Jean Guy Rioux, Jr. CD

I am a Cyberist. Best described, a Cyberist is someone with a dynamic career who plays a vital role in the community and broader society protecting information and systems we care about and rely on in our daily lives—in my case, consulting and training people to be proactive with cyber and data security.

Focusing on implementation and maintenance of Enterprise Information Technology Systems, with emphasis on Information Security awareness, training, and internal audit. Also included Cyber Intelligence through seminars or education programs, in addition to development, assessment, and implementation of rule-based auditing, governance capabilities, and risk mitigation. Insightful in implementing and maintaining awareness, training, and second-party auditing of Payment Card Industry Data Security Standard (PCI DSS).

Project management for protecting and securing information systems and resources based on internationally recognized standards. Consult to anticipate and mitigate strategic risks to counter threats that affect mission-critical ICT infrastructure and business continuity through developing, assessing, and implementing rule-based technologies, governance, and standards. I strongly support proven, cost-saving, sustainable, security-relevant Open Source applications and international standards. My areas of operations were the Middle East, Africa, and Asia Pacific for the following matters and companies:

ISO 27001 and PCI implementation consultant to GRC 360 (UK).

InfoSec consultant and trainer to LiquidNexxus (UK)

Common Criteria (ISO/IEC 154080 subject-matter (SME) expert to Innosquared (Germany)

ISO 28000 lead auditor to ERAM International (KSA) and Gucci (Italy)

Japan technologies SME to Coleman Research (HK)

InfoSec and PCI DSS senior consultant to GRC (Thailand).

Information Collection Management System field support (undisclosed, EU)

Transferred from Japan to develop and manage AP marketplace for Information Security Management System (ISMS) assessment (auditing) services in financial and banking industry. Responsibilities included assessing compliance as Qualified Security Assessor (QSA) for Payment Card Industry Data Security Standard (PCI DSS) and as Lead Auditor for ISO 27001 (Information Security Management System). In addition, I provide consulting services as subject-matter expert for ISO 38500 (Corporate governance of information technology). Furthermore, I support ISO 28000 (Security management systems for supply chain) audits in South-East Asia region as Lead Auditor and conduct TAPA Freight Security Requirements (FSR) and Truck Security Requirements (TSR) certification service.
Also, provide auditing and consulting services for Business Continuity Management (Singapore Standard 540) and Green Data Centre (SS564); and provide ISO 31000 (Risk Management) consulting services.

Managed and operated the Common Criteria Evaluation Laboratory (CCEL – ISO/IEC 15408). Oversaw ICT Security Techniques and Evaluation Consulting Services. I served as Information Security Management System (ISMS) Lead Auditor and PCI DSS Qualified Security Assessor (QSA). I led international Information Assurance projects to research and model ICT risk and security life-cycle principles. Additionally, I established evaluators' skills criteria and training programs and contributed to developing global, regional, and local standards and regulations. I perform ISO 28000 (Security Management Systems for the Supply Chain) audits. Lead Auditor and Senior Consultant for ISO 19092 (Financial services – Biometrics - Security framework), ISO 22307 (Financial services - Privacy impact assessment), ISO 27033-1 (IT - Network security), ISO 27005 (IT - Information Security Risk Management), and ISO 31000 (Risk Management).

Founded ICT consultancy that specialized in assessing, developing, implementing, and managing risks of secured information systems; provided technology and service sourcing, outsourcing services, assisted merging technologies, and developed strategic business and technology alliances and partnerships; provided subject matter expertise and services to European, North American, Japanese and Gulf region firms; and supported business and technology intelligence for multiple firms.
Significant clients: Ayala, EWA, FAST, Fujitsu, Globe Telecom, Hitachi, HSBC, IBM Japan, Infosys, Matsushita, Mitsubishi, Sakura Bank, Sanwa Bank, SEI, Sumitomo Bank.

Assistant General Manager (Technologist),-International Business (03-1994 to 12-1997): Managed merging of Telecom and computer technologies, initiated cross-industry product alliances and outsourcing, and secured global technology agreements, along with several international business partnerships. In addition, I established Iwatsu's R&D centre in San Jose, California, to maximize alliances with American and Canadian companies and acquire new technologies and software development methodologies with North American universities. Manager-New Business Development (Lead Engineer) (03-1993 to 03-1994):

Organized a 12-members cross functionality team into the New Business Development department; lowered product development's operating costs through better sourcing and commonality usage; improved new product quality through enhanced programming method; and significantly sped new cross-technology ideas to marketplace Team Leader (Lead Engineer),

R&D Wireless Communications Systems (08-1990 to 03-1993):

Developed "Technogenesis Principle" for computer telephony, resulting in two derivative patents for Iwatsu; developed first print-band internal antenna for cellular phone, and worked as Lead Engineer on the first 'follow-me' digital smartphone network Wireless Infra-red Communication System (WICS).

I worked on various classified Electronic Warfare (EW) and Signal Intelligence (SIGINT) projects in Canada and the United States.

Assisted in the R&D of an Independent Speaker and Language-Recognition System on behalf of North American Security and Law Enforcement agencies for intelligence and commercial applications; SME in developing the Canadian Electronic Warfare Operation Centre.

Served as Signal Intelligence (SIGINT) Analyst and Electronic Warfare (EW) Technologist; developed, deployed, operated, and commanded a broad range of sophisticated SIGINT and EW-related applications and systems on land, air, and sea-born platforms in North America and Western Europe (NATO).