Noted Security expert with a proven