- Affiliation: (ISC)<sup>2</sup>
Mano Paul is (ISC)2 appointed software assurance advisor and is a seasoned veteran in the discipline of information security, software assurance and software development, with responsibilities that include designing and developing security programs from compliance to coding, security in the software development lifecycle, and providing risk management, security strategy and security awareness and education. He is the CEO and founder of SecuRisk Solutions, which specializes in security product development and consulting, and Express Certifications, a professional certification assessment and training company.
Before founding his two companies, Paul worked for Dell, Inc. in a variety of security and software positions, including software developer to technical architect, global application security consultant, senior global security program manager, and workforce strategist for both IT and the business. He is a contributing author for the Information Security Management Handbook, writes periodically for information security and certification magazines, and has participated in and contributed to several security articles for the Microsoft Solutions Developer Network (MSDN).
Additionally, Paul has been featured at numerous security conferences around the world as an invited speaker and panelist, delivering keynotes and talks to such conferences as CSI, SC World Congress, Burton Group Catalyst and OWASP. He is also an appointed faculty member and served as the industry liaison for the Capitol of Texas Information Systems Security Association (ISSA) chapter.
Paul is a Certified Secure Software Lifecycle Professional (CSSLPCM) and Certified Information Systems Security Professional (CISSP2), both (ISC)2 certifications. He also holds the MCAD, MCSD, CompTIA's Network+ and ECSA certifications.
Paul has already undertaken a number of tasks for (ISC)2, including creating the online self-assessment tool known as studISCope, authoring the upcoming Official (ISC)2 Guide to the CSSLP, collaborating on the development of the CSSLP curriculum, establishing and fostering relationships between (ISC)2 and other professional security organizations, and writing several white papers underscoring the need for software assurance. In his software assurance advisor role, he will continue many of these pursuits in addition to speaking engagements and other opportunities as they arise.