RALPH SPENCER POORE, CISA, CFE, CISSP, CHS-III, CTGA, PCIP

EMPLOYMENT HISTORY

2011 – Present        PCI Security Standards Council, LLC
Director, Emerging Standards

2008 – 2011        Cryptographic Assurance Services, LLC, Arlington, TX
Chief Cryptologist and an Owner

2008 – 2008        GEOBRIDGE Corporation, Reston, VA
Chief Cryptologist and Senior Fellow
•    Established with a colleague a new business area for company:  financial services information assurance (e.g., TG-3, PCI DSS)
•    Lead cryptologic services including assessment of cryptographic products and services

2005 – 2008        Innové LLC, San Antonio, TX
Chief Scientist
•    Responsible for research and developmental grants program
•    Cryptographic engineering and Information Assurance research and consulting
•    Supported USAF Cryptographic Modernization Program
•    Acting as Principal Engineer for Rockwall Collins on two Cryptographic Modernization programs (KG-3X and GEMS)
•    Began commercial information assurance practice for Innové
•    Establishing a NIST-accredited FIPS-140 lab

2001 – 2003        AdvancePCS, Irving, TX
Vice President & Chief Information Security Officer
•    Created Information Security Organization (ISO) reporting to Vice Chairman.
•    Assisted Privacy Officer in HIPAA-related policies and processes
•    Instituted ISO/IEC 17799:2000 governance for information security
•    Managed budget of $3+ million and organization of 32

2000 – 2001        Privacy Infrastructure Inc., Arlington, TX
Chief Technology Officer
•    Designed Privacy Engine—a high-security technology for enforcing privacy policy
•    Managed office and personnel including both technical and sales staff

2000 – 2006        Pi “R” Squared LLP, Arlington, TX
Senior Partner
•    Established information security and privacy consulting firm specialized in compliance audits and privacy/security assessments
•    Created joint venture for training professionals as Interchange Network Security Auditors (INSA)—R² Academy Ltd.

1997 - 2000     Ernst & Young LLP, Dallas, TX     
Southwest Area Practice Leader, Electronic Commerce
•    Instrumental in the sale and delivery of over $3 million dollars of e-commerce services
•    Developed cryptography-related patents
•    Exceeded MBO's earning maximum annual bonus
•    Created new practice from scratch in area new to the Firm; transitioned from line staffing model to matrixed staffing model crossing all other ISAAS practice areas
•    Represented the Firm at American National Standards and other national and international security bodies (e.g., X9F, GASSPC, ISC2, ISSA)
•    Extensive public speaking and publishing on Firm's behalf

1990 - 1997        Coopers & Lybrand LLP, Dallas, TX
Director, Information Security Services
•    Instrumental in the sale and delivery of over $10 million dollars of information-security related services
•    Developed new product offerings; built practice from one to 6 people in region with no previous full-time presence
•    Represented the Firm at American National Standards and other national and international security bodies (e.g., X9F, GASSPC, ISC2, ISSA)
•    Extensive public speaking and publishing on Firm's behalf

1986 - 1990        Ernst & Whinney (became Ernst & Young), Baltimore, MD
Sr. Manager and Information Security Practice Director
•    Responsible for management consulting sales, management, and technical support of information security projects for Mid Atlantic Region.
•    Built a practice from zero to 5 people during a period of slow Firm growth

1980 - 1986     Total Assets Protection, Inc., Arlington, TX
Vice President, Information Security Consulting (1984-1986)
Director, Advanced Technology (1980-1984)
•    Responsible for management consulting project management, sales support, product & service development and technical execution of information security projects
•    Founded the Information Security consulting practice for TAP.
•    Extensively developed market for services in Canada (in addition to USA)

1977 - 1980        Data Processing Security Inc., Fort Worth, TX
 Director, Research & Development

1976 - 1977        Missile & Surface Radar Division, RCA, Moorestown, NJ   
Member, Engineering Staff

1974 - 1976     United States Air Force, HQSAC/ADOP, Offutt AFB, NE
 Systems Programming Officer & Data Security Officer   

MILITARY

•    14 credited years (combined active duty and reserve) including Desert Shield & Desert Storm
•    Supported Joint Strategic Target Planning Staff (AFSC 5144/5135)
•    Served as Branch, then Division Security Officer (HQSAC)
•    Trained as an Air Intelligence Officer (AFSC 8054); served as fusion analyst; PI & ELINT
•    Served as Vault Security Officer
•    Briefing officer for flag-level and SES-level executives
•    Worked for both National Security Agency and  Defense Intelligence Agency
•    Previously held TS/SIOP/ESI and TS/SI/SCI; currently hold TS (SCI eligible)—inactive

