Keyvan Ejtemai

Chairman and CEO

Keyvan Ejtemai is an entrepreneur who founded the IT Professional Group in 1998 to deliver high caliber information technology education, certification and consulting services. Under his leadership, the company has grown and evolved into the ITPG family of companies, with diverse and distinct businesses focused on information security, Governance Risk and Compliance, and training, education and certification programs. Ejtemai also has launched successful businesses in other industry sectors.

Prior to ITPG, Ejtemai spent 15 years in information technology, serving governments and businesses on a global scale. As a senior systems engineer at Lockheed Martin, he managed technical projects including network configuration and implementation, application development and testing, and pre-sales engineering.

Ejtemai also has held IT management positions in higher education. He managed IT procurement, installation and training as head of Towson State University’s Computer Research Lab and served as a certified instructor and curricula developer for information technology at Strayer University.

Ejtemai earned a Bachelor’s degree in Computer Sciences from Towson State and is a Microsoft Certified Systems Engineer (MCSE).


Marc Thompson

Executive Vice President

Marc Thompson is executive vice president of ITPG in charge of the company’s training and education businesses. He is an accomplished marketing and sales executive with a history of building successful businesses.

Since joining the company in 2001, Thompson has overseen the multimillion dollar growth of client (ISC)2, the global leader in educating and certifying information security professionals, and expanded ITPG’s credential-building business into other professions and industries.

Prior to joining ITPG, Thompson held senior management roles at technology companies such as TimeBridge Technologies and Delta Microsystems. As executive vice president of business development, he was responsible for the growth and ultimate acquisition of TimeBridge by Dimension Data. As executive vice president over product development, marketing and sales, he launched an IT certification training business that increased revenue by 1600 percent.

Thompson also served as founding executive of Potomac College, and created two technology radio shows: “Tech-Talk” on ABC Radio and “The Computer Tutor” on CBS Radio. He received his Bachelor’s Degree in Computer Science from Georgetown University.


Don Cochran

VP, Business Development

Don Cochran is ITPG’s vice president of Business Development, in charge of customer acquisition, revenue generation, partnerships and channel sales. Over his 25+ year career, he has provided a broad spectrum of enterprise security / risk management solutions to large multi-national clients in the financial services, energy, health and transportation industries, and to the federal government.

Cochran has managed the security of all systems that protected, processed or stored our nation’s nuclear war plans. He has led development of a not-for-profit security awareness consortium and ANSI accredited certification program. His career also includes information security positions at CSC, SAIC, and the US Air Force (SAC/STRATCOM).

Cochran is highly skilled at breaking down complex technical and business requirements to communicate effectively with external and internal clients and stakeholders at all levels. His extensive experience enables him to perform SME responsibilities for IT security-related matters throughout the acquisition process.


Frank Shirmo, CISSP, CCSP,CSSLP, CMDSP, PCI-QSA

Chief, Technology and Information Security Practice

Frank Shirmo joined ITPG in 2010 to lead cyber security initiatives and security program development for commercial and government clients. He is an accomplished IT security veteran with a career that has spanned all phases of the information security life cycle.

As a Chief Technology Officer, Vice President of Engineering, and General Manager and Director of an Information Security Practice, Shirmo has had overall responsibility for software product portfolio strategies, software product line maintenance and IT security services offerings. He is well-versed on various platforms, technologies, protocols, frameworks and standards.

Frank has hands-on experience overseeing security code reviews, threat modeling, attack surface analysis and security testing. He has also acted as the Program/Project Manager on small and large-scale vulnerability assessment and penetration testing projects.

Shirmo earned his B.S and M.S in Computer Science and Engineering from Towson University and Loyola University, and pursued a Doctorate in Management and Leadership at the University of Maryland. He also serves as a CISSP instructor for certification training of information systems security professionals.


David Kim, CISSP, PCI-QSA

Senior Vice President, Security Governance Risk and Compliance

David Kim is SVP and principal consultant for ITPG’s Governance Risk and Compliance practice. He works with CIOs, CEOs and boards to help assess their organizations’ security risk and compliance gaps, strengthen their security posture, mitigate and remediate vulnerabilities, and help them prepare and pass security compliance audits.

Kim is a recognized expert on U.S.-based compliance laws and their requirements for information security, privacy, and implementation of proper security controls and safeguards. He is certified by the Payment Card Industry (PCI) Council as a Qualified Security Assessor and has extensive knowledge of HIPAA, GLBA, FFIEC, NIST 171 and FERPA compliance requirements.

