Zachery S. Mitcham

Wilmington, NC 28409

zmitcham@g.harvard.edu

 

  View Zachery Mitcham's profile on LinkedIn

CHIEF INFORMATION OFFICER * CHIEF INFORMATION SECURITY OFFICER * EXECUTIVE DIRECTOR


EXECUTIVE PROFILE

Information Technology Security ~ Network Design ~ Strategic Planning

Technology and business visionary with executive and hands-on experience in automating multi-million dollar enterprises. Strong record of success in deploying robust IT security architecture and infrastructure. Documented ability to bring the benefits of IT to solve business issues while managing costs and risks. Led deployment of custom healthcare network communications systems. Over 27 years of information technology experience with emphasis on e-commerce and operational compliance. Provided strategic direction to board of trustees, board of directors and senior management on technological issues and challenges.

  • Technology Architecture and Integration                                                                     * Leading Edge WAN/LAN Design

  • Global IT Delivery and Project Management                                                               * Electronic Commerce Strategy Development

  • Budgeting and Cost Control                                                                                            * Staff Management and Team Builder

  • Organization and Staff Development                                                                            * Strategic Analysis and Internal Consulting

Dynamic management career with strong leadership, consistent track record of excellence, problem-solving, planning, team-building and project management skills. Recruited, developed, motivated and retained diverse staff structuring them into teams that delivered results and savings. Full responsibility for return on investment (ROI) and managing multi-million dollar budgets. Proven record of department profitability and cost savings realized within various business enterprise settings.


EMPLOYMENT HISTORY

  • Chief Information Security Officer

    University of North Carolina Wilmington, 601 South College Road, Wilmington, NC 28403                  (06/2006 - Present)

     

  • Department Chair

    State of NC-Public Schools of Robeson County, 11344 Deep Branch Road, Pembroke, NC 28372       (12/2003 - 06/2006)   

     

  • Director, Network Services

    New Hanover Regional Medical Center, 2131 South 17th Street Wilmington, NC   28401                      (04/2001 - 08/2003)

     

  • United States Army Field Grade Officer (Systems Automation Functional Area)

    United States Department of Defense (Army), 200 Stovall Street Alexandria, VA  22332                       (03/1981-06/2001)

     

  • Social Service Case Manager

    Division of Family and Children Services, Macon, GA  31201                                                                         (1980-1981)

     

  • Social Service Case Manager

    Medical Center of Central Georgia, Macon, GA  31201                                                                                    (1977-1980)

 


PROFESSIONAL EXPERIENCE

 

University of North Carolina, Wilmington, NC                                                                                    Chief Information Security Officer

  • Established the University of North Carolina Wilmington's first full service Information Technology Security Department consisting of 4 Full Time Equivalent IT Security professionals with associated forensics tools and information security equipment.

  • Directs, manages, plans and administers the operational and administrative activities of a full service IT security department.

  • Develops, implements security standards, procedures and guidelines for multiple platforms and diverse systems environments.

  • Prepares responses to NC State inquiries regarding UNCW information security related matters on behalf of the Chancellor

  • Reviews the development, testing and implementation of security plans, products and controls techniques

  • Identifies and assesses IT security risk/ exposure on new and existing infrastructure

  • Investigates and recommends appropriate corrective actions for IT security incidents .

  • Develops and maintains security policies, controls and their compliance.

  • Analyzes security incidents and escalation of security events.

  • Liaises with customers with regards to information security incidents.

  • Develops cutting-edge, innovative solutions for IT network security.

  • Studies the proliferation of viruses; prevent hacker intrusion.

  • Conducts active penetration tests; discovers vulnerabilities in information systems.

  • Overall responsibility for the University's central data security and privacy policies, architecture, and procedures.

  • Prepares on-line and hard-copy documentation of University security plans and procedures.

  • Works with constituent groups to create, document, implement, and manage policies, procedures, and practices that ensure the availability, integrity, and privacy of information asset on centrally managed computer systems.

  • Works with functional groups and staff in the creation of guidelines to ensure the security and privacy of information on the University's computer systems.

  • Assists the University in its compliance with relevant information technology laws and policies.

  • Develops and implements the overall information security strategy and architecture to be used by the University's centrally managed systems developers and administrators.

