James Scholz
President/Security Consultant
Mr. Scholz has performed security assessments for several large companies. He has conducted manual penetration testing of web applications, and has run automated scans of hosts and networks. He is a Certified Information Systems Security Professional (CISSP) Certification, Microsoft Certified System Engineer, Cisco Certified Network Associate, Vulnerability Assessment Trainer, Information System Security Officer.
Mr. Scholz is an accomplished, proactive IT leader with successful experience building and leading cohesive teams to achieve project objectives in extreme conditions under difficult situations. He is a customer-focused project manager committed to building corporate success by identifying and capitalizing on business opportunities.
Mr. Scholz’s extensive knowledge of information and network security issues includes designing and managing technical solutions, including: IT system security, business continuity and disaster recovery; data center design; network operations, maintenance, design and installation; software, database and Web development; life-cycle, logistics, and program management support. A firm believer in continuous improvement, Mr. Scholz has received training or certification in the following areas: UNIX-Linux Security (GCUX): SANS Institute, IASO (ISSO), CCNA 2001 currently working to upgrade to CCSP certification, Certified Vulnerability Assessment Trainer– VAT Level 1, MCSE currently working to upgrade to 2003 certification, and A+ certification.
In addition, the US government has awarded him the following: Bronze Star (Valor), Bronze Star, Meritorious Service Medal (2), Army Commendation Medal (4), Southwest Asia Campaign Medal, Good Conduct (6).
Notable Experience
- Performed database application configuration testing for numerous investments across the federal architecture using NGS SQuirreL. Analyzed the site for SQL injection attacks, cross-site scripting, parameter tampering, session fixation attacks, information disclosure, correct error handling.
- Project Manager, Data Center Design, Data Migration and Senior Security Engineer performing required tasks as associated with Certification and Accreditation on US Government regulated networked systems. Developed rules of engagement, work plans, security matrixes for contracts pending and in process. Network and computer system security regulations, Subject Matter Expert.
- Evaluation of physical security controls; current policies and procedures for compliance with standards as set forth by the National Institute of Standards and Technology (NIST), Federal Information Processing Standards Publications (FIPS), National Security Telecommunications and Information Systems Security Committee (NSTISSC), other Federal Information System regulations and USDA Regulations.
- Designed Data Center for disaster recovery operations, establishing the required support infrastructure for the enterprise.
- Designed three active directory domains to simulate an Enterprise level network using Windows 2000, Cisco Routers, switches, and a firewall controlling access to and from the classroom network.
Subscribe through Feedburner