During his 30-year career, David also has served as Virtual Chief Information Security Officer (vCISO) for organizations without a CISO that need network security leadership and guidance. He has advised and guided organizations in healthcare, financial services, retail, education, manufacturing, and transportation sectors.

David is an active speaker and presenter at conferences and trade shows, on security issues including data breach readiness, incident response, and business continuity plans. He also co-authored several books including Fundamentals of Information Systems Security.


Claude Williams, CISSP, CBCI, CHFI, EDRP, ECIH, CASP

Principal, GRC Consultant Practice

Claude L. Williams is a world-class consultant servicing the US DoD, US Civil Government agencies, and the private sector with Cyber Security and related IT governance, risk management, and compliance services. Complementary areas of expertise are in business continuity, data privacy, corporate compliance, and cloud-based security solutions.


Ade Odutola, CISSP, CISM. CISA, CRISC, PMP, CIPP/US, CIPP/G

Vice President, Cyber & GRC

Mr. Odutola has over 20 years of experience providing Cybersecurity and Information Technology (IT) Risk Management and Compliance consulting services to public sector (Federal and State Governments) and a broad range of commercial organizations (Fortune 100, SME and startups) across the globe. He has a proven track record of developing, implementing and maintaining Governance, Risk, and Compliance (GRC) and cybersecurity solutions and training.

Earlier in his career, Mr. Odutola worked for over a decade at Deloitte, a global consulting firm. As a senior manager at Deloitte, he led global teams working on multiple enterprise-wide cybersecurity and GRC projects for Financial services (Citi, JP Morgan Chase, Wells Fargo) and Healthcare/Pharma institutions, Biotech and Technology, Media and Telecommunications (TM T) firms. Prior to his time at Deloitte, he was at Cap Gemini Ernst & Young, where he provided Project management, IT risk assessment and Oracle database security consulting services for a variety of clients. He also served as an adjunct professor of Computer Information Systems (CIS) at Strayer University, teaching graduate and undergraduate students.

Mr. Odutola has experience guiding organizations completing comprehensive cybersecurity and data privacy assessments and leading teams in Information Assurance (IA) and cybersecurity operations. He is instrumental in providing managerial and technical leadership relating to system cybersecurity certifications and accreditations.

Mr. Odutola holds a Bachelors (Honors) degree from the University of Lagos, and a Master of Business Administration (MBA) (minor in Information systems) from Durham University in the United Kingdom. He possesses the following industry certifications: CISSP, CISM. CISA, CRISC, PMP, CIPP/US, and CIPP/G. He is an active member of the Information Systems Audit and Control Association, (ISACA), International Information System Security Certification Consortium, (ISC2), International Association of Privacy Professionals (IAPP) and the Project Management Institute (PMI).


Sharon Smith, CISSP

VP, Cybersecurity Strategy and Advisory Services

Sharon Smith, CISSP, leads the Cybersecurity Strategy and Advisory Services group for ITPG. Since 2005 Sharon has worked globally with companies from a single location to Fortune 100 providing consulting and advisory services around their security and compliance initiatives. Sharon has previously held the CISA, CEH, CFE, and PCI-QSA certifications.

Sharon’s past work has spanned a broad security spectrum as a security consultant, auditor, and advisor. She has conducted security and compliance assessments for SOX, HIPAA, and PCI, along with organizations internal compliance initiatives and general security concerns.

She has seen 100s of ways to implement security and 100s of ways not to implement security. She understands what works and what does not work and brings this depth and breadth to your organization. Sharon understands the challenges of the security industry and the adversity the security professional is up against, especially the encounters that the CISO, CSO, and other security executives deal with every day. She not only understands the technology they work with, but also the challenges in getting business buy in and support. Sharon is gifted in taking technical and complex topics and communicating them to the business and non-technical side in a way that makes sense and bridges the typical communication gap among these groups.

Because Sharon expanded her education in the area of professional coaching she also has a deep understanding and appreciation for the culture that is needed to keep a security team engaged and productive. In addition to working with organizations on security strategy, Sharon helps these executives create effective messaging and a culture of security throughout their organizations.

Sharon received her BBA in Accounting from Eastern Michigan University and her Masters in Forensic Science, High Technology Crimes from The George Washington University