Corporate Risk Solutions

Philip S. Sobol, CISSP, CISA, C|EH, CSSA, IAM, CNA, Has Completed Fundamentals of Auditing for NERC Compliance Course
Senior Security Consultant

Professional Experiences

Phil Sobol joined Corporate Risk Solutions in March 2002, as a Senior Security Consultant specializing in cyber security, penetration testing and technology-based computer forensics investigations. Mr. Sobol is also a recognized expert in critical infrastructure security in the area of NERC CIP standards compliance.

His responsibilities include: Security Risk Assessments and Analysis; Development of Security Risk Mitigation Strategies; Development and Implementation of Cyber Security Standards; Penetration Testing and Assessments; Computer Forensic Investigations; Cyber Security Governance Programs; Sarbanes-Oxley IT Security Compliance; Computer and Security Systems Audits; Technical Business Continuity Planning; Corporate Information Security Programs; Security Awareness Training Programs; IT Systems Risk Assessments and Policy and Practices Research and Development.

Certifications

• Has Completed Fundamentals of Auditing for NERC Compliance Course
• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Auditor (CISA)
• Certified SCADA Security Architect (CSSA)
• Certified Ethical Hacker (C|EH)
• NSA Certified InfoSec Assessment Methodology (NSA-IAM) Professional
• Certified Novell Administrator (CNA)

Mr. Sobol is a Certified ProWatch Security System Programmer and Administrator and a Certified Lenel Security Systems Programmer and Administrator. Mr Sobol is also trained in Project Management, AutoCAD and Computer Forensics.

Mr. Sobol is an active member of the Information Systems Security Association (ISSA), the International Information Security Certification Consortium (ISC)2, the Information Systems Audit and Control Association (ISACA), the FBI InfraGard program and the High Tech Crimes Investigation Association of Kansas City (HTCIA). He is an observer with the Kansas Critical Infrastructure Protection Working Group which is comprised of electric utility companies in the states of Kansas and Missouri as well as the NERC Critical Infrastructure Protection Committee (CIPC).