Hi, I’m Jim InfoSec Manager for a university by day and an InfoSec Consultant for non-profit orgs (and others doing positive social change work) by night. Those doing good work often have few resources, hence having a straight InfoSec day job.
I’ve been a pen-tester, red teamer, SOC analyst and vuln manager. These days gruelling GRC is unavoidable (send help!).
Highlight: Managing project to protect whistle blowers and exfiltrate data that the International Criminal Court is currently using to prosecute hideous war crimes.
Lowlight: Having to order the retirement of a public facing server that hadn’t been update for 30 years. Yes. 30. Years.