ADDITIONAL ACHIEVEMENTS

•    Awarded ISSA Distinguished Fellow (2013)
•    Awarded ISSA Hall of Fame (2012)
•    Received (ISC)² President’s Award (2010)
•    Elected to Board, then to Vice President, and then to President of the International Information Systems Security Certification Consortium, Inc. [ISC2]; Founding Chairman of Test Development Committee for CISSP designation; honored for contributions to profession; served on both the Professional Practice Committee and the Governance Committee; now serving on Advisory Board for the Americas and CBK Committee
•    Nominated to Who's Who in Information Security
•    Editor and columnist for Journal of Information Systems Security (an Auerbach Publishing/CRC Press publication); currently on Advisory Board and a frequent author
•    Appointed Chairman of ad hoc X9F committee for X9/TG3 PIN Security and Key Management Compliance Review document
•    Appointed Recording Secretary for X9F Data and Information Security Committee
•    Appointed Recording Secretary for X9A Retail Financial Services
•    Appointed Chairman for X9A2 ISO 8583 US Working Group
•    Contributor and editor for Generally Accepted Systems Security Principles (GASSP) document; now active on GAISP (GASSP successor initiative with ISSA)
•    Contributor and editor for Guidelines for Information Valuation (GIV)
•    Appointed Chairman of ISSA's Standards Review Committee
•    Represented C&L at joint AICPA/Department of Justice forum on Key Escrow
•    Member, Federal PKI Task Force
•    Member, IETF TLS Working Group
•    Member, IETF EDI Working Group
•    Chartered a Toastmaster’s chapter (Advance Articulators #1630); served as President
•    Competent Toastmaster (CTM) and Competent Leader (CL)
•    Appointed to Advisory Board, University of Dallas, Graduate School of Management, for their new Master of Science in Information Assurance.
•    Served as Chairman, ISSA Awards Committee

EDUCATION

BA, Texas Christian University
MA, Texas Christian University
(Extensive additional training averaging over 50 CPE's each year)

PROFESSIONAL CERTIFICATIONS AND MEMBERSHIPS

•    Certified Fraud Examiner (CFE)
•    Certified Information Systems Auditor (CISA)
•    Certified Information Systems Security Professional (CISSP)
•    Certified Homeland Security—Level III (CHS-III)
•    Certified TG-3 Assessor (CTGA)
•    PCI Data Security Standard (PCI DSS) Qualified Security Assessor (QSA) [2008-2011]
•    PCI Profession (PCIP)
•    President, International Information Systems Security Certification Consortium [(ISC)2], 1995-1996
•    Vice President, (ISC)2  1993 - 1995
•    Founding Chairman, (ISC)2 Test Development Committee, 1990 – 1993
•    Chairman, (ISC)² Governance Committee, 2001-2004
•    Member, (ISC)² Professional Conduct Committee, 2000-2004
•    Member & Speaker, Information Systems Security Association (ISSA),    1987 - present
•    Chairman, ISSA Standards Review Committee, 1992 - 1999
•    President, ISSA North Texas Chapter, 1993 - 1994
•    President, ISSA Baltimore Metro Chapter, 1989 - 1990
•    Member, American Society for Industrial Security, 1982 - 1993
•    Member & Speaker, Association of Records Managers & Administrators (ARMA), 1981 - 1991
•    Member, American Management Association, 1980 - 1988
•    Member, Association for Computing Machinery (ACM), 1972 - present
•    Member, ACM Special Interest Group on Security, Audit and Control
•    Affiliate Member, IEEE Computer Society, 1987 - 1999
•    Member & Speaker, Information Systems Audit & Control Association, 1986 – present
•    Member, Association of Certified Fraud Examiners, 19xx – present
•    Member, High Technology Crime Investigation Association, 2002 – 2003
•    Member, International Association for Cryptologic Research

CIVIC ACTIVITIES

•    Chapter President, American Mensa, Ltd.  Ft Worth, TX, 1984 - 1985
•    Chapter V.P., American Mensa, Ltd., Ft. Worth, TX, 1984 - 1984
•    Newsletter Editor, American Mensa, Ltd., Ft. Worth, TX, 1984 - 1985
•    Chapter Board, American Mensa, Ltd., Philadelphia, PA, 1976 - 1977
•    Member, American Mensa, Ltd., 1976 - present
•    Certified Lay Leader, United Methodist Church, Ft Worth, TX, 1992, 93, 95 - present
•    C&L Representative, Texas Special Olympics, Dallas, TX, 1993 -1993
•    Member    Toastmasters, 1994 –1999, 2002 – present

SKILL AREAS

•    Extensive technical skills over both legacy and PC/Server systems and applications including system-level programming, application programming, computer operations, networking, and hardware
•    Applied cryptographer in both symmetric-key and asymmetric-key technologies
•    Inventor, problem solver, innovator, and visionary with the ability to present highly technical solutions to management in business terms
•    Professional speaker and author

INSTRUCTOR QUALIFICATIONS

•    Developed computer-based instruction courses for School of Nursing at TCU (1972) and for Geography Department (1973)
•    Taught Introduction to Computer Science at TCU in 1974
•    Developed and taught Structured Programming course for USAF in 1976
•    Taught seminars in information security (many topics) while at DPS and TAP (1980-1989)
•    Developed and taught Interchange Network Security and Audit classes (and trained a cadre of instructors) while at Coopers & Lybrand LLP and again at Ernst & Young LLP (1990-1999)
•    Guest lecturer at University of Texas (Accounting and Auditing classes) (1998)
•    Guest lecturer at University of Dallas (Information Security class) (2001)
•    Guest lecturer at University of Texas at San Antonio (Information Security class) (2006)
•    Provided support to courses at Purdue (Eugene H. Spafford, PhD), Idaho State (Corey Schou, PhD), and George Washington University (Lance J. Hoffman, PhD)
•    Guest lecturer at University of North Texas (Information Security class) (2008)

NIATEC National Science Foundation Information Assurance Directorate Department of Homeland Security CISSE Scholarship For Service