Keyvan Ejtemai

Chairman and CEO

Keyvan Ejtemai is an entrepreneur who founded the IT Professional Group in 1998 to deliver high caliber information technology education, certification and consulting services. Under his leadership, the company has grown and evolved into the ITPG family of companies, with diverse and distinct businesses focused on information security, Governance Risk and Compliance, and training, education and certification programs. Ejtemai also has launched successful businesses in other industry sectors.

Prior to ITPG, Ejtemai spent 15 years in information technology, serving governments and businesses on a global scale. As a senior systems engineer at Lockheed Martin, he managed technical projects including network configuration and implementation, application development and testing, and pre-sales engineering.

Ejtemai also has held IT management positions in higher education. He managed IT procurement, installation and training as head of Towson State University’s Computer Research Lab and served as a certified instructor and curricula developer for information technology at Strayer University.

Ejtemai earned a Bachelor’s degree in Computer Sciences from Towson State and is a Microsoft Certified Systems Engineer (MCSE).


Marc Thompson

Executive Vice President

Marc Thompson is executive vice president of ITPG in charge of the company’s training and education businesses. He is an accomplished marketing and sales executive with a history of building successful businesses.

Since joining the company in 2001, Thompson has overseen the multimillion dollar growth of client (ISC)2, the global leader in educating and certifying information security professionals, and expanded ITPG’s credential-building business into other professions and industries.

Prior to joining ITPG, Thompson held senior management roles at technology companies such as TimeBridge Technologies and Delta Microsystems. As executive vice president of business development, he was responsible for the growth and ultimate acquisition of TimeBridge by Dimension Data. As executive vice president over product development, marketing and sales, he launched an IT certification training business that increased revenue by 1600 percent.

Thompson also served as founding executive of Potomac College, and created two technology radio shows: “Tech-Talk” on ABC Radio and “The Computer Tutor” on CBS Radio. He received his Bachelor’s Degree in Computer Science from Georgetown University.


Glenn Johnson

EVP, Sales and Operations
As Executive Vice President of Education, Glenn is returning to ITPG to grow ITPG Secure Training into a cyber certification education provider for all IT disciplines.

With more than a decade of industry experience, Glenn served most recently as the Senior Manager of McAfee’s Certification Program. Prior to that he was the Senior Business Development Manager at (ISC)2 , and a Senior Certification Consultant with ITPG.

Glenn’s expertise designing corporate training programs, certification exams, and education delivery models will enable ITPG to extend the certification services it has provided to (ISC)2 for the past 20 years, to the entire IT certification industry.


Frank Shirmo, CISSP, CSSLP, CMDSP, PCI-QSA

Chief, Technology and Information Security Practice

Frank Shirmo joined ITPG in 2010 to lead cyber security initiatives and security program development for commercial and government clients. He is an accomplished IT security veteran with a career that has spanned all phases of the information security life cycle.

As a Chief Technology Officer, Vice President of Engineering, and General Manager and Director of an Information Security Practice, Shirmo has had overall responsibility for software product portfolio strategies, software product line maintenance and IT security services offerings. He is well-versed on various platforms, technologies, protocols, frameworks and standards.

Frank has hands-on experience overseeing security code reviews, threat modeling, attack surface analysis and security testing. He has also acted as the Program/Project Manager on small and large-scale vulnerability assessment and penetration testing projects.

Shirmo earned his B.S and M.S in Computer Science and Engineering from Towson University and Loyola University, and pursued a Doctorate in Management and Leadership at the University of Maryland. He also serves as a CISSP instructor for certification training of information systems security professionals.


David Kim, CISSP, PCI-QSA

Senior Vice President, Security Governance Risk and Compliance

David Kim is SVP and principal consultant for ITPG’s Governance Risk and Compliance practice. He works with CIOs, CEOs and boards to help assess their organizations’ security risk and compliance gaps, strengthen their security posture, mitigate and remediate vulnerabilities, and help them prepare and pass security compliance audits.

Kim is a recognized expert on U.S.-based compliance laws and their requirements for information security, privacy, and implementation of proper security controls and safeguards. He is certified by the Payment Card Industry (PCI) Council as a Qualified Security Assessor and has extensive knowledge of HIPAA, GLBA, FFIEC, NIST 171 and FERPA compliance requirements.

During his 30-year career, David also has served as Virtual Chief Information Security Officer (vCISO) for organizations without a CISO that need network security leadership and guidance. He has advised and guided organizations in healthcare, financial services, retail, education, manufacturing, and transportation sectors.

David is an active speaker and presenter at conferences and trade shows, on security issues including data breach readiness, incident response, and business continuity plans. He also co-authored several books including Fundamentals of Information Systems Security.


Sharon Smith, CISSP

VP, Cybersecurity Strategy and Advisory Services

Sharon Smith, CISSP, leads the Cybersecurity Strategy and Advisory Services group for ITPG. Since 2005 Sharon has worked globally with companies from a single location to Fortune 100 providing consulting and advisory services around their security and compliance initiatives. Sharon has previously held the CISA, CEH, CFE, and PCI-QSA certifications.

Sharon’s past work has spanned a broad security spectrum as a security consultant, auditor, and advisor. She has conducted security and compliance assessments for SOX, HIPAA, and PCI, along with organizations internal compliance initiatives and general security concerns.

She has seen 100s of ways to implement security and 100s of ways not to implement security. She understands what works and what does not work and brings this depth and breadth to your organization. Sharon understands the challenges of the security industry and the adversity the security professional is up against, especially the encounters that the CISO, CSO, and other security executives deal with every day. She not only understands the technology they work with, but also the challenges in getting business buy in and support. Sharon is gifted in taking technical and complex topics and communicating them to the business and non-technical side in a way that makes sense and bridges the typical communication gap among these groups.

Because Sharon expanded her education in the area of professional coaching she also has a deep understanding and appreciation for the culture that is needed to keep a security team engaged and productive. In addition to working with organizations on security strategy, Sharon helps these executives create effective messaging and a culture of security throughout their organizations.

Sharon received her BBA in Accounting from Eastern Michigan University and her Masters in Forensic Science, High Technology Crimes from The George Washington University