  • Serves as facilitator of the Computer  Security Incident Response Team (CSIRT) working in collaboration with other UNCW constituencies, such as University Council and University Police, concerning information security and privacy incidents.

  • Serves as liaison between CSIRT, University administration, and department representatives to maximize the adoption of and support for IT security plans and procedures within UNCW.

  • Maintains expertise in security-related technologies, trends, issues, and solutions.

  • Investigates security needs, and recommends, plans, implements, tests, and monitors information security improvements.

  • Plans and coordinates information security investigations, feasibility studies, and surveys, to include cost-benefit evaluations of proposed and existing security solutions.

  • Provides instruction and information security awareness training for a Faculty, Staff and Student body consisting of over 14,000 end users. 

  • Insures State of NC regulatory requirements with respect to information security procedures and their application are adhered to.

  • Participates as appropriate in the planning and implementation of hardware and software.

  • Maintains a broad knowledge of state-of-the-art information technology security equipment, and systems.     

  • Instrumental in the facilitation of the Information Technology Systems Division (ITSD) operational change management program                                                                         

New Hanover Regional Medical Center, Wilmington, NC                                                                      Director, Network Services

  • Provided executive leadership as head of the network services section of the fifth largest healthcare delivery network in the state of North Carolina.

  • Provided principal direction for all aspects of strategic IT planning, implementation and support network wide as an integral component of the hospital business plan.

  • Engineered the turnaround of the network services performance and service levels.

  • Prepared technical briefings and presented them to enterprise senior leadership and Board of Trustees.

  • Transformed network services into a strategic business partner.

  • Managed and delivered multiple large scale projects on time and within budget.

  • Directed all budgeting activities, design and support of all technology.

  • Successfully managed an Operations and Capital Budget totaling over $3.5 Million dollars for a network services department supporting the infrastructure of a 660 bed hospital with over 4000 employees.

  • Provided budgetary control and cost reduction in information systems in excess of $200,000 dollars annually.

  • Supported the mission and goals of New Hanover Health Network (NHHN) in a dynamic, evolving environment, while supporting a strategic vision/plan for information technology.

  • Established credibility with the Senior Management Team and executives across the health system.

  • Supported business growth, add value and improve the information systems environment by managing over 300 information technology projects

  • Developed and implemented a project methodology and coordinate projects across all departments.

  • Developed a technically competent, proactive, customer-service oriented, high-performance team .

  • Created teams that are technically perceptive and have a solid understanding of business processes.

  • Established vision and built consensus for information technology endeavors

  • Functioned as a partner with the Chief Information Officer, assisting and collaborating as appropriate.

  • Maintained oversight and coordinated the day-to-day operations of the information technology systems for New Hanover Health Network, including application development and support, operations, and data networks.

  • Worked in collaboration with others that reported to the Chief Information Officer to ensure smooth and effective operations across the health system.

  • Led the deployment and maintenance of all enterprise hardware for New Hanover Health Network.

  • Developed and fostered a culture of responsive customer oriented services and internal accountability.

  • Taught and mentored project managers and staff on how to apply standards, tools, and methodologies while delivering high quality business focused customer service.

  • Provided technical expertise on systems, market trends, technology directions, and product directions.

  • Established performance measures to ensure project managers and staff are accountable and compliant in project planning, risk and issue management, processes and procedures, and change management.

  • Worked with the Chief Information Officer, developed and communicated the New Hanover Health Network information systems vision to all levels of the organization.

  • Planned, developed and deployed New Hanover Health Networks' first 802.11 wireless network converting it from a PROXIM open air system to an IEEE 802.xx standard architecture

  • Managed the activities of 22 full-time employees - Project Managers, Telecommunications Support Technicians, Network Engineers, Systems Analyst, Computer Support Specialists and Help Desk.                    

U.S. Army Bosnia-Herzegovina Task Force Eagle HQs Tuzla                                     Information Technology Director

  • Supervised automated information processing for units, installations, and activities within the United States Multi-National Division area of responsibility in Bosnia-Herzegovina.

  • Advised commanders and staff on computer information systems policy and technical matters.

  • Planned and managed the integration of hardware, software and data communications at the user interface level.

