Name: Tim Weil

Title: Network Project Manager

Employer: Alcohol Monitoring Systems

Location: Denver, Colorado, U.S.A.

Degree: BA in Sociology/Latin American Studies from Immaculate Heart College, MS in Computer Science from Johns Hopkins University

Years in IT: 30+

Years in cybersecurity: 15+

Cybersecurity certifications: CCSP, CISSP, CISA, CRISC

How did you decide upon a career in cybersecurity?

Working in the telecommunications industry through the dot-com era, my core networking skills became less valuable when I obtained the CISSP in 2003. In the federal sector, I worked as a contractor for more than 10 years for more than 10 agencies, specializing in governance, risk and compliance (FISMA/FEDRAMP) and later ISO27001. Cybersecurity as a career, for me, evolved after 10 years in software engineering and 10 years in network engineering and program management.



Why did you get your CCSP®?

I wanted to validate the past five years of industry work that I had done with cloud security companies and systems. Also, as a professional in my mid-sixties, I wanted to challenge myself with a new course of study from (ISC)².



What is a typical day like for you?

In support of our production systems for Continuous Alcohol Monitoring (CAM) and Offender Tracking Management SaaS platforms I provide the following services on a

daily basis -

Cross-functional IT project manager to our DevOps teams with special project emphasis on security initiatives.

Project manager / coordinator for ISO 27001 & HIPAA implementation projects

Internal auditor (ISO 27001 / ISO 9001)

Cloud security architect - cloud migration strategies (Azure PaaS services)

Evaluate and recommend Cloud Security products (CASB, Threat Intelligence, Application Security, Vulnerability Management scanners, 3rd party penetration testing services)







Can you tell us about a personal career highlight?

In 2014 I was honored by IEEE-USA for my “Professional Achievement for Individuals” for providing conference management (IEEE GLOBECOM/GREENTECH). As Chair of the Washington DC IEEE Section (2009) I developed a 50-year history of engineering and science in the nation’s capital. This electronic archive is available through the IEEE History Center Technology Wiki. Finally, Also, I served as the senior security manager for the National Science Foundation U.S. Antarctic Program from 2010-2012.

How has the CCSP certification helped you in your career?

The certification has given validation to my industry experience and leading edge technology solutions. I was also happy to continue my affiliation and membership with (ISC)² in the form of a second certification. In my position as ‘Securing IT’ editor for IEEE IT Professional magazine I have also benefited from the CCSP curriculum in editing and contributing professional journal articles in cloud topics - Cloud Application Security, Cloud Compliance Requirements and Cloud Data Security Cloud Design Requirements

What is the most useful advice you have for other cloud security professionals?

A good sense of humor will serve you well in the new world of cloud computing. It’s important also to have a strong understanding of the virtualization technologies and vendors that enable cloud-based computing/storage/networking/memory management solutions. Words of advice – ‘avoid vendor lock-in’ in your evaluation of Cloud Service Providers.

For information about the Certified Cloud Security Professional certification training seminars, visit https://www.isc2.org/ccsp-training/default.aspx.