- I have been a successful industry leader, in charge of an enormous team re-engineering the functions that allow people access to almost two-thirds of the Internet (at the time). I have led a team that built an enterprise security and support solution for the financial and retail markets. I managed a new UNIX systems solution for major banks. I was on the ground as the fundamental structures of modern Internet tools were developed and was a key integrator of what are now common solutions. I delivered on time, under-budget solutions while working with the most senior members of the c-suite across industry segments.
- I am an acknowledged world-wide expert on the topic of state-of-the-art information security technologies and tools from government, industry, and open source communities. I am an award earning academic leader, and strategic consultant on cyber conflict/crime with 2 books, 3 book chapters, 7 peer-reviewed journal articles, 15 conference proceedings, 3 technical editorships, thousands of media impressions, hundreds of briefings, and extensive social media postings. I received my doctoral degree from one of the top information security universities in the world and became a tenured professor at the same institution. I have taught, lectured, or briefed at every US war college, most of the military academies and several of the staff colleges, which include foreign war colleges.
- I have a reputation of being a successful senior government leader in the law enforcement, military, and intelligence domains. Over the last three years of government service I led highly complex projects concurrently developing and implementing highly complex security programs. My career started as a local law enforcement officer and I did my first digital forensics case in the 1980s. I led as a chief information security officer (CISO) of a major military command, I have been the senior intelligence official for cyber threats against the US government’s third largest cabinet department, supported the CIO/CISO of the US government, and worked across all of the critical infrastructures including financial and energy sectors specifically. As a senior intelligence official, the impact of teams I have led has shifted the course of the nation. In 2017, I testified in front of numerous congressional committees both on camera and in classified settings.
Ultimate Software: Senior Director, Security February 2018 to present
- Lead large world class team with subject matter experts in security infrastructure and engineering support, global security operations center (SOC), red team, threat intelligence, identity and access management and physical security.
- Lead successful integration of merger and acquisition of entities into corporate portfolio at international scope for security operations. Participate in security due diligence process for moving company company from public to private equity.
- Key initiatives delivered include; integration and support of worldwide security operations center (SOC) service capability; recruiting and hiring of security professionals; application rationalization; stabilization of the security technical stack; enhancing roles and relationships across the enterprise; structuring business rules and reporting structures; enhancing telemetry and log collection activities.
- Top leader in multi-modal security using inclusive leadership across business lines with several direct reports and responsibility for over 60 FTEs and 20 contractors.
Department of Homeland Security, Intelligence and Analysis: Special Advisor Cyber Division, November 2015 to February 2018
- As acting Director Cyber Division (Jan 7, 2017 to November 6, 2017), I supervised up to 31 full time all source cyber analysts and was responsible for the complete intelligence lifecycle.I successfully managed the strategic vision, goals, resources, and product/process delivery cycle of organization-wide cyber plans and objectives.
- Identified security threats and methods of mitigation across the DHS enterprise; Worked closely with FS-ISAC, FS-ARC, and ES-ISAC. Provided contextual and integrated information for selection of security system solutions; Served as the SME for CIFIUS, information technology acquisition, and risk assessor for acquisition programs. Coordinated intelligence activities on various topics across the intelligence community.
- Closed an 18% production gap between FY16 and FY17 between Q2 and Q4; Increased IIR evaluations by 70%, and brought production in line with expectations, and supported implementation of innovative analytical tools within Cyber Division.
- Briefed cabinet-level leaders, National Security Council staff, and industry on numerous occasions. Represented DHS I&A during US Congressional hearings/briefings on the topic of alleged compromises of information networks supporting the 2016 Presidential Elections and regarding foreign vendors.
