Jaymes Williams
Details
Political Science & History
Oregon State University
1992 : 1993
BA
Sociology
Oregon State University
1980 : 1985
2017 : Present
Banfield Pet Hospital
Sr. Information Security Analyst
In this position, I led a small team of Information Security analysts who continually focused on “defending the enterprise” from external and internal risks. The last effort was on transitioning from a compliance-based security team to a cyber-security team which better supports the Dev-Ops and Agile development methodologies in which our IT colleagues were transitioning. The goal being to enable our business colleagues to move faster while, behind the scenes, we help this happen by continually improving our Security and delivery speed. In early 2017, I obtained Daimler's Information Security Architect, or ISA, certification.
I have international experience and have worked on a few projects in Germany with our Global Information Security Colleagues.
Vehicle Security was a prime focus over the last few years and we made great strides in this area.
What I enjoyed most in this position was helping my customers, both within IT and on the Business side, get the Security information or consulting they need to better perform their jobs.
2006 : 2017
Daimler Trucks North America
Deputy Information Security Officer
In this position, I devised an Enterprise Security program which included Enterprise level deployments of anti-virus, intrusion detection, file integrity and internet content filtering products. In addition, I developed and implemented policies managing security patch deployments and access control. This brought the company from poor security to industry best-practice and substantially reduced risk over 3 years. I administered the Internet Content Filtering software & servers and also led & participated in Incident Management for system outages, virus outbreaks or suspected ‘hacking’ incidents.
I devised a Business Continuity plan which ensured the primary application which controlled natural gas flowing through the pipeline would suffer no more than an approximate 10 minute outage in the unlikely event the Portland facilities were no longer operational. This reduced the risk of a business disruption and the potential for energy-outages.
The Portland-based portion of the PG&E National Energy Group was a natural gas pipeline running from Alberta to the California border. This company changed names several times during my time there and eventually became part of TransCanada and is no longer in Portland.
2000 : 2004
PG&E National Energy Group
Information Security Officer
I served as an Intelligence Analyst for the USAF Reserve’s 939th Rescue Wing and 304th Rescue Squadron. During this time, I held a TS/SCI Security Clearance and prepared and delivered briefings and training to intelligence personnel, aircrews, pararescuemen and senior Air Force Officers.
During my years in this unit, I became the “Computer Guy” before the career field even existed. Due to the nature of our work, I learned quite a lot about information security procedures, and policies. I developed training on this and other computer-related topics for my colleagues. In addition, I created intelligence documents and reports as needed and supervised a few junior personnel.
In the 1990’s, I served in several contingency operations including Desert Storm (Southern Iraq), Provide Promise (Bosnia), Uphold Democracy (Haiti) and Provide Comfort (Northern Iraq).
1991 : 2001
US Air Force Reserve
Senior Operations Intelligence Analyst
1998 : 2000
Freightliner Corporation
Information Security Analyst
Skills
Application Security, Business Continuity, Change Management, CISA, CISSP, Cloud Security, Computer Forensics, Computer Security, CSIRT, Cybersecurity, Disaster Recovery, Enterprise Risk Management, Governance, GRC, Information Assurance, Information Security, Information Security Architecture, Information Security Management, Information Security Policy, Information Security Standards, ISO 27001, IT Audit, ITIL, IT Management, Microsoft Excel, Microsoft Office, Microsoft PowerPoint, Network Security, NIST, Payment Card Industry Data Security Standard (PCI DSS), Phishing, PMP, Process Improvement, Program Management, Risk Assessment, Risk Management, Sarbanes-Oxley, Sarbanes-Oxley Act, Security, Security Audits, Security Awareness, Security Management, Team Leadership, Vendor Management, Vulnerability Assessment, Vulnerability Management, Written Communication
About
Information Security Professional with extensive experience helping organizations resolve business issues relating to security awareness, risk and compliance.
I always seek new ways to find that elusive 'sweet spot' where risk is minimized without impacting business activities. I have a passion for continual improvement and finding new ways to accomplish things by reducing cost and increasing efficiency.
My specialties over the last several years have been Security Awareness and GRC (Governance, Risk and Compliance). Helping your fellow employees by arming them with the correct knowledge on how to avoid security risks is extremely cost efficient when compared to technical solutions or security incidents. However, changing human behavior can also be hard. That's why I'm working to learn new ways to help with changing behavior, such as the ADKAR model for individual and organizational change.
Identifying, tracking and leading mitigation of risk also helps minimize security risks to the organization and that's another area I'm passionate about. Providing a complete risk picture to decision makers helps them make informed decisions to mitigate, avoid, transfer or accept risk.
I believe in providing the best service to my customers whether they are IT colleagues or business customers. I've worked in Global organizations, lead small information security teams and worked internationally with colleagues from around the world.
Specialties:
- Security Awareness
- Governance, Risk & Compliance
- Application Assurance
- Business Continuity & Disaster Recovery
- Vehicle Security.
Profile Photo
