Office of Information Security
Consulting & Architecture
Your starting point for information security. We promote, design, and develop secure architecture across Penn State. Our key initiatives include secure enclaves, Authority to Operate, and guideline development. We’re always happy to provide answers and guidance for general security consulting questions. If you have a cybersecurity question and arenâ€™t sure where to start, start with us!
FOCUSED ON YOU
Cybersecurity is a partnership. As a customer-focused group, we work closely with units, colleges, and campuses to promote cybersecurity holistically and collaborativelyâ€“not just as an afterthought or lone project. Our projects vary in scope from large enterprise-wide initiatives to localized college research projects and administrative needs.
If you have any question, concern, or need, please don’t hesitate to reach out to us. We would love the opportunity to partner with you to strengthen cybersecurity across Penn State.
Secure Architecture Design
Need to build a new information system? Want to make sure itâ€™s secure? Our team can give input on how to build a secure system and maintain the integrity of your information.
Subject Matter Experts (SME) for OIS PCI compliance
Our team collaborates with the OIS compliance team to provide the technical expertise required to maintain PCI compliance in your area.
Have a question? Need some input? Our team is here to help you with your project, big or small. We have the right expertise to guide you through any challenge.
Subject Matter Experts (SME) for projects
Have a local project that involves any technology? Our experienced staff can sit in on project meetings to help you find a secure and compliant solution.
Office 365 Security
We work to promote secure solutions within Office 365. Allowing Level 3 and Level 4 data in O365 is our current area of research and focus.
Requests for Proposal (RFP)
Looking to source new services, hardware, or software? Our team can help you work through the security side of an RFP.
Partnering with the EIT cloud team, we can help you understand and design your system for the cloud.
GET US INVOLVED
Consulting & Architecture offers consulting for a wide array of cybersecurity projects, services, and initiatives. Don’t see what you need here? Email firstname.lastname@example.org; we can help or find the right contact person for you.
Working on an ATO or enclave? Please reach out to use through your existing ATO record in ServiceNow, or email email@example.com.
Meet our team
Information Security Architect
Focus areas: General security consulting, cloud architecture, Office 365 security, PCI-DSS, information classification, Authority to Operate, secure enclave design and build, presentations, enterprise initiatives, requests for proposals (RFP), standards guidance, secure network, and system architecture.
Kyle is the team lead for the Consulting & Architecture group. He has worked at Penn State for 10 years and has been involved with the Office of Information Security for eight years. During his time at OIS, he worked on a variety of key initiatives and services as an analyst and engineer before becoming the Information Security Architect. Kyle believes in balancing security with usability to support the goals of the University and that security cannot be a one size fits all approach. He enjoys building relationships with University personnel to understand their needs and help design approaches that are both secure and allow work to continue without introducing unnecessary complexities.
Cyber Information Assurance Analyst
Focus areas: Enterprise firewall, secure the border initiatives, general security consulting, Office 365 for level 3 and 4 data, requests for proposal (RFP), exemptions and exceptions, change advisory board, incident response, secure information system design, SME for security projects.
Randy has spent the majority of his 20 years at Penn State working in information security. He was part of the first central security team that was formed at Penn State which was the precursor to other iterations of security at the University. Prior to his time at Penn State he was employed by a large defense contractor. He has an extensive background in secure infrastructure, intrusion detection, and system design. Randyâ€™s experience and expertise allows him to apply a wealth of knowledge into helping consult on and design systems that are not only secure but also meet the needs and challenge of complex university environments.
Cyber Security Systems Engineer
Focus areas: Infrastructure design and build, Cloud initiatives and infrastructure, cloud enclave design and build, application and system logging with Splunk, data centers, next gen firewall technologies, core networking, general security concerns and initiatives, requests for proposal (RFP), Office 365 for level 3 and 4 data.
Andy is a Cyber Security Systems Engineer with the Consulting & Architecture group within the Office of Information Security. Andy has worked for Penn State for over 5 years and has a deep background in systems administration, infrastructure, and network technologies and designs. Before coming to OIS, Andy worked in Penn State IT on the Windows administration team and also oversaw the management of the central Splunk instance. Andyâ€™s strong background positions him and the Consulting & Architecture group in a unique position to blend security with the operational needs to develop approaches to security that take all aspects of the information system into account.