Benjamin Tomhave

Experienced Security Consultant and InfoSec Mgmt Academic

Washington D.C. Metro Area

Current
  • Security Consultant at BT INS
Past

see less...

1 more...

Education
  • The George Washington University
  • Luther College
  • Moorhead Public Schools :)
Recommended
Benjamin has 1 recommendation(s) 1 person has recommended Benjamin
Connections
178 connections
Industry
Information Technology and Services
Websites

Benjamin Tomhave’s Summary

My experience is very broad within the security context, ranging from small to large corporations, systems and network administration to helping define infosec strategy, to playing leadership roles as an individual contributor in various infosec capacities, such as training, assurance/attestation, operational hardening, and so on.

In addition to professional experience, I have completed a graduate degree in Information Security Management that includes publishing a thesis that formalizes an approach for holistically managing enterprise risk management, operational security management, and audit management under a single assurance management model.

Benjamin Tomhave’s Specialties:

Strategic planning for infosec mgmt; leading security attestation efforts; education, training and awareness; fixing broken organizations; infosec research and thought leadership. MS InfoSec Mgmt, CISSP, current ISSA member, current ABA ISC member, former ISACA member, inactive Infragard member and former sector chief.

Benjamin Tomhave’s Experience

  • Security Consultant

    BT INS

    (Public Company; 1001-5000 employees; INSS; Information Technology and Services industry)

    September 2007Present (1 year 4 months)

    Security consultant providing professional services to a broad range of organizations. Direct experience with security architecture, access management, privileged identity management, cryptographic key management, Encryption Key Management Infrastructure (EKMI), development of policies and standards, SSE-CMM, ISO 27000 series standards, pre-sales support, and client presentations.

  • Sr Technical Security Engineer

    AOL LLC

    (Public Company; TWX; Internet industry)

    December 2003September 2007 (3 years 10 months)

    Served in a team leadership role within the security assurance team. Responsibilities included working with project teams to inject security requirements, development and delivery of technical security training, contribution to policy development, and thought leadership within the security organization.

  • Network Security Lab Analyst

    ICSA Labs (CyberTrust)

    (Privately Held; Computer & Network Security industry)

    July 2002December 2002 (6 months)

    Conducted comprehensive security testing and certification of firewall products. Worked with vendors to coordinate resolution of issues. Testing involved use of common penetration assessment tools, including Nessus, CyberCop, Nmap, hping, nemesis and tcpdump, among others. Testing was conducted in a process-oriented, scientific environment aimed at applying a consistent measure to a variety of firewall products, ranging from consumer appliances to enterprise solutions.

  • Information Security Analyst

    Wells Fargo

    (Public Company; WFC; Banking industry)

    November 2000August 2001 (10 months)

    Provided technical project management to a team of 30+ engineers throughout the country. Responsibilities included design review, workflow management, special project leadership, and point-of-contact for regular work requests. Team was responsible for managing 500-600 firewall, web and application servers, based on Sun Solaris, Compaq Tru64, and Windows NT.

  • Senior Security Consultant

    Ernst & Young

    (Partnership; 10,001 or more employees; Computer & Network Security industry)

    May 1999January 2000 (9 months)

    Participated in and led Information Technology audits, including documenting and providing expert analysis of system and network security. Presented audit and security assessment findings and provided business justification for recommended changes. Involved with both standard IT audits and SAS-70 Type I and Type II reviews.

Benjamin Tomhave’s Education

  • The George Washington University

    MS, Engineering Management, 20042006

    Concentration: Information Security Management

  • Luther College

    BA, Computer Science, Mathematics, 19941998

  • Moorhead Public Schools :)

Additional Information

Benjamin Tomhave’s Websites:

Benjamin Tomhave’s Interests:

travel, hiking, snowboarding, innovation, problem solving

Benjamin Tomhave’s Groups:

ISC2, Infragard, ISACA (formerly), RSA Conference 2008

  •    AOLAlumni
  •    Certified Information Systems Security Professionals (CISSP)
  •    The George Washington University School of Engineering and Applied Science
  •    Information Systems Security Association (ISSA)
  •    Information Security Community
  •    Luther College Alumni
  •    Security Bloggers Network
  •    Information Security Network
  •    Luther College Alumni & Friends
  •    AOL CONNECTIONS
  •    Luther Alumni
  •    Governance, Risk and Compliance Management (GRC)
  •    AOL Alumni
  •    Luther College Alumni and Friends
  •    International Network Services (INS v2) Alumni

Benjamin Tomhave’s Contact Settings

Interested In:

  • career opportunities
  • consulting offers
  • new ventures
  • job inquiries
  • expertise requests
  • reference requests
  • getting back in touch

View Full Profile

Public profile powered by: LinkedIn

Create a public profile: Sign In or Join Now

View Benjamin’s full profile:

  • See who you and Benjamin Tomhave know in common
  • Get introduced to Benjamin Tomhave
  • Contact Benjamin Tomhave directly

View Full Profile