James R. Wade
890 Clubview Boulevard North, Columbus, Ohio 43235-1217
Office (614) 560-2554 * Home Telephone (614) 846-0536
Work Synopsis |
I have more than 30 years of professional experience in managing complex
technical projects & 25 years experience in providing information security services
& solutions for government, industry, & financial organizations. My working
experience indicates an ability for building strong teams & structuring them to
achieve peak performance as well as includes being selected to create newly constituted
management positions for a variety of organizations. |
Summary of Experience
AirTouch Cellular (formerly Cellular
One: OH & MI)
1996 - Present |
Since joining AirTouch, I have tackled several challenges. In 1998, I was
selected as the first chief information security officer for the $55 billion AirTouch
wireless enterprise. As the Director, Enterprise Information Security & Business
Continuity, I developed the program's centralized management & decentralized
implementation structure & am responsible for the strategy of enterprise-wide business
continuity, information & network security programs; establishing policies &
processes; defining information security architectures; performing long & short range
planning; preparing & managing budgets; formulating risk projections & analyses
for senior management; determining information & network security requirements &
approaches for addressing risks; providing subject-matter expertise on information &
network security concepts & methodologies; directing enterprise-wide resources
providing information security & business continuity program development &
planning; teaming with senior management & technical staff to design security
solutions based on business risks; measuring & monitoring the program's overall
effectiveness; preparing & presenting reports & briefings for senior management;
performing enterprise-wide information & network security oversight activities;
integrating the efforts of business continuity & information security to assure risks
are adequately addressed throughout the business; & managing a staff of information
security & business continuity experts. In 1996, I became the first Director of
Fraud Management for Ohio & Michigan & recently assumed responsibilities to
develop the position of the Eastern Region Director of Fraud Management. In this capacity,
I am responsible for the overall strategy to counter wireless fraud for this multi-state
wireless telecommunications business. Responsibilities include directing the development
& deployment of technical solutions & processes to counter multi-million dollar
fraud risks; executing management tasks including budgeting, staffing, & planning;
policy development; managing a team of technical & fraud countermeasures specialists.
Additionally, I designed & deployed a special unit that investigates fraudulent
activities (internal & external); trains state, local, & federal law enforcement
& court officials on wireless fraud; processes subpoenas & court orders for
records; & provides expert testimony. Between 1996 & 1998, the impact of fraud was
reduced by more than 70 percent & the number of customers impacted by fraud was
reduced by approximately 85 percent. During 1997, I exceeded annual financial/operational
goals by more than 400 percent & in 1998 by an additional 200 percent.
In addition to the duties outlined above, I am also responsible for intercarrier
services which provides day-to-day control of relationships with wireless
telecommunications carriers & more than two million customers. Responsibilities
include managing a budget of more than $160 million per year & a staff of technicians;
resolving technical issues associated with customer's roaming in other market areas;
managing the roaming payables & receivables with other telecommunications carriers
both nationally & internationally.
From August 1996 - May 1997, I also directed the Instruction and Reference Department
that is trains new employees for the 600 person Customer Operations group. This training
Department plans, develops, and facilitates basic & advanced training on customer
service, accounts receivable, customer order processing, & administration. During the
period I was responsible for this department, I completely reorganized the department
while increasing the number of Customer Operations staff trained by more than fifty
percent. |
Battelle Memorial Institute 1988 - 1996 |
Program Manager & Research Leader. As the first Information
Systems Security Program Manager, I managed the Information Systems Security Program
Office for Battelle Memorial Institute, an international research & development
company with volume of $1 billion per year & a staff of more than 8,500.
Responsibilities included directing research of information systems security products;
managing consulting services for government & industrial clients; executing management
tasks including budgeting, staffing, strategic planning, & business development;
managing a multi-disciplinary team of security, computer, & network specialists
providing a wide range of contract research services. Accomplishments included:
- Designed the security architecture for a smart-card based financial system
incorporating Open Systems Interconnection (OSI) standards & Distributed Computing
Environment (DCE) model into a client/server environment.
- Managed vulnerability assessments of the network, firewall, & web servers for one
of the top ten banks & the largest R&D lab in the United States.
- Designed the information security program for one of the largest personal computer
manufacturers.
In 1990, I was appointed as the first non-federal government employee to lead the
computer security topic for the US Department of Energy's (DOE) national-level, security
inspection program of national laboratories & nuclear weapons sites. Responsibilities
included planning, scheduling, & developing strategies for inspecting DOE computer
& network security; managing teams of technicians & specialists in collecting
& analyzing data, performing security tests, & preparing reports for DOE
management; & preparing & briefing results to the DOE Deputy Assistant Secretary
for Oversight & other senior management. |
Figgie International 1987 - 1988 |
Manager of Information Systems Security. In creating this position
for Figgie, a billion-dollar international manufacturing conglomerate, I was responsible
for establishing policy; providing training, advice, & assistance to the operating
units; conducting investigations of fraudulent activity; designing & implementing an
information security awareness program; & developing a disaster recovery system for
the corporate data center. Accomplishments included:
- Established the first corporate information systems security policies &
standards.