  • Supervised the installation, operation, and administration of all computer systems and local area networks at all organizational levels to include combined, joint and service agencies.

  • Translated mission needs into computer systems requirements and helped to define functional requirements.

  • Evaluated and optimized efficiency of computer network resources.

  • Performed economic analysis, planned, programmed, and budgeted for information systems resource requirements (equipment, people, and facilities).

  • Developed and implemented procedures for the local procurement, storage, and distribution, and control of commercial computer system products.

  • Managed computer information systems resources, maintenance programs, and logistics support.

  • Established procedures for effective and efficient use of computer systems resources.

  • Developed, implemented and managed data base management systems and local area networks.

  • Established and prioritized computer systems goals and objectives.

  • Wrote and maintained security accreditation plans for computer systems.

  • Developed and managed information security procedures.

  • Configured and maintained security fire walls.

  • Provided networking security for one of the largest WAN in the world.

  • Developed and coordinated procedures for contingency operations during system emergencies, outages and degraded operations, or downtime for maintenance.

  • Designed and maintained the installation of web sites at major organizations and commands.

  • Developed and conducted customer education programs.

V Corps Headquarters, Intelligence (G2) Heidelberg, Germany                                           Director, Information Systems Security

  • Certified all Department of Defense Intelligence Information Systems within the sensitive compartmented information facility (SCIF).

  • Provided security for the sensitive compartmented information systems (SCIS) within the largest U.S. Army forwarded deployed headquarters.

  • Drafted intelligence systems security policies and procedures for operations within a multi-national environment.

  • Analyzed foreign intelligence cyber threats against sensitive Department of Defense agencies.

  • Identified operational sensitive compartment information systems vulnerabilities and applied necessary fixes.

V Corps Headquarters, Information Technology (G6) Heidelberg, Germany                    Director, Information Systems Integration

  • Planned and coordinated all systems automation support for a 30,000 person organization.

  • Forecasted and designed baseline automation security systems architecture to meet the mission requirements of corps headquarters.

  • Operationally tested and evaluated new systems software and hardware.

  • Trained all information management officers (IMO) throughout the corps

  • Managed the activities of two senior level managers

  • Developed and maintained oversight of the Corps $20 million dollar systems automation budget.

  • Executed the Corps systems automation operation spending plan.

Division Support Command, Fort Riley, Kansas                                                Director, Logistics Information Systems

  • Provided logistical automation support to a 16,000 person organization for Standard Army Management Information Systems (STAMIS).

  • Managed and directed the operations of three staff sections consisting of 16 full time employees.

  • Maintained logistics information systems totaling over $2 million dollars.

  • Installed, operated and maintained over 300 tactical computer systems.

  • Maintained oversight of logistics software development.

  • Prepared and executed the operations plan to deploy the largest rollout of Standard Army Management Information Systems in Fort Riley history.


EDUCATION

CENTRAL MICHIGAN UNIVERSITY, Mount Pleasant, MI

  • Master of Science in Administration

MERCER UNIVERSITY-STETSON SCHOOL OF BUSINESS, Macon, GA

  • Bachelor of Business Administration


PROFESSIONAL DEVELOPMENT

 

HARVARD UNIVERSITY, Cambridge, MA

  • Currently enrolled in pursuit of the Strategic Management Graduate Certificate (Credentials Pending)

STANFORD UNIVERSITY - Center for Professional Development, Stanford, CA

  • Certificate - Computer Security

CARNEGIE MELLON UNIVERSITY - Software Engineering Institute, Pittsburgh, PA

VILLANOVA UNIVERSITY, Villanova, PA

  • Master Certificate - CISSP Advanced Security Management

UNIVERSITY OF CENTRAL FLORIDA- - National Center for Forensic Science, Orlando, FL

  • Certificate - Computer Forensics

UNITED STATES ARMY SCHOOL OF INFORMATION TECHNOLOGY, Fort Gordon, GA

  • Diploma-Information Technology


CERTIFICATIONS 

Certified Chief Information Security Officer (C/CISO) 

  • EC-Council
  • License CC-ZM-48
  • March 2012 to March 2015

CERT-Certified Computer Security Incident Handler Certification 

  • Carnegie Mellon University-Software Engineering Institute
  • License 4927087
  • May 2012 to May 2015

Certified Information Systems Security Professional (CISSP)-pending

North Carolina Department of Public Instruction Teachers Certificate (Active)

Certified Adult Education Instructor (Inactive)


ADDITIONAL INFORMATION

 

NETWORKING:  Cloverleaf SNMP End to End Network Monitoring, Network Security, Network Essentials and TCP-IP, Gigabit Data Transfer technology (Native Mode LAN Interconnection) Fiber optic and CAT 5 cabling plants.

