James Blocho

Operations & Support Section Chief

2024 - Current

Responsible for all management functions including: operations, planning, logistics, finance and administration The Operations Section Chief is responsible for developing and implementing strategy and tactics to accomplish the mission objectives. Organizing, assigning, and supervising all the tactical and/or response resources assigned to the institution

NDT/QA Assessor

2024

NDT/QA Assessor

2023 - 2024

Continuous testing/measuring through a series of assessment techniques (PT, UT, MT, RT etc )in order to find vulnerabilities on critical infrastructure Sharing findings, priorities, & remediation options through reports to reduce risks to people, materials, & processes

Adjutant General Officer/HR Operations

2024

"Maximizing operational effectiveness of the total force by anticipating, manning, and sustaining military operations. HR support operations accomplish this by building, generating, and sustaining the force providing combatant commanders the required forces for missions and supporting leaders and Soldiers at all levels."

Officer Candidate

2022 - 2024

Learning to lead in any situation; no matter what the environment is or stakes are

Senior Technical Risk Analyst/Delivery Management

2021 - 2023

-Helping plan and migrate over 6000 servers to a multi-cloud environment. Working with a cross functional team of Resource managers, ITSEC, App Owners, and Executive members to coordinate, discover, communicate, and remediate risks/issues before this transition ie) Corp2Cloud/Data Center Exit initiative -Supporting the planning & implementation of key security functions (SSO/2FA, DR, IAM, Splunk, etc) and tools related to company security policy, vendor security assessments, and overseeing PenTesting & remediation Personal contributions: Helped drive a 36 month program delay within 3 months of joining team, identified overlap in resource planning (lease extension) that eased perceived time constraints, while also finding $13 million under utilized assets for repurpose within Data Center Exit (DCX) and Corp to Cloud (C2C) programs

Cyber Security Specialist

2020 - 2022

Taking the lead in keeping cyber threats away from Air Force and other military computer systems.

GRC Senior Analyst

2020 - 2021

"Local payments for global businesses" Yapstone is the payments platform that powers how the world pays -Owned the BCPDR function of the organization and sat on the IR team with SOC constituents -Lead the development & implementation of the system-wide risk management function of the information security program to ensure information security risks are identified and monitored -Executed strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, PCI DSS, SOC2, NIST 800, GDPR, State exam, etc Personal Contribution: Helped save $900K in resource budget by leveraging features of current tool sets by making adjustments to organizational policy, Reduced redundancy of compliance efforts by unifying IT, Engineering, Security, Legal & HR team while centralizing documentation

Director & Founder

2011 - 2021

This started out as a Best Practices Consulting Service for SaaS based Startups, then turned Hacker Home & Incubator > Micro Portfolio, and then back to freelance consulting when real estate went wild. As a general practitioner, I am open to hearing any current operational issues your organization is having to see how I can help. I used to go by the title of a Strategic Resource Consultant for all SMB and Startup needs. When it comes to cyber security, secure code is the safest code, and best practices keep networks secure. We can help build secure code into your SDLC with our preferred vulnerability management package. These tool sets and processes can save countless hours, dollars, and headaches (engineering retention!!) to traditional security review and fix practices still in use. For security compliance concerns, we do internal audits and prep work for PCI, SOC2, GDPR, ISO 27001 mostly as well as reorganizational work to help work compliance into normal workflows and processes. See more in Project Section below:

Security Operations Specialist

2015 - 2020

Solutions-orientated IT Security Operations Specialist with success directing a broad range of network & application security initiatives to include Vulnerability Assessments, Intrusion Detection & Prevention, Dynamic Application Scanning, Security Engineering, and Business Integration Support This franchise was owed and operated by FOB Miami LLC

Security Program Manager & Product Manager

2017 - 2019

(Formerly Tinfoil Security) Eliminating exploitable vulnerabilities makes it more difficult for attackers to gain access to applications and systems exposed. Founded in 2011, the company’s signature web scanning tool identifies vulnerabilities on web applications and is tightly integrated with DevOps workflows. With its DAST [dynamic application security testing] and API security testing capabilities, they are in a stronger position to help developers and IT security professionals build secure solutions for their organizations.

Technical Risk & Vulnerability Consultant

2017 - 2019

HubHaus is a provider of a shared community platform to solve housing issues in the modern age -Oversaw the planning, implementation, and overall delivery of core security policies and technologies within core applications such as: SSO/2FA, Splunk, Vulnerability Mgt, & PenTesting -Provided awareness to key concerns of operational model while making formal and informal adjustments to organizational policies to access risks through threat modeling