- Designed & developed security features for the corporate-wide micro-to-mainframe
financial reporting network.
|
The Scott & Fetzer Company 1980 - 1987 |
Director of Loss Control & Security. As the first corporate
security & loss control director for this international Fortune-500 manufacturing
& direct sales company, I developed policy & reported the status of the program to
the corporate board of directors. I also performed security vulnerability analyses,
provided advice & assistance, conducted investigations of fraudulent activities,
developed an executive protection program, & managed several major corporate projects
including constructing the world headquarters as well as other facilities, & relocated
several manufacturing & financial operations. Accomplishments included:
- In conjunction with internal & external auditors, developed a fraud detection &
prevention program that decreased company-wide losses of inventory & materials by 80
percent.Manager of Communications Systems. In 1984, I was selected as the
company's first chief information officer. In this position, I continued to be responsible
for security but also assumed responsibility for managing corporate data processing,
telecommunications, & facilities. In this position, I developed policy & budgets
as well as managed a staff of technical & administrative personnel & provided
direction to more than 30 operating units regarding investment decisions & capital
requests for computer & communications systems. Accomplishments included:
- Designed & implemented a network for periodic reporting of financial data between
operating units & the corporate headquarters. Developed a database for processing,
consolidating, & presenting financial & operating results for senior management. |
Computer Security Consulting 1978 - 1980 |
Manager/Senior Consultant. During this period, I developed a
quantitative risk assessment methodology for computer security to identify & assess
fraud & security risks for government & industrial organizations. Further, I
performed responsibilities including budgeting & personnel actions, & managing a
staff that increased from three to twenty five security consultants, technicians, &
specialists in fifteen months. Accomplishments included:
- Conducted a vulnerability analysis of a worldwide funds transfer network. |
US Army 1958 - 1978 |
Retired as a Chief Warrant Officer with 20 years service. In 1974, as a
Special Agent for U.S. Army Military Intelligence, I was selected as a charter member of
the first Department of Defense organization responsible for providing computer security
services for the Army & Joint Chiefs of Staff. Also, I was a direct contributor to the
Army policy & first regulation on computer security. Accomplishments included:
- Evaluated the security of the patient information system for the Presidential Care
Unit at the Walter Reed Army Hospital. |
Professional Affiliations & Achievements
I am a speaker on risk analysis, computer security, information systems management,
Internet & network security, fraud & asset protection to organizations including
the Computer Society of the IEEE, National Association of Accountants, & the Data
Processing Management Association, as well as companies including Xerox, Dana, &
Owens-Corning Fiberglas. I have lectured at the National Institutes of Health, University
of Akron, FBI Academy, Department of Energy, Department of Defense Computer Institute,
& U.S. Army Command and General Staff College. I have published papers in professional
journals including Security Management & Information Security as well as
contributed to Advances in Computer Security Management, Volume 2, a volume of the
Wiley Heyden Advances Library in EDP Management.
Professional Affiliations & Achievements (Continued)
I have completed the second year of a four-year appointment on the Computer System
Security and Privacy Advisory Board established by Congress in Public Law 100-235 to
report to the Secretary of the U.S. Department of Commerce & provide advice to the
congress & administration on computer security & privacy issues.
In 1997, I was elected to a three-year term to the Board of Directors for the
International Information Systems Security Certification Consortium (ISC)2. I
am currently the President of the Board of Directors. Prior to being elected as President,
I was the Vice President & Executive Director of the organization as well as the
Chairman of the Personnel Committee. I also served on the Recertification & Common
Body of Knowledge committees.
In 1997-1998, I was the Chairman of the Board for the International Board of Directors
for the Information Systems Security Association (ISSA), the professional association for
information security practitioners. In 1993, I was elected to the ISSA Board as Recording
Secretary & was re-elected the Director of Operations for 1994-1996. I also was the
chair of the ISSA Oversight Committee for developing generally-accepted systems security
principles & the chair of the 1998 & 1999 Nominations Committees. In 1996, I was
elected to a one-year term as the ISSA President.
I have been a member of the Curriculum Advisory Committee for the College of Law
Enforcement, Eastern Kentucky University; the Advisory Board for Datapro Reports on
Information Security; the Reader's Advisory Panel for PC Magazine; & the
Advisory Board for the MIS Training Institute. I was listed in the 1992-93 edition of
Oxford's Who's Who of Professionals. Additionally, I have served on several working
groups with the US Department of Commerce, National Institute of Standards &
Technology.
From 1987 through 1991 & 1993, I was the Chairman of the National Standing
Committee on Computer Security for the American Society for Industrial Security (ASIS), a
professional society of 25,000 members worldwide. I was awarded the "Committee
Chairman of the Year" each year for three consecutive years, 1989 through 1991, for
my leadership of the ASIS Computer Security Committee. Additionally, I have been a member
of the ASIS Educational Strategies Council & a faculty member for ASIS security
management courses. I am currently serving on the ASIS National Standing Committee for
Safeguarding Proprietary Information.
Professional Certifications
I am a Certified Information Systems Security Professional (CISSP) with the
International Information Systems Security Certification Consortium, Inc. (ISC)2
from 1993 to the present. In 1994, the U.S. Department of Energy granted me a professional
certification as a Certified Computer Security Inspector (CCSI). Further, I held a
certification as a Certified Information Systems Auditor (CISA) with the EDP Auditors
Association from 1979-1984.
Security Clearances
Until recently, I held a Department of Energy "Q" (Top Secret) Clearance. I
previously held a Top Secret clearance with the Department of Defense & was also
previously was cleared for Sensitive Compartmented Information by both the Energy &
Defense Departments. |