Benjamin Tomhave

Technical Director of Information Security & Compliance at Highwinds

Phoenix, Arizona Area

Current
  • Technical Director of Information Security & Compliance at Highwinds
Past
  • Senior Security Consultant at BT INS
  • member at ABA ISC
  • Sr Technical Security Engineer at AOL LLC

see less...

3 more...

Education
  • The George Washington University
  • Luther College
  • Moorhead Public Schools :)
Recommended
Benjamin has 1 recommendation(s) 1 person has recommended Benjamin
Connections
226 connections
Industry
Information Technology and Services
Websites

Benjamin Tomhave’s Summary

My experience is very broad within the security context, ranging from small to large corporations, systems and network administration to helping define infosec strategy, to playing leadership roles as an individual contributor in various infosec capacities, such as training, assurance/attestation, operational hardening, and so on.

In addition to professional experience, I have completed a graduate degree in Information Security Management that includes publishing a thesis that formalizes an approach for holistically managing enterprise risk management, operational security management, and audit management under a single assurance management model.

Benjamin Tomhave’s Specialties:

Strategic planning for infosec mgmt; leading security attestation efforts; education, training and awareness; fixing broken organizations; infosec research and thought leadership. MS InfoSec Mgmt, CISSP, current ISSA member, current ABA ISC member, former ISACA member, inactive Infragard member and former sector chief.

Benjamin Tomhave’s Experience

  • Technical Director of Information Security & Compliance

    Highwinds

    (Information Technology and Services industry)

    February 2009Present (6 months)

    As Director of Security & Compliance, it was my opportunity to establish and build a formal security program for the enterprise.

  • Senior Security Consultant

    BT INS

    (Public Company; INSS; Information Technology and Services industry)

    September 2007February 2009 (1 year 6 months)

    Security consultant providing professional services to a broad range of organizations. Direct experience with security architecture, access management, privileged identity management, cryptographic key management, Encryption Key Management Infrastructure (EKMI), development of policies and standards, SSE-CMM, ISO 27000 series standards, pre-sales support, and client presentations.

  • member

    ABA ISC

    (Information Technology and Services industry)

    20082009 (1 year)

  • Sr Technical Security Engineer

    AOL LLC

    (Public Company; TWX; Internet industry)

    December 2003September 2007 (3 years 10 months)

    Served in a team leadership role within the security assurance team. Responsibilities included working with project teams to inject security requirements, development and delivery of technical security training, contribution to policy development, and thought leadership within the security organization.

  • Network Security Lab Analyst

    ICSA Labs (CyberTrust)

    (Privately Held; Computer & Network Security industry)

    July 2002December 2002 (6 months)

    Conducted comprehensive security testing and certification of firewall products. Worked with vendors to coordinate resolution of issues. Testing involved use of common penetration assessment tools, including Nessus, CyberCop, Nmap, hping, nemesis and tcpdump, among others. Testing was conducted in a process-oriented, scientific environment aimed at applying a consistent measure to a variety of firewall products, ranging from consumer appliances to enterprise solutions.

  • Information Security Analyst

    Wells Fargo

    (Public Company; WFC; Banking industry)

    November 2000August 2001 (10 months)

    Provided technical project management to a team of 30+ engineers throughout the country. Responsibilities included design review, workflow management, special project leadership, and point-of-contact for regular work requests. Team was responsible for managing 500-600 firewall, web and application servers, based on Sun Solaris, Compaq Tru64, and Windows NT.

  • Senior Security Consultant

    Ernst & Young

    (Partnership; 10,001 or more employees; Computer & Network Security industry)

    May 1999January 2000 (9 months)

    Participated in and led Information Technology audits, including documenting and providing expert analysis of system and network security. Presented audit and security assessment findings and provided business justification for recommended changes. Involved with both standard IT audits and SAS-70 Type I and Type II reviews.

Benjamin Tomhave’s Education

  • The George Washington University

    MS , Engineering Management , 20042006

    Concentration: Information Security Management

  • Luther College

    BA , Computer Science, Mathematics , 19941998

  • Moorhead Public Schools :)

Additional Information

Benjamin Tomhave’s Websites:

Benjamin Tomhave’s Interests:

travel, hiking, snowboarding, innovation, problem solving

Benjamin Tomhave’s Groups:

ISC2, Infragard, ISACA (formerly), RSA Conference 2008

  •    AOLAlumni
  •    Certified Information Systems Security Professionals (CISSP)
  •    The George Washington University School of Engineering and Applied Science
  •    Information Systems Security Association (ISSA)
  •    Black Hat
  •    Information Security Community (30,000+ Members)
  •    Luther College Family & Friends
  •    Hugh O'Brian Youth Leadership (HOBY)
  •    Security Bloggers Network
  •    Information Security Network
  •    Luther College Alumni & Friends
  •    AOL CONNECTIONS
  •    Luther Alumni
  •    Governance, Risk and Compliance Management (GRC)
  •    AOL Alumni
  •    Luther College Alumni and Friends
  •    International Network Services (INS v2) Alumni
  •    Presidential Classroom Alumni and past and present staff and volunteers
  •    eDiscovery, Digital Evidence & Information Security Special Interest Group
  •    Risk, Regulation & Reporting
  •    Information Risk & Security Job Forum
  •    Computer Security Institute (CSI)
  •    LAMN - Legion Against Meaningless certificatioNs
  •    Cloud Security Alliance
  •    Information Security and Privacy Law

Benjamin Tomhave’s Contact Settings

Interested In:

  • career opportunities
  • consulting offers
  • new ventures
  • job inquiries
  • expertise requests
  • reference requests
  • getting back in touch

View Full Profile

Public profile powered by: LinkedIn

Create a public profile: Sign In or Join Now

View Benjamin Tomhave’s full profile:

  • See who you and Benjamin Tomhave know in common
  • Get introduced to Benjamin Tomhave
  • Contact Benjamin Tomhave directly

View Full Profile