Consultant is a Senior Computer Scientist and has seven years combined experience in the field of Incident Response and Computer Forensic Analysis. He has fourteen years overall experience in the Information Technology Field. He has been employed on contract to NASA for the past seven years He also heads the MSFC Computer Forensic Lab and conducts digital investigations on a daily basis. He currently holds an active DOD Secret Security Clearance.
His experience includes: incident response and analysis, network/computer forensic analysis, WAN/LAN intrusion detection and analysis, risk analysis and mitigation, business impact analysis, risk awareness training, security requirements development and the certification/accreditation of corporate and U.S. Government computing systems.
He has served as a subject matter expert (SME) in the field of IT Security on Federal contracts for NASA. In this role he has supported such contracts as the Payload Operations Information Center (POIC), The NASA Integrated Services Network (NISN) and the United NASA Integrated Technology Services (UNITeS) contracts. He also served as a SME and presented investigative reports and material in support of public and private investigations.
Hehas performed Security Audits against LAN/WAN systems. He has measured and reported risks to line managers and provide overall IT Security programmatic status to management as required. He has provided certification reports to reflect measurements of security requirements and Objectives against security controls. He has provided Assurance Level Ratings for Development and Operational Systems. Hi is trained in the use of NIST Common Criteria Guidelines, and NIST 800 Series Special Publications and the application of the NIST Common Criteria Guidelines throughout the Systems Development Life Cycle (SDLC).
Consultant developed implementation-independent security requirements (Protection Profiles) and developed Implementation-Dependent Security Requirements (Security Targets). He has prepared, reviewed and certified many IT Security plans from operational to development systems in compliance with Federal Information Security Management Guidelines (FISMA). Has prior expert witness experience.