • Java
  • PHP
  • MySQL
  • JSP
  • OWASP
  • CSS
  • Security
  • Computer Security
  • J2EE
  • Software Development
  • XML
  • Application Development
  • HTML
  • AJAX
  • SQL
  • Python
  • Windows
  • Web Development
  • SOA
  • Cryptography
  • Web Services
  • Vulnerability Assessment
  • Architecture
  • Software Engineering
  • Cloud Computing
  • Risk Management
  • Open Source
  • Enterprise Architecture
  • Hibernate
  • PCI DSS
  • SDLC
  • Struts
  • Agile
  • Agile Methodologies
  • Information Security
  • Vulnerability Management
  • CEH
  • Apache
  • Penetration Testing
  • Java Enterprise Edition
  • Internet Security
  • Network Security
  • Security Architecture...
  • Code Review
  • Spring
  • Information Security...
  • See 35+  See less

Publications

Effective Encryption(Link)

SANS Institute
August 2005

Encryption is a common answer when data is to be secured. However there are choices and tradeoffs to be made when encrypting information. Further, a good algorithm does not guarantee secure data. We look at the use of encryption for various scenarios and discuss how to implement it correctly.

Authors:

OWASP Cheat Sheet Series(Link)

OWASP Foundation
January 2010

The OWASP Prevention Cheat Sheet Series was created to provide a concise collection of high value information on specific web application security topics. These cheat sheets were created by multiple application security experts and provide excellent security guidance in an easy to read format.

Authors:

Iron-Clad Java: Building Secure Web Applications(Link)

Iron-Clad Java: Building Secure Web Applications describes the use of several OWASP, Oracle, Apache, and Google open-source Java projects that are essential tools needed to construct a secure web application with the Java programming language. You’ll learn best practices for authentication and access control, defense for cross-site scripting and cross-site request forgery, cryptographic storage, and injection protection. Using the practical advice, best practices, and real-world examples provided in this authoritative resource, you’ll gain software engineering techniques for increasing security. Tech edited by Java Security Director, Milton Smith.

Authors:

Iron-Clad Java: Building Secure Web Applications (In Production)(Link)

McGraw-Hill and Oracle Press

Iron-Clad Java: Building Secure Web Applications describes the use of several OWASP, Oracle, Apache, and Google open-source Java projects that are essential tools needed to construct a secure web application with the Java programming language. You’ll learn best practices for authentication and access control, defense for cross-site scripting and cross-site request forgery, cryptographic storage, and injection protection. Using the practical advice, best practices, and real-world examples provided in this authoritative resource, you’ll gain software engineering techniques for increasing security.

Tech edited by Java Security Director, Milton Smith

Authors:

Education

Black Hat US 2007 Training

Building and Testing Secure Web Applications

Secure Internet Presence - LAMP (Linux + Apache + MySQL + PHP)

The SANS Institute

UC Berkeley Extension

Enterprise JavaBeans (EJB)

Siena College

Bachelor of Science (B.S.), Computer Science

Activities and Societies: Fencing, Choir

The Learning Tree

Object Oriented Analysis and Design

Organizations

OWASP, SecAppDev, ISSA

Honors & Awards

2011 GIAC GWEB Certified Web Application Defender
Q4 2008 Aspect Security - Call to Arms Award
Q2 2008 Aspect Security - Extreme Developer Award
2006 GIAC GSEC Certified Security Professional
2002 Sun Certified Programmer for the Java Platform
2004 CodeMagi 4 quarterly awards for excellence
1998 GE - Recognition/Achievement award
1997 GE - Customer Service Award
1997 GE - Achievement award for server development

View Jim's full profile to...

  • See who you know in common
  • Get introduced
  • Contact Jim directly

Not the Jim Manico you're looking for? View more

Insights


People Also Viewed

LinkedIn member directory:

  1. a
  2. b
  3. c
  4. d
  5. e
  6. f
  7. g
  8. h
  9. i
  10. j
  11. k
  12. l
  13. m
  14. n
  15. o
  16. p
  17. q
  18. r
  19. s
  20. t
  21. u
  22. v
  23. w
  24. x
  25. y
  26. z
  27. more