Mag. Bartlomiej Zolnowski

Teaches undergraduate Cyber Security online and or onsite core specialty courses including Information System Architecture, Information Systems Security Issues and Emerging Technologies, Disaster Recovery Planning, Information Security Needs, Assessment Planning, Cyber Terrorism, Network Security, Advanced Network Security, Ethical Practice of Intrusion Detection.

Member of the TiVo's global IT Security & Risk Management department responsible for Information Security Governance, Risk Management, and Compliance (GRC) with regulatory requirements, corporate policies, and legal standards.

Member of the TiVo's global IT Security & Risk Management department responsible for Information Security Governance, Risk Management, and Compliance (GRC) with regulatory requirements, corporate policies, and legal standards.

Prepares and advises senior leaders in managing information risk primarily from the regulator reviews such as OCC, FRB, SEC, HKMA, and MAS. Leads review of cybersecurity policies, standard operating procedures, and information security program controls against external regulations, and internal policies. Participates in various management committees and working groups to develop long-range and short-range information security (IS) corrective actions to resolve deficiencies.

Contributes to the long-term operational and engagement strategy for the account, and continuous improvements of internal and external processes by serving as a trusted advisor to the Operations Manager. Reviews and makes changes to procedures as required and created standard operating procedures and guidelines around new processes for management approval.

Leading the creation and execution of a Governance, Risk, and Compliance (GRC) package as part of the Continuous Diagnostic and Monitoring (CDM) offering for the federal accounts. Provides subject matter expertise in all areas of IT Security, with emphasis on risk management, complex technical heterogeneous environments, problem solving, and customer service. Works as part of a client-facing delivery team, providing security advice on process re-engineering and oversight during implementation and delivery.

Risk Assessment - determines levels of risk acceptance and the on-going risk profile of healthcare accounts, the scope and role of information security policies, procedures, and operations; one-on-one interviews with staff and subject-matter-experts; and the verification and validation of in-place and planned security controls. Threat and Vulnerability Management - conducts periodic vulnerability assessment of hosts, network devices, databases, and web applications.

Projects to date: Member of the Security and Privacy team responsible for information risk assessment, security management, network security, annual security review, penetration testing, vulnerability assessment, and PCI testing.

Responsible for planning and executing Information Technology (IT) Audits world-wide. Assessing emerging risk of conditions that would impede the successful achievement of business objectives. Monitoring key performance indicators and providing ongoing assurance regarding systems reliability and information quality. Additionally, responsible for building strong relationships with IT and business personnel, and external auditors.

Confers projects, meets with clients to determine requirements and business models. Develops secure applications and provides consulting for small businesses. Travels to customer sites, defines software, backups and network requirements. Sets up LANs and wireless networks, implements security, audits workstations, networks, servers, and recommends security best practices.

Administers and conducts security assessment of seven mission-critical servers: website, application, file, backup, e-mail, hot standby, and development server. Conducts vulnerability assessments, iptables configuration, and overall security. Designs Public/Private key infrastructure, passwordless logins, SSH, SSL certificates, remote backups, performs network security audits. Responsible for hardening of the servers due to the IFrame attacks, SSH port scans, SQL injections, and XSS attacks.

Stays current and knowledgeable in the IT industry. Designs and develops stand-up/instructor led training. Performs instructor-led technical, desktop applications, secure web, database design, classroom and one-on-one instruction. Provides a learning environment in which students with different learning modalities may attain success. Remains current with trends, techniques, and advances in equipment that are applicable to the programs.

Provides secure development of applications and consulting services. Performs daily security checks and updates of the servers, leads server migration to IT department, resolves server related issues, and designs solutions. Utilizes ColdFusion, JavaScript, and SQL syntax using primarily PostgreSQL database. Monitors and fixes problems related to e-mail server and develops coding solutions and fixes as assigned by the department.

Implements and maintains security for Distance Learning Department website at Central Texas College. Provides support and technological expertise in identifying problems with students and faculty having difficulty logging into LMS and local servers' accounts. Maintains and supports access control to LMS system, e-mail system, and local servers' accounts for Distance Learning faculty and staff. Part of the team responsible for patching, maintaining, hardening, and upgrading Linux servers.

Financial Accounting Network Security Legal Issues in Information Assurance Information Security Management Financial Accounting Theory and Practice I Audit and Regulation of Corporate Financial Reporting Enterprise Security Infrastructure Controls and Regulatory Compliance