Wherever an IP packet flows you will find a cybersecurity consideration.
Where do IP packets flow in modern critical infrastructure?
EVERYWHERE.
2025 INITIATIVES and ACTIVITIES
Solution Evaluation Leader - Network/Cyber OEM Solution Evaluation Brief - Develop and document a short-from OEM product evaluation deliverable which demonstrates expertise in product area, and evaluates against multiple criteria for purposes of solution purchase decision-making by customers - COMPLETED 2nd Qtr 2025
Team Member - Nuclear Power Innovation Project - Contribute to providing secure communications systems and risk identification and mitigation for SMR nuclear generation innovation project off-shore, near-shore - estimated completion, 4th Qtr 2025
Presenter, LinkedIn Live Event – Co-creator and presenter for live cybersecurity discussion, 'NERC CIP 013 — Strategies for Securing Your Supply Chain'. Discussion focused on stories and steps to establishing long-term cyber posture enhancement through established frameworks and latest thinking regarding the importance of your supply chain - estimated completion, 2nd Qtr 2025
Initiative Leader - NERC CIP Compliance for SITE Ai/ML committee participation - Seek inclusion and participation of business engineering team members for SITE committee team. Mission is to help define risk and compliance factors for AI security within North American grid environments. Two team members successfully assigned - COMPLETED, 1st Qtr 2025
Principal Architect - Transmission Station Secure Virtualized Communications Network Design - Lead team of highly qualified network and cybersecurity engineers designing NERC CIP compliant high availability OT SDN green-field transmission sub-station communication network, within existing larger operational Distribution grid environment - estimated completion, 3rd Qtr 2025
Cybersecurity Architect - Risk Mitigation Project – Assist large U.S. metropolitan water utility with analyzing comprehensive SCADA cybersecurity Assessment, identifying optimum control additions and procedure fit for established policies. Controls involved Active Director IDAM, additional Password security controls and Remote Access policy, process and procedures creation - estimated completion, 2nd Qtr 2025
2024 INITIATIVES and ACTIVITIES
Presenter - Joint Kansas University and FBI Cybersecurity Conference - Presentation to compare and contrast IT verses OT communications security, FBI Director Christopher Wray, keynote speaker - COMPLETED, 1st Qtr 2024
Team Member - NERC CIP 013 Supply Chain Risk Management Update Team (Gap Review) - Continue contribution working within the NERC CIP standards committees to assist in resolving identified gaps in existing 013 standard - COMPLETED, 2nd Qtr 2024
Group Leader - NERC CIP 013 Supply Chain Risk Management Team (Incident Response Guide Update) - Supply Chain Risk Management - Vendor Incident Response Guide version 2 revisions. Effort to keep up to date existing guidance documentation for use by energy sector operating entities supporting the U.S. Bulk Electric System (BES) - COMPLETED, 1st Qtr 2024
Investigator - Contract Compliance – Cybersecurity subject matter expert for team investigating supply chain project execution performance for critical infrastructure. Purpose is to validate cybersecurity designated aspects of information handling and assist to improve overall project data security - COMPLETED, 1st Qtr 2024
REPRESENTATIVE PROJECT EXPERIENCE
Extensive experience working directly for OEM software and hardware producers, operations and services organizations helping governments and businesses design and deploy secure, reliable, and operationally efficient critical infrastructure networks.
Contributor- Cybersecurity Services Group Launch Team – Assist with the development and launch of new cybersecurity services organization delivering Engineering Procurement and Construction services. Activities include organization design: human resource identification and qualifying through interviews; service offerings identification; revenue vs. strategy refinement of initiatives; cross markets cyber services delivery integration and communications development; assist with development of sales, marketing and media collateral - December, 2023
Contributor - Security Product Development – Participation in early development process for multiple products; exploring possible product creation including customer input mechanisms such as focus group surveys and product information videos, contribution to (ERD) including security feature/function and Marketing Requirements (MRD) Engineering Requirements sets - October, 2023
Team member - Critical Infrastructure Cybersecurity Assessment/Audit – Utilize automated CISA CSET tool to assess, audit and validate network and cybersecurity posture for large southwest metropolitan utility. Analyze results, measure risk and recommend controls enhancements to close identified gaps. Issue C-level report on findings and review mitigation project(s) cost - August, 2023
Principal Consultant - Cyber Attack for Ransomware (CAFR) Reaction Plan – Assist medium size U.S. Energy sector customer, investigate and assess requirements, methods and activities required for responding to a ransomware attack. Include critical systems priorities, playbook, existing IR and DR plan impacts, area and access isolation techniques, data flows and processes while negating ransom payment; utilize existing frameworks and tools wherever possible, (e.g. CISA Ransomware preparation information, INL CCE®, MITRE ATT&CK® framework, etc.) - April, 2022
Co-Presenter - 'Developing a Cyber Attack for Ransomware (CAFR) Response Playbook' – Presentation to an electric utility Reliability Organization (RO) relating methods and techniques for establishing planned organization, systems and network response to a CAFR (Cyber Attack For Ransom) event while negating ransom payment - March, 2022
Project Lead - Cyber Attack for Ransomware (CAFR) Reaction Plan – In cooperation with mid-size Energy sector customer, investigate and assess requirements, methods and activities for responding to a ransomware attack. Produce Playbook that recognizes critical systems priorities, existing IR plan impacts, isolation techniques accounting for essential operational application flows and processes, while negating ransom payment - July, 2021
Technical Coordinator - Private Wireless Device MPLS Implementation – Develop very large-scale energy sector customer field demonstration criteria for implementation and validation for 17 site MPLS VPN SCADA/AMI OT data network with data flow filtering protections that include wired, private radio spectrum and microwave wireless infrastructure. Examined interaction requirements of IP network team and RF team seeking to optimize overlapping responsibilities and tasks for provisioning, validation testing and turn up - March, 2021
Co-creator - OT Services Supply Chain Cybersecurity Risk Management Survey Response Template – Develop new process to assist pre-sales organization response to various customer surveys resulting from NERC CIP 013 Supply Chain Risk Management requirement. Customer submitted survey may be of any form, depth or breadth. Response process considered assurance of risk reduction and project information protections - April 2021
Project Team Principal Consultant - Cybersecurity Process Documentation – North American Reliability Corporation - Critical Infrastructure Protection (NERC CIP) procedures documentation standardization project for very large scale Energy sector client. Provide review, validation and verification for series of practical process/procedures guide documents aligned with NERC CIP rule set - August, 2020
Project Team Principal Consultant - VLS Network and Cybersecurity Design – North American Reliability Corporation - Critical Infrastructure Protection (NERC CIP), BCA Low Impact Electronic Access Point (LEAP) Assessment. for a very large-scale OT network. Developed Statement of Work (SoW), led Design and Deployment – pursuant to rapidly evolving DoE directives for Critical Infrastructure Protection compliance requirements, active project to assess vulnerability in approximately 100 electric grid field sites through inventory and logical assessment, detecting and analyzing all NERC CIP LEAP's and cyber assets - February, 2019
Human Resourcing Consultant - OT Network Infrastructure Talent Search – Requested by private energy generation, transmission and distribution utilities to assist in identification and qualification of Smart Grid technical resources for very large-scale O.T. network modernization projects. Interview and rated candidates with urgent timeline requirements - November, 2019
Team Leader - Very Large Scale Network and Cybersecurity Design, MPLS – Very Large-scale OT network design Proof-of-Concept Lab Electric sector - led creation and execution of OEM switch/route/firewall proof-of concept test to evaluate best design solution employing MPLS network virtualization, data path encryption and traffic flow filtering. Tasks included test plan case development and documentation, lab provisioning, inventory controls, test monitoring, results evaluation and outcomes memorandum - July, 2018
Principal Consultant - Network Operations Center CMMI – Assist with development of RFP response, win and then execute assessment of Network Operations capabilities for large multi-state SouthEast U.S. utility. Duties included current state analysis, gap analysis, CMMI maturity modeling of energy network monitoring operation (NMS) to track progress toward future state goals. Areas of analysis include application requirements and data flow, network health baseline and deviation, alert monitoring, tools, staffing and cybersecurity integration - April, 2018
Lead Product Evaluator - Cybersecurity IDS Product – Develop new service, related collateral, sell then execute as leader for product field evaluation team. Analyze and record Human Factors observation through user interviews and use-case functional testing of industrial networks purpose-built intrusion detection appliance supporting DNP3 and related protocol(s) signature detection. Developed Statement of Work (SoW) for service. Product was examined during Proof-of-Concept deployment within operational production network - June, 2017
Co-Developer - Cybersecurity Live-fire Exercise – Developed statement of work (SoW), assisted with design and execution of organization-wide cybersecurity intrusion(s) exercise including Identification, Incident Response and Mitigation for generation/transmission multi-state electric cooperative; included master security event list (MSEL) development and exercise injects for human engineering site access, EMS SCADA-Master packet payload modification, law enforcement scenario, and natural disaster event, assessing response capabilities and business continuity impacts - January, 2017
Senior Consulting Engineer - Network Design and Cybersecurity, MPLS – Multi-year critical account assignment, on-site supporting named account to help ensure customer success with product line in large-scale multi-year MPLS deployment
Contributor Technical Coordinator/Architect - Very Large Scale Network Engineering, MPLS – Multi-year engagement advising state government I.T. organizations. Hands-on network architect, infrastructure engineer and team leader for federated state government, all-agency $5,000,000+ network transition project: Migration from legacy network to full MPLS virtualized, tiered and modularized design: 1000+ router nodes; 37,000+ ports, 100+ user groups; future-proofing designs, flexible growth trajectories and investment preservation
Architect - Network and Cybersecurity Architecture – Very large-scale energy distribution co-op Operations Control Center network architecture redesign including multi-tiered multi-vendor Firewall architecture with NERC CIP regulatory compliance factors addressed: Logging; DMZ; Access Controls; Interactive Remote Access; Change Control Reporting
Project Team Principal Consultant - Network and Cybersecurity Controls – Assist with development of RFP response for win and then execute, Energy Markets network, large-scale firewall rule set refresh (1000+ ACL's) for multi-tiered and virtualized security architecture. Work was performed during production hours for the Market necessitating extreme care for rule validation and change activities
Principal Architect - Network Cybersecurity Strategy – Assist with development of RFP response, win and then execute Telecom Master Plan for very large scale Generation, Transmission and Distribution, I.T. infrastructure, South East U.S. energy co-op; defining new highly secure and reliable Smart Grid data transport infrastructure supporting AMI, HMI, RTU, DNP3 SCADA-monitored and managed field network flows. Work produced Current State, Futures State, Solutions Analysis and Roadmap
Team Leader - SW/HW Quality Assurance – Software and Hardware products Quality Assurance group, evaluating both shrink-wrap and integrated code. Conceived and applied interactive hardware/software product black-box functional verification, validation and user-experience testing procedures and techniques; led development of localization interface dialog comparison process; led alpha and beta field test programs; identified and documented human-factors aspects in user interfaces, developed and populated bug databases
Team Leader - Software Quality Assurance – Business Intelligence Web Application Quality Assurance group, working with Development, Marketing, Sales and Management teams while leading efforts that ensured rapid-to-market delivery of complex business intelligence products. Conceived and applied interactive hardware/software product black-box functional verification / validation and User-Experience testing procedures and techniques. Worked with off-shore code development teams
Senior Network Architect - State Capitol Legislative Network – State government capitol legislative very large-scale network modernization - developed Statement of Work, team lead for modernization program including VoIP, Legislative wired and wireless network and assess recommend cybersecurity controls - environment listed on National Register of Historic Places and observed as possible model for U.S. House of Representatives IT group
Senior Consultant, - Network Security Engineer, SIEM – National credit union IS provider, security infrastructure project with PCI Compliance factors: Deployed Cisco MARS SIEM (Security Information and Event Management), tuned through learning modes and false-positives, trained local staff
Consultant - Cybersecurity Engineer, PCI/DSS – National jewelry chain, PCI (Payment Card Industry) DSS self-assessment PCI questionnaire project: Analyzed network architecture and identified risk factors relative to achieving PCI compliance
Consultant - Cybersecurity Engineer, Network Access Controls – Regional credit union, security infrastructures project: Scoped, deployed and configured Cisco ACS, (Access Control Server) and “hardening” of related infrastructure devices, trained staff
Senior Consultant - Network and Security Engineer, IDS and SIEM – Global BPO IS provider, security infrastructure project: Scoped, deployed and configured MARS (Monitoring, Analysis and Response System) SIEM, including learning mode evaluation and false-positive tuning, trained staff
Senior Consultant - Network and Cybersecurity Engineer, SIEM HIPAA – Global pharmaceutical corporation, security infrastructure project with HIPAA Compliance factors: Deployed and configured MARS (Security Monitoring, Analysis and Response System), including learning modes and false-positive tuning, provided staff training for SIEM operation
Senior Consultant - Network Engineer, Cybersecurity HIPAA – Regional health services provider, security strategy assessment and development project with HIPAA Compliance factors: team member for comprehensive data security strategy, risks, review and recommend
Consulting Engineer - Cybersecurity Assess – National BPO back-office application services provider, security strategy assessment and development project: Team member for comprehensive security strategy, review and recommend
Network Consulting Engineer - Data Center Build – Global entertainment corporation, rapid data center build-out project: Deployed and configured secure terminal access and content load-balancing, at Tier 4 Data Center environment
Senior Consulting Engineer - Cybersecurity - Calence – Senior cybersecurity posture assessments, PCI compliance, HIPAA compliance, trusted network and cybersecurity advisor to named accounts, (State of Kansas), expensive hands-on secure infrastructure design and implementation of SIEM's, IDS's, Firewalls, etc.
Critical Accounts Resident Network Engineer - Cisco Systems – Assigned to remediate Cisco Critical Accounts Program client experiencing complex network instability. Assignment evolved in to multi-year on-site network architecture consultation. Resolve system very large scale data network performance and reliability issues.
Team Leader - SW/HW Quality Assurance Engineer - Farallon/Netopia – Network and Web Application Software and Hardware Quality Assurance Engineer. Working with Development, Marketing, Sales and Management teams lead quality assurance efforts for usability, bug discovery and reporting, beta field testing, and support documentation review.
Technical Assistance Center Engineer - Cisco Systems – Working in OEM networking hardware and software customer support group, handling tier 1, 2, and 3 support calls for entire product line including networking switches, routers, network configuration and management software, etc.
Technical Assistance Center Engineer - Farallon – Working in OEM networking hardware and software customer support group, handling tier 1, 2, and 3 support calls for entire product line including networking switches, software routers, network configuration and management software, screen-sharing applications, etc.
U.S. Army Flight Operations Coordinator - Crew-member Status – Scheduled and tracked VIP transport and tactical military flights, fixed wing and rotary wing aircraft, for critical-missions, (cabin, crew, flight-plan, tactical load-out, fuel, etc.). Operating in Ft. Rucker AL, Taegu Republic of Korea, Dongduchon Republic of Korea, Aberdeen Proving Ground (APG), MD. Accumulated 200+ left-seat flight hours, and 1000 hours + of general flight time. TOP SECRET clearance.