James Mapes

• Provided executive leadership to high-profile strategic accounts for several Incident Response engagements.
• Performed business oriented risk assessments
• Designed updated versions of table top exercises to better reflect current threats to high value business assets
• Collaborated with the customer success, sales, and business development leadership, and provided recommendations for service offerings improvements and practice enhancements.
• Reported directly COO, Jim Radzicki (Jim.radzicki@gmi.com) and CEO, Tim Roemer (tim.roemer@gmi.com)

• Reported directly to Zach Lovelady, CTO(Zach@blueink.com) and Faze Sharif, CEO (Faze@blueink.com)
• Provided a visionary and strategy focused leadership to Blueink business initiatives.
• Collaborated with the executive leadership team to establish and execute a comprehensive information security program to protect Blueink and customer sensitive data, critical infrastructure, and intellectual property and meet regulatory requirements.
• Developed and implemented a robust, risk-based information security strategy that aligns with Blueink business objectives and industry best practices.
• Led the development and maintenance of security policies, standards, and procedures, ensuring adherence to regulatory frameworks (e.g., SOC 2, HIPAA, NIST, etc.).
• Developed a comprehensive cybersecurity strategy, aligning with industry best practices and regulatory requirements.
• Led the identification, assessment, mitigation, and communication of cybersecurity risks across the Blueink enterprise.
• Built and led a world-class incident response team, capable of responding swiftly and effectively to security breaches or events.
• Provided and guided the design, implementation, and maintenance of BlueInk's security architecture, including network security, endpoint protection, and cloud security solutions.
• Developed and implement security awareness training programs for employees, promoting a strong culture of cybersecurity awareness and collaborative community in the workforce.
• Collaborated effectively with cross-functional teams to integrate security into all aspects of the business.
• Established measures, metrics, thresholds and targets to drive performance in alignment with security and other business strategies.
• Conducted regular audits to ensure compliance with relevant regulations, such as GDPR or HIPAA, mitigating potential fines or penalties.
• Implemented a continuous improvement framework for ongoing assessment of security controls effectiveness.
• Streamlined security operations by consolidating tools, processes, and reporting for increased efficiency
• Collaborated with cross-functional teams to address compliance concerns, fostering a culture of shared responsibility..
• Provided expert guidance on complex regulatory matters, enabling informed decision-making within the organization.
• Designed risk assessment frameworks to evaluate organizational vulnerabilities and prioritize areas requiring attention.
• Enhanced decision-making, providing Executive Leadership with detailed compliance risk assessments and recommendations.

• Teach classes of 50 students enrolled in Introduction to Cybersecurity courses, hold office hours and meet one on one with students.
• Mentor students through the learning process.
• Successfully manage classroom and lessons to foster constructive learning environments and develop student interests in course content.
• Proctor exams.
• Assign class activities and Lab Assignments.
• Work with associate instructor assistants on assignments, projects, and tests.
• Provide current cybersecurity events and additional content on A.I., Threat Intelligence, Use of Mitre ATT@CK framework and Lockheed Cyber Kill Chain.
• Michelle Velasquez, Sr. Instructor Manager
• Michelle.v@hackeru.com
• Incorporated real-world examples into lessons, connecting abstract concepts to students'' everyday lives.
• Developed positive relationships with students built on trust and respect, encouraging open communication and mutual support within the class community.
• Implemented effective classroom management strategies, fostering a positive learning environment.
• Mentored struggling students through individualized tutoring sessions, resulting in improved academic performance.
• Modified lessons and curriculum to accommodate diverse learners by using strategies such as peer-assisted learning and group work.
• Participated in department meetings to provide input to colleagues about student achievement and improvement.

• Developed strong partnerships with other businesses to allow for collaboration and more significant opportunities for growth.
• Established a successful business by identifying market needs and developing innovative solutions.
• Conducted target market research to scope out industry competition and identify advantageous trends.
• Developed strong partnerships with key industry players, contributing to an increased market presence.
• Established and maintained strong relationships with customers, vendors and strategic partners.
• Built strong relationships with clients, fostering long-term partnerships and repeat business.
• Increased client satisfaction by providing tailored consulting solutions for their specific business needs.
• Managed large-scale projects, ensuring timely completion within budget constraints.

Reporting to Heather Silvey, Director, Strategic Accounts & Partnerships
415-858-7222
Heather.Silvey@leadstackinc.com

• Information Security Risk Management Senior Advisor and Consultant to BlueShield of California
• Consulting to Risk Escalation Committee on matters pertaining to compliance with cybersecurity and data privacy laws and regulations.
• Propose risk mitigation strategies for escalated risks.
• Provide guidance and recommendations as required.
• Projects as requested by risk management senior leads.

