December 2007 – Present
In the TrustTheVote Project developer community, I lead system architecture and design efforts, recruit developers and leaders, manage some development efforts, and make individual contributions in others.
September 2007 – Present
In the OSET Institute, I serve as an officer of the non-profit organization and contribute to foundation operations and organizational development.
2000 – 2002, 2006-2007
Provided independent consulting services related to information security and IT operations assurance, ranging from technology strategy for technology vendors, to analysis and review for technology buyers and investors. Acted as architect, designer, advisor, reviewer, and analyst for a variety of organizations ranging from technology start-up companies and venture capital firms to major government agencies and established financial services firms.
June 2003 – December 2006
Led the strategic technical direction for the company, including technology and market strategy for Solidcore’s enterprise change control solutions to commercial and government enterprises, and to vendors of embedded systems products. Technology strategy and strategic sales support for embedded OEM unit, and for U.S. Federal Operations unit. Development and management of government-funded R&D program and grants, and of Solidcore’s Critical Infrastructure Protection and Control initiative.
2000 – 2002
Defined Securify’s product line of consulting services, including specification, pricing, direction of product marketing and marketing communications activities, definition of direct and indirect sales strategies, support of channel sales management. Defined strategy for product line migration from a pure professional services company to an on-line managed security services company with both bundled professional services products and unbundled packaged and custom professional services products.
Earlier, as Director of Program Management, duties included: business development, lead bid and proposal efforts, manage recruiting program, serve on consulting teams as technical resource in various areas including network security, firewalls, authentication and authorization, security policy. Served as Securify’s representative in industry groups focused on healthcare and HIPPA security.
As senior security consultant, led or contributed to customer engagements in areas including: electronic medical records, digital rights management, software obfuscation and encryption, national-scale public key infrastructure, consumer digital privacy, network and system threat and risk analysis and mitigation.
1998 – 2000
Strategy and technical direction for NAI Labs, a business unit that was formed of Trusted Information System’s R&D group after Network Associates’ acquisition of TIS in March 1998, and which included over 80 technical staff engaged in funded and internal research in computer security. Responsibilities included: oversight of technical content and direction of TIS Lab’s research program; steering of internal R&D; definition of goals and strategy for new technical areas to pursue; business development for new funded research; liaison and oversight of technology transfer to NAI product divisions; technical advice and evaluation for NAI partner and OEM development staff; internal security architect/design consultant for NAI product divisions.
1989 – 1998
Consulting responsibilities included: lead generation, business development, bid and proposal, customer interviewing, analysis, presentation, deliverable document preparation, oversight of team members. Research responsibilities included: system/software architecture, design, implementation; software development team management, project management, customer relations, business development, bid and proposal. Prior to 1995, as Computer Scientist and Consultant, performed similar functions with lesser degree of responsibility.
1987 – 1988
Research in computer security, high assurance operating systems, distributed system security, formal assurance methods, and program verification.
1984 – 1987
Designed and implemented software development tools and products for several programming languages, as well as tools for internal development support.