 

SECURITY:  EnCase, Nessus, Computrace, Symantec-Norton Anti-virus enterprise solutions, Identity Finder and NMap

 

ENTERPRISE MOBILITY:  Identity Finder Data Leakage Prevention Systems

 

INTERNET AND TECHNOLOGICAL PROTOCALS: JavaScript, AJAX, Web Graphics, HTML coding, Microsoft Exchange, Internet Information Server, popular web browsers, DNS, DHCP,  PGP, RAS, and Website creation.

 

PROGRAMMING: ADA, Visual Basic and M+

 

SPECIAL SKILLS:  Educator in Christian and Social Ethics, Well versed and traveled throughout Euro-Centric and Asiatic cultures, Working knowledge of U.S. Electronic Communications statutes, court proceedings and Federal Codes with respect to (Electronic Discovery, Electronic Communications Privacy, Identity Theft Protection, Export Administration Regulations, Payment Card Industry Data Security Standards, Health Insurance Portability and Accountability Act, Family Education Right and Privacy Act and the National Incident Management System), Youth mentor, Joint Commission on Accreditation of Healthcare Organizations (JCAHO) preparation, Skilled adult education instructor and trainer. Past recipient of United States of America Secret Security Clearance

 

HONORS, AWARDS, MEMBERSHIPS AND COMMUNITY 2013 McAfee Digital Government Cybersecurity Leadership and Innovation Award recipient; 2010 EC Council Certified CISO Honor Roll; 2009 University of North Carolina Wilmington Excellence Award Nominee; 2003 McKesson Corporation VIP Award; United States Army Meritorious Service Medal - 3 Awards; United States Army Commendation Medal - 4 Awards; United States Army Achievement Medal - 4 Awards; Armed Forces Expeditionary Medal - Bosnian Peacekeeping Mission; Armed Forces Service Medal - Bosnian Peacekeeping Mission; New Hanover County Board of Health; EDUCAUSE-Higher Education Information Security Council (HEISC) Awareness and Training Working Group; University of North Carolina System IT Security Council; UNCW Chancellor's Council on Safety and Security; UNCW Administrative Officer; Cape Fear Community College Information Technology Advisory Committee; State of North Carolina Department of Corrections Community Volunteer (Community Resource Council Chairman); Former member of the New Hanover County Youth Empowerment Services (YES) Advisory Board; American College of Health Care Executives (ACHE);  Association of Military Surgeons of the United States (AMSUS); Former member of the Salt Lake, Aliamanu and Foster Village Community Board - Chairman Community Affairs committee- Honolulu, Hawaii; Former member of the Volunteers of the Heidelberg, Germany Community.

 

PROFESSIONAL TRAINING AND COURSES:  National Incident Management System Training; The University of Tennessee - Knoxville, TN - Strategic Management, 30 Graduate Level Semester Hours; Managing Employees, 4 hrs, 6/2/2003; Disciplinary Process, 3.5 hrs, 8/15/2001; Effective Communications, 5 hrs, 5/21/2001; Employee Relations, 2.5 hrs, 7/15/2001; Management Orientation, 8.5 hrs, 3/02/2002; Management Support Tools, 4 hrs,10/12/2001; Performance Improvement/Problem Solving, 4 hrs, 6/15/2001; Sexual Harassment, 2 hrs, 8/15/2001; Using Data to Make Decisions, 4 hrs, 7/20/2001; Conflict Resolution, 4 hrs, 6/05/2001; Counseling Employees, 5.5 hrs,10/22/2001; Emergency Response Planning for Your Business -Disaster Recovery Course, 8 hrs, 8/2003; Contracting Officer's Representative Course, 9 hrs, 10/15/1985; Personnel/Human Resources Management Course, 244 hours, 12/12/1989; Information Systems Security Course, 24 hrs, 05/21/1999; Emerging Healthcare Trends: The New Economics of Care 3 hrs 3/26/02; Health Insurance Portability and Accountability Act (HIPAA) Security 4 hrs 4/2/02; Bioterrorism Incident Command Training and Drill 8 hrs 8/8/02; Health Safety Training ( Emergency Management, Hazardous Materials/Waste, Life Safety, Medical Equipment, Safety Management, Security, Utilities, Domestic/Workplace Violence, Latex Allergy Awareness, Infection Control: Blood borne Pathogens, TB) 3 hrs 2/19/02; 28 credit hours Combined Graduate and Undergraduate Finance and Accounting Courses.


