Keyvan Ejtemai

Chairman and CEO

Keyvan Ejtemai is an entrepreneur who founded the IT Professional Group in 1998 to deliver high caliber information technology education, certification and consulting services. Under his leadership, the company has grown and evolved into the ITPG family of companies, with diverse and distinct businesses focused on information security, Governance Risk and Compliance, and training, education and certification programs. Ejtemai also has launched successful businesses in other industry sectors.

Prior to ITPG, Ejtemai spent 15 years in information technology, serving governments and businesses on a global scale. As a senior systems engineer at Lockheed Martin, he managed technical projects including network configuration and implementation, application development and testing, and pre-sales engineering.

Ejtemai also has held IT management positions in higher education. He managed IT procurement, installation and training as head of Towson State University’s Computer Research Lab and served as a certified instructor and curricula developer for information technology at Strayer University.

Ejtemai earned a Bachelor’s degree in Computer Sciences from Towson State and is a Microsoft Certified Systems Engineer (MCSE).


Marc Thompson

Executive Vice President

Marc Thompson is executive vice president of ITPG in charge of the company’s training and education businesses. He is an accomplished marketing and sales executive with a history of building successful businesses.

Since joining the company in 2001, Thompson has overseen the multimillion dollar growth of client (ISC)2, the global leader in educating and certifying information security professionals, and expanded ITPG’s credential-building business into other professions and industries.

Prior to joining ITPG, Thompson held senior management roles at technology companies such as TimeBridge Technologies and Delta Microsystems. As executive vice president of business development, he was responsible for the growth and ultimate acquisition of TimeBridge by Dimension Data. As executive vice president over product development, marketing and sales, he launched an IT certification training business that increased revenue by 1600 percent.

Thompson also served as founding executive of Potomac College, and created two technology radio shows: “Tech-Talk” on ABC Radio and “The Computer Tutor” on CBS Radio. He received his Bachelor’s Degree in Computer Science from Georgetown University.


Alex Buffington

EVP, Sales and Operations

Alex Buffington, ITPG Secure Compliance’s EVP of Sales is a technology veteran with extensive knowledge of the software and payments industries. He leads ITPG Secure Compliance’s sales team as well as all sales operations initiatives.

Prior to ITPG Secure Compliance, Alex served as Director of Sales for Motionsoft, Inc., a leading provider of Software-as-a-Service (SaaS) and financial solutions to the health and wellness industries. While at Motionsoft, Alex was responsible for growing the company’s market share and continuing Motionsoft’s position as a market leader in their industry.

In his spare time, Alex enjoys spending time with his wife and two sons as well as playing several sports. He is also an active volunteer in several organizations in the Washington, D.C. metro area.


Frank Shirmo, CISSP, CSSLP, CMDSP, PCI-QSA

Chief, Technology and Information Security Practice

Frank Shirmo joined ITPG in 2010 to lead cyber security initiatives and security program development for commercial and government clients. He is an accomplished IT security veteran with a career that has spanned all phases of the information security life cycle.

As a Chief Technology Officer, Vice President of Engineering, and General Manager and Director of an Information Security Practice, Shirmo has had overall responsibility for software product portfolio strategies, software product line maintenance and IT security services offerings. He is well-versed on various platforms, technologies, protocols, frameworks and standards.

Frank has hands-on experience overseeing security code reviews, threat modeling, attack surface analysis and security testing. He has also acted as the Program/Project Manager on small and large-scale vulnerability assessment and penetration testing projects.

Shirmo earned his B.S and M.S in Computer Science and Engineering from Towson University and Loyola University, and pursued a Doctorate in Management and Leadership at the University of Maryland. He also serves as a CISSP instructor for certification training of information systems security professionals.


David Kim, CISSP, PCI-QSA

Senior Vice President, Security Governance Risk and Compliance

David Kim is SVP and principal consultant for ITPG’s Governance Risk and Compliance practice. He works with CIOs, CEOs and boards to help assess their organizations’ security risk and compliance gaps, strengthen their security posture, mitigate and remediate vulnerabilities, and help them prepare and pass security compliance audits.

Kim is a recognized expert on U.S.-based compliance laws and their requirements for information security, privacy, and implementation of proper security controls and safeguards. He is certified by the Payment Card Industry (PCI) Council as a Qualified Security Assessor and has extensive knowledge of HIPAA, GLBA, FFIEC, NIST 171 and FERPA compliance requirements.

During his 30-year career, David also has served as Virtual Chief Information Security Officer (vCISO) for organizations without a CISO that need network security leadership and guidance. He has advised and guided organizations in healthcare, financial services, retail, education, manufacturing, and transportation sectors.

David is an active speaker and presenter at conferences and trade shows, on security issues including data breach readiness, incident response, and business continuity plans. He also co-authored several books including Fundamentals of Information Systems Security.