Justin Weddington

Justin Weddington

Director of Security at Prevalent Networks LLC

Location
Philadelphia, Pennsylvania (Greater Philadelphia Area)
Industry
Information Technology and Services

As a LinkedIn member, you'll join 300 million other professionals who are sharing connections, ideas, and opportunities.

  • See who you and Justin Weddington know in common
  • Get introduced to Justin Weddington
  • Contact Justin Weddington directly

View Justin's full profile

Justin Weddington's Overview

Current
Past
Education
Connections

500+ connections

Websites

Justin Weddington's Summary

Justin Weddington has over 13 years of experience managing business technology risk for both large and small organizations. Formerly he worked as the Manager of Enterprise Security at a shared services company supporting a global insurance group, in the Information Protection Unit of a Fortune 200 energy company and at a regional transmission organization. He is currently employed as the Director of Security at one of the east coasts leading IT Security and GRC consulting firms. In the variety of roles he has served in across heavily regulated industries, Justin has successfully developed and maintained IT Security: policies and procedures, oversight and controls, strategy, architecture, development and training.

Justin's vision is to facilitate organizations to success by leading and influencing others in improving and maintaining technology risk programs.

Specialties

Security Knowledge: Regulatory compliance, Penetration testing, Policy and standards development, Security design, Forensics, Enterprise security management tools, Investigations, Web filtering, Security awareness and training


Competencies: Strong trouble shooting and interpersonal skills, Vendor management, Budget management, Strategy planning, Security convergence, Customer advocate, Motivated, Strategic, Tactical, Consultative, Virtual Teaming, Visionary

Justin Weddington's Experience

Director of Security

Prevalent Inc.

Privately Held; 11-50 employees; Computer Software industry

October 2012Present (2 years 1 month) Greater Philadelphia Area

Responsible for team of consultants that assist clients with their critical IT Security and GRC needs
Manage the team responsible for the security and infrastructure of managed compliance solutions
Develop, maintain and support Energy/Utility industry vertical solutions
Responsible for establishing, enhancing, and leading the IT Security, Compliance, and Risk Management capability for the organization

Corporate Information Security Consultant

Northeast Utilities

Public Company; 5001-10,000 employees; NU; Utilities industry

May 2012October 2012 (6 months) Hartford, Connecticut Area

Build Security Operations Center with new process, reallocated staff and existing technology
Implement log management infrastructure and compliance manager to support SIEM project
Uphold Electronic Security Perimeters (CIP 005) and Systems Security (CIP 007) controls
Support security operations alignment activities post-merger

Manager Enterprise Security

Philadelphia Insurance Companies

Privately Held; 1001-5000 employees; Insurance industry

October 2010May 2012 (1 year 8 months) Greater Philadelphia Area

Managed team of security and business continuity professionals
Responsible for IT Security Operations, Risk Management and BC service areas
Developed and implemented an Enterprise Security strategy and program
Designed an Enterprise Security shared services framework
Developed areas of expertise in forensics, incident response, compliance, and consulting
Led security services transitions efforts for subsidiary companies
Aligned security program with ISO 27002
Accountable for compliance and audit deliverables
Implemented and managed enterprise security services budget
Fostered a positive environment and growth within the Enterprise Security team

Senior Security Analyst

PJM Interconnection

Nonprofit; 501-1000 employees; Utilities industry

August 2006August 2010 (4 years 1 month) Greater Philadelphia Area

Designed, automated and audited processes and procedures for NERC/CIP compliance
Built the NERC/CIP compliance competency and fostered a culture of compliance
Developed security working group to improve security process’s that involve IT infrastructure
Provided direct supervision of contractor staff ensuring results were delivered
Completed pen test remediation activities resulting in an above average security rating
Responsible for SAS/70 controls compliance with a track record of zero exceptions
Created and maintained security standards and hardened servers to meet these standards
Responsible for the Symantec ESM compliance and reporting architecture
Monitored and responded to Arc Sight events
Investigated and approved the creation of local and domain accounts

Information Security Analyst

Legg Mason

Public Company; 1001-5000 employees; LM; Financial Services industry

February 2006August 2006 (7 months) Baltimore, Maryland Area

Developed security solutions for affiliate companies
Led review of security assessment findings to gauge overall risks and corrective measures
Lead daily information security monitoring activities
Built a working relationship with various IT infrastructure groups
Assisted in security activities related to the Legg-Citigroup transition
Worked in a virtual team with peers in international locations

Information Security Analyst

Constellation Energy

Public Company; 5001-10,000 employees; CEG; Utilities industry

May 2002February 2006 (3 years 10 months) Baltimore, Maryland Area

Prepared budget and strategy for the corporate security department
Completed transition activities for physical/IT security convergence
Managed the corporate workplace violence program
Built and maintained the enterprise centralized anti-virus architecture
Designed Microsoft Windows Server and web server hardening standards
Helped build and maintain the Information Assurance policies that covered the enterprise
Worked on Sarbanes-Oxley compliance activities related to information security
Established work group for meeting energy industry regulatory compliance standards
Performed vulnerability assessments using various benchmarks
Assisted in physical security investigations
Developed procedures supporting the information security policies
Provided consulting, advice and direction to IT infrastructure groups and business units

Educational Institution; 501-1000 employees; Higher Education industry

September 2000May 2002 (1 year 9 months) Baltimore, Maryland Area

Supervised student aides and volunteers
Managed day-to-day networking/data communications support of end-users
Provided end-user-networking support in a multi-OS environment
Repaired, configured and installed hardware and software on desktops and servers

Justin Weddington's Certifications

  • Certified Information Security Manager (CISM)

    • ISACA
    • License 1424394
    • February 2014

Justin Weddington's Skills & Expertise

  1. Regulatory compliance
  2. ISO 27002
  3. Penetration testing
  4. Policy and standards development
  5. Security design
  6. Forensics
  7. Enterprise security management
  8. Investigations
  9. Web filtering
  10. Security awareness and training
  11. trouble shooting and interpersonal skills
  12. Vendor management
  13. Budget management
  14. Strategy planning
  15. Security convergence
  16. Customer Advocacy
  17. Motivation
  18. Strategy
  19. Operations
  20. Consulting
  21. Virtual Teaming
  22. Vision
  23. Security
  24. Penetration Testing
  25. Vendor Management
  26. Computer Forensics
  27. Security Awareness
  28. Strategic Planning
  29. ISO 17799
  30. Vulnerability Management
  31. Troubleshooting
  32. Network Security
  33. Information Security
  34. Private Investigations
  35. Vulnerability Assessment
  36. Enterprise Security
  37. Computer Security
  38. Enterprise Software
  39. Information Assurance
  40. CISSP
  41. Networking
  42. Integration
  43. Information Security Management
  44. Security Audits
  45. Security Architecture Design
  46. PCI DSS
  47. IT Audit
  48. IDS
  49. Application Security
  50. Information Technology

View All (50) Skills View Fewer Skills

Justin Weddington's Education

University of Baltimore

Bachelor's, Management of Information Systems

20002007

Contact Justin for:

  • job inquiries
  • expertise requests
  • business deals
  • reference requests
  • getting back in touch

View Justin Weddington’s full profile to...

  • See who you and Justin Weddington know in common
  • Get introduced to Justin Weddington
  • Contact Justin Weddington directly

View Justin's full profile

Not the Justin Weddington you were looking for? View more »

Viewers of this profile also viewed...