PROFESSIONAL PRESENTATIONS

 

Mitcham, Zachery S. , WECT News, 1 October 2014, "Expert Weighs In On Cybersecurity Threats to Protect You"

 

Mitcham, Zachery S. and Dr. Laurie Patterson, 15 November 2013, Department of Computer Science, Computer Information Technology Lecture, "Computer Security and Client Privacy"

 

Mitcham, Zachery S. , 17 October 2013, Cape Fear Community College, Cyber-Security Awareness Month Presentation, "Topics in Information Security"

 

Mitcham, Zachery S. and Dr. Mahnaz Moallem, 19 February 2013, UNCW Watson College of Education, Masters of Instructional Technology Lecture, "Security Conscience Computing"

Mitcham, Zachery S., 18 Apr 2012, Wilmington Information Technology Exchange and Conference, "The Enemy Within" an Analysis of Insider Threats to Network Security, UNCW Computer Information Systems

Mitcham, Zachery S. and Dr. Mahnaz Moallem, 7 February 2012, UNCW Watson School of Education, Masters of Instructional Technology Lecture, "Information Technology Change Management Framework"

Mitcham, Zachery S. 5-6 December 2011 EC-Council CISO Executive Summit Panelist, "Implementing a High-Performing Information Security Program", Las Vegas, NV

Mitcham, Zachery S. 5-6 December 2011 EC-Council CISO Executive Summit Panelist, "Managing Insider Threats", Las Vegas, NV 

Mitcham, Zachery S. 12 - 13 September 2011, UNCW Chancellor's Council of Safety and Security Symposium, Program Coordinator and Presenter, Wilmington, NC

Mitcham, Zachery S. 18 May 2011, E Discovery Panelist - The University of North Carolina General Administration System Wide Attorneys Meeting-Center for School Leadership Development ("Electronically Stored Information Collection Methods and Procedures"), Chapel Hill, NC

Mitcham, Zachery S. 8-10 November 2010, "Computer Security Incident Response Framework", UNC CAUSE Conference, Wilmington, NC

 

Mitcham, Zachery S. 4 October 2010, "Emerging Threats to Personal Information Security and Privacy", North Carolina University Auditors Association, Wilmington, NC

 

Mitcham, Zachery S. September-October 2010, "Protecting Portables", EdTech Magazine, CDW-G, Tommy Peterson

 

Mitcham, Zachery S. September 2009 "Information Security in Higher Education", UNCW Chancellor's Safety and Security Symposium, Wilmington, NC

 

Mitcham, Zachery S. 18 November 2008, "Information Technology Tools used by Cyber Stalkers and Other Predators ", UNC CAUSE Conference, Greensboro, NC

 

Mitcham, Zachery S. 17 November 2008, "E Discovery - Planning Considerations for ESI Security and Containment", UNC CAUSE Conference, Greensboro, NC

 

Mitcham, Zachery S., 3 March, 2008, "Information Security and NC Records Management Requirements", 2008 UNC Financial Systems Conference , New Bern, NC

 

Mitcham, Zachery S., 26 October, 2007,"Information Security Planning Considerations for Telecommuting" EDUCAUSE, Seattle, WA

 

Computer Security Incident Handling ("Code Red Virus")

New Hanover Regional Medical Center  Computer Security Incident Response Team

 

 

   

 

PROFESSIONAL REFERENCES