Kim Jones

Kim Jones holds more than 30 years of experience in information security with 20+ in leadership positions. He is currently the Director of Security Operations at Intuit, Managing Director at Ursus Worldwide, a Professor of Practice at Arizona State University, Affiliate Faculty at Boise State University, a serial Advisory Board Member for multiple well known technical organizations, and an instructor for LDR514: Security Strategic Planning, Policy, and Leadership.

More About Kim


After graduating from the United States Military Academy at West Point with a degree in Computer Science, Kim developed his passion for keeping people safe while serving as an Army Intelligence Officer. Moving into the private sector did not alter that trajectory, rather it increased his commitment to security, risk management, and data privacy.

Throughout his career, Kim has continued to develop as a cybersecurity leader, spending 13 years in “the Big Chair” as CSO for heavily regulated companies in global finance, global business process outsourcing, and payment processing before landing at Intuit, where he has now been for over 2 years. In addition to his full-time work, Kim serves as a virtual CISO or CISO advisor/mentor for several Global 1000 companies.

Kim strongly believes that in order to grow, we must continually invest in training ourselves as well as the next generation. He already teaches for an industry-facing cybersecurity degree program through Arizona State University, so between his decades of leadership roles and subsequent teaching experience, Kim saw no better opportunity to give back to the community and profession that he loves than through teaching for SANS.

He strives to bring as much real-world discussion to his classroom as possible, so students discover the true value of what they are learning. Kim’s goal is to have students end the course able to answer such questions as “Why does this matter?” Theory only gets you so far. Kim gets you farther.

Much of the material does not lend itself to a "right" or "wrong" answer. Rather, it introduces concepts and frameworks which should be applied as part of the decision cycle. Many students who have come up from a highly technical foundation may find the lack of a clear right-or-wrong answer frustrating. Kim explains the reasons and rationale as to why such a state rightfully exists and how to navigate such situations in a strategic and meaningful way.

Kim holds a Master of Science in Information Assurance from Norwich University and several industry certifications including CISM, CISSP, and CDPSE. He is an Advisory Board member for RSAC, GIAC, Digital Times Transformation, and FAIR Institute, and an ISSA Fellow.

When not supporting the industry and its people directly, Kim enjoys spending time with family, reading, martial arts, and role-playing games.