Resume

To download this file as PDF, click here

James Jardine

Jacksonville, FL
Phone: 904-638-5431  E-Mail: james@jardinesoftware.com
http://www.jardinesoftware.com
https://www.developsec.com

Experience

Principle Consultant/Owner – Jardine Software Inc.                                                                   1/2004 – Present

  • Provide developer related security advice to clients.
  • Provide security training for clients.
  • Perform research into .net security.
  • Perform penetration testing and vulnerability assessments for clients.
  • Perform application security program assessments for clients.

Senior Information Security Analyst – Fidelity National Financial                                                                    8/2015 – 6/2016

  • Improve and mature the secure development lifecycle.
  • Review software architecture to provide security feedback.
  • Work with developers and QA to assist with security findings from internal and external assessments.
  • Review findings from WhiteHat, Veracode and other vendors to prioritize the risk for development to address the issues.
  • Provide overall application security guidance to the enterprise.

Principal Security Consultant – Secure Ideas LLC.                                                                    5/2012 – 8/2015

  • Participate in Web, Network, Mobile and Physical penetration tests.
  • Perform Social Engineering assessments and Security Architecture Reviews for clients.
  • Lead a group of security consultants on a daily basis.
  • Provide training and presentations to the community and clients on security related topics.

Instructor – SANS Institute                                                                      7/2011 – 1/2014

  • Teach in-person and online courses – DEV544: Secure Coding in .Net.
  • Authored portions of the DEV544: Secure Coding in .Net course.

Information Security Engineer IV – Wells Fargo Inc.                                                                 4/2011 – 5/2012

  • Perform secure code reviews for .Net applications.
  • Used Fortify to assist in performing code reviews.  Also created custom Fortify rules.
  • Rated findings for overall risk based on company defined standards.
  • Create custom code review reports for the application owners.
  • Researched .Net security related topics.

Application Security Engineer – Lender Processing Services                                                       5/2009 – 4/2011

  • Performed manual Secure Code Reviews .Net applications.
  • Perform vulnerability assessments/penetration tests as required for winform and web applications using common testing tools (Reflector, Burp Suite, ILDASM, Web Scarab, and Fiddler)
  • Train developers and QA on Secure Coding techniques
  • Perform root cause analysis on vulnerabilities for large number of applications.
  • Worked with White Hat Security and Veracode to test selected applications.
  • Acted as Development Manager, overseeing 12 developers, for 9 months before transition to the Information Security Office.

Software Developer II – Modis                                                                                                   2/2009 – 5/2009

  • This was a contract position for Lender Processing Services as a Developer for a high transaction web application.

Senior Software Engineer / Architect – GeoAge Inc.                                                                   4/2004 – 1/2008

  • Designed and Led the development for the premiere product (FAST) for the company.
  • Created WinForm and Web applications using .Net and SQL
  • Mentored developers on secure development techniques.

Senior Software Engineer – Ajilon Consulting                                                                          6/2005 – 10/2005

  • Converted FoxPro logistics application to a .Net winform application using VB.Net and Infragistics controls.

Software Engineer – Allstate                                                                                                       9/2003 – 4/2004

  • Analyze, design, develop, test and support of new applications using C#, ASP.Net, VB6 and SQL.
  • Support and upgrade of client/server applications using VB6, SQL 2000 and Life 70 Mainframe.

Projects

DevelopSec

DevelopSec is a focused on maturing security in the software development lifecycle (SDLC) and engaging everyone involved in developing applications in learning about security.
Website: https://www.developsec.com
Podcast: http://developsec.libsyn.com

Down the Security Rabbithole Podcast

Down the Security Rabbithole is a podcast dedicated to enterprise security created by Rafal Los (wh1t3rabbit). The weekly production consists of alternating weeks of weekly news and interviews with professionals in the industry.
Podcast: http://podcast.wh1t3rabbit.net

Certifications

CSSLP, GSSP – .Net, MCSD, MCAD

 

Education

A.A. General Studies – University of North Florida                                                                         2003 – 2009

I completed the general studies required by all college students.  I choose electives relating to Information Technology (Intro to C, Intro to OOP, COBOL).

A.S. Electronic Engineering Technology – ITT Technical Institute                                                    1997 – 1999

I studied electronics with a great amount of hands on lab experience working with circuit boards.  I was a member of the National Technical Vocational honor Society and graduated class Valedictorian.