United States Army Corps of Engineers: Cyber Advisor and CISO, January 2015 to October 2015
- Led the cybersecurity practice within the OCIO at USACE a DoD entity, serving 33K users, with worldwide operations (it would be rated as #108 on the Forbes 500 with over $20 Billion in operations); Had a $700 million information enterprise investment, supporting critical infrastructure, financial, and engineering business lines; Led strategic operations of a matrixed worldwide enterprise cybersecurity solution and implemented numerous statutory and regulatory requirements (FISMA, FITARA, and Clinger-Cohen).
- As acting Governance and Architecture Chief (90 days), supervised 20 full time employees, and managed executive secretariat of the office of chief information officer (OCIO); Delivered and designed a security architecture and harmonized the implementation strategy to the OCIO strategic plan; Served as the primary stakeholder and coordinator of the OCIO strategic plan, monitoring implementation, structuring reporting, negotiating reports, and managing the support personnel monitoring current status.
- Led defensive cyber operations (DCO) and coordination of cybersecurity program of record USACE activities with USCC, ARCYBER, and other military, intelligence, and inter-agency partners. Supervised, managed, and consulted with senior USACE and Department of Army implementation of FISMA, DoD versions of FedRamp, NIST RMF, and FITARA via whitepapers and briefings;Led strategic policy development of security activities, incident response, and integrated intelligence practices (Tri-Team Model) across the enterprise.
Purdue University: Associate Professor August 2012 to January 2015
- Supported numerous criminal and civil investigations; Instructed agents/officers on laws, regulations, and procedures of law enforcement; Provided consultative support to agencies and corporations for information security incident response, disaster recovery, and continuity of operations
- Served as federal, state, and local law enforcement liaison for crime laboratory activities in support of digital crime investigations and breaches; Worked closely with the Homeland Security Advisor of Indiana and the Homeland Security Institute at Purdue; Operated as a commissioned law enforcement officer (special investigator) for the Tippecanoe Prosecutor’s Office
National Defense University: Associate Professor March 2011 to July 2012
- Served as senior cyber security subject matter expert at the global level representing the Department of Defense including teaching abroad at the Swedish National Defense University, NATO in Estonia, and lecturing at the Marshal Center in Germany. Acknowledged leader in the integration of cyber security, intelligence and operations across the information security domain for government and industry.
Purdue University Calumet: Associate Professor August 2003 to March 2011
Promoted from assistant professor to associate professor August 2008
- Worked closely with The Department of Homeland Security and FBI in understanding terrorism tactics and counter strategies; Mentored graduate students working with HIDTA and DHS Region 5 counter terrorism task forces creating investigation and intelligence analytical products
NCR Corporation: Senior Consultant 1 – August 2000 to August 2003
- Led a strategic level information technology integration program, successfully delivering innovative remote services technology and information security system solutions at over 250 customers of Sun Microsystems. These efforts resulted in consecutive awards for partner of the month and partner of the quarter from SUN.
Litton/TASC (Now just TASC): Senior Member Technical Staff – September 1999 to April 2000
- Led enterprise architectural review of information technology solutions, incident response and disaster recovery planning efforts for military customer while focusing on information security efforts to secure numerous critical information system assets on the customer site.
MCIWorldcom (Contracted Services): Senior Program Manager – February 1999 to September 1999
- Led coalition of public and private partners as network remediation leader in the customer premise program, providing global situational awareness while successfully determining impacts to over 270K customers’ worldwide.
- Purdue University: West Lafayette, Indiana April 2005 to May 2012, PhD College of Technology (Information Security/Digital Forensics), Dissertation Title: “Cyber warfare as a form of conflict: Evaluation of models of cyber conflict as a prototype to conceptual analysis”, Advisor: Marcus Rogers, GPA 3.68
- Colorado Technical University: Colorado Springs, Colorado July 1998 to February 1999, MS Computer Science Software Systems Engineering, GPA 3.80
- Huron University: Huron, South Dakota December 1997 to August 1998, BS Computer Science, GPA 4.00
- Government Clearance and Poly (2016)
- Certified Information Systems Security Professional (CISSP #367558), April 2010 to present