• Defined and drove strategic vision
• Initialized the development of service offerings
• Assured quality of cyber security managed and professional services
• Developed communication and marketing material
• Oversaw and participated in the performance of sales campaigns and developed customer leads
• Provided advisory services and high-level oversight of internal information security departments for clients
• Established security and risk management milestones metrics for measurable results that complied with HIPAA, PCI-DSS, State Data Privacy and EU laws (GDPR) and security standards for clients
• Dieter Gable, CEO
• (602) 343-9478

• Develop, propose and direct strategic plans in direct collaboration with corporate officers and ensure that corporate wide deliverables are met on time and on budget.
• Establish security and risk management milestones and metrics for measurable results that comply with HIPAA, PCI-DSS, and the State Data Privacy laws of Massachusetts, Texas, California, Louisiana, and Washington and security standards for the Special Administrative Region of Hong Kong.
• Design, propose, and direct scalable, efficient and cost effective, remediation of identified risks/assessed vulnerability in corporate and managed client environments. Including compliance programs that meet and/or exceed ISO 2700x, HIPAA, PCI-DSS, SOX, FISMA and FedRAMP
• Provide technology risk assessments of new client environments, ongoing assessments of existing managed environments, and internal security audits to establish a security baseline and measure improvement of BestIT system and network security.
• Direct and provide forensic investigations, incident response, management of security assessments, large remediation projects to meet federal and/or industry mandated regulatory security standards.
• Harry Curtin, CEO
• (602) 772-3546

• Directed information security service delivery, including penetration testing, risk assessments, vulnerability analysis, and threat intelligence
• Developed, proposed and directed corporate security and risk management strategies with milestones, metrics, and annual budgets for client executive leadership.
• Develop strategic corporate policy and compliance programs working closely with legal (general consul), executive management and boards, and internal/external stakeholders
• Officiated as acting CISO and PCI-DSS security contact for multiple large and/or strategic clients in the international hospitality, financial, healthcare, and government industry sectors.
• Designed, proposed, and directed scalable, efficient and cost effective, remediation of identified risks/assessed vulnerability in client environments.
• Worked closely with client executives to ensure that deliverables exceeded expectations and provided oversight and quality assurance of work performed by information security engineers, consultants, auditors, and investigators.
• Developed strategic business opportunities and market service offerings to penetrate industry verticals and achieve continuous growth
• Edward Vasko, CEO
• (877) 707-7997

• Designed and executed all Sun Health Corporate information security and programs to ensure compliance with regulatory data privacy and security laws with special focus on HIPAA, JCAHO standards and PCI-DSS/VISA CISP regulations.
• Coordinated security activities and program objectives across corporate departments and operations and collaborated with compliance, legal, human resources, organizational development, engineering, risk management, and safety and security divisions.
• Redesigned and reorganized the corporate information security program including Sun Health corporate information security policy, establishment of baseline security standards, assessment plans, and compliance monitoring.
• Mentored and engaged IT staff on security best practices, created on-going information security awareness program, and provided security training to new employees during orientation.
• Provided security advice and guidance to executive leadership on all Sun Health contracts and projects related to information systems.
• Implemented a computer forensic analysis process that interfaced with Human resources to assure employee privacy rights during investigations and reduce legal risks.
• David Runt, CIO
• (623) 876-3201

• Provided project and program management for security services and solution design and implementation for a national banks and financial institutions.
• Developed policies, standards, and procedures frameworks as well as Information Security program charters, and user awareness programs for several national corporations.
• Developed Incident response and forensic investigation program and procedure. Trained staff on procedure and processes including on-the job training as acting special advisor and consultant and led CERT response teams.
• Lead vulnerability assessment and attack and penetration teams. Engagements included social engineering, war dialing, war driving, external and internal control tests, operations, physical security, and risk assessments. Performed over 10 attack and penetration engagements with a 100% success rate.
• Developed security recommendations to meet and exceed federal and state regulations (HIPAA, GLBA (Gramm-Leach Bliley Act), Sarbanes Oxley 404, CA SB 1386, etc.)
• Provided guidance to national corporations on development/design of defense in depth projects, test environments, information security assurance programs, policy and standards, incident response procedures, physical security, and Computer forensic analysis process.
• Edward Vasko, Managing Director
• (602) 643-1600

• Performed vulnerability assessments, attack and penetration services and developed network security recommendations/solutions for state agencies.
• Provided information security consulting on multiple state information technology projects and initiatives.
• Evaluated security products including, biometrics, IPSec VPN’s, encryption, Firewalls, digital surveillance systems, multi-factor authentication systems/techniques, email security, Anti-Virus software, and secure email systems.
• Provided incident response for the state of Arizona. Worked directly with Arizona Department of Public Safety, Federal Bureau of Investigation, and the State Attorney General’s Office on forensic investigations, lead investigation teams providing internal forensic services, and developed procedures and processes to enhance response and investigation effectiveness.
• Provided information security and network training to staff. Provided technical consulting to the user awareness program.
• Identified gaps in State and Agency security policies and standards and recommended and/or developed new policies and standards.
• Lee Lane, State Wide Security Manager
• (602) 542-2302

• Provided technical knowledge relating to information security products and services.
• Provided training to internal staff and strategic partners on security solutions and information security technologies.
• Developed and delivered technically oriented presentations and demonstrations to various groups.
• Responsible for installation and support of information security solutions.
• Assisted with internal testing and troubleshooting of information security products.
• Provided support to remote employees for secure remote access (VPN) and antivirus up-dates, email, and hardware configurations.
• Recommended and developed a plan for informative technology summits that focused on information security product technical issues for technical staff.
• Regularly attended security conferences and conventions to demonstrate information security products and collect information from other attending companies for marketing, partnering, and competitive research and analysis.
• Researched, recommended, and developed a technology partnership strategy for the west coast.
• Edward Vasko, V.P. Operations
• (781) 359-9650