• Well-rounded IT security professional experienced in various facets of information assurance including Identity Management, Risk and Vulnerability Assessment, Security Assessment and Authorization, 3rd party risk management, Cloud Security, Business Continuity and DR planning, Mobile Security and Mobile Device Management.
  • Experienced in developing metrics, frameworks and roadmaps for consumption by C-suite, Executives and Board Members.
  • Supported the development of (including being a named author on) several NIST publications including FIPS 201, SP 800-79-2, SP 800-116, SP 800-166 and SP 800-85B. Extremely familiar with SP 800-18, SP 800-37, SP 800-30, SP 800-53, SP 800-53A and numerous other publications in the area of information security.
  • Supported the creation and management of the GSA FIPS 201 Evaluation Program (http://fips201ep.cio.gov) . Former "Gatekeeper" for the Approved Products List - known to be used by ~ 40 countries to identify validated products in the areas of PKI, biometrics, smart cards and card management systems.
  • Experienced in public key infrastructure (PKI), cryptography and their usage within secure applications and solutions. Developed several Certificate Policies (CP) and Certification Practice Statements (CPS) for Government and non-Government PKI Providers.
  • Skilled in developing security policies, technical guidance, analysis reports, and white papers in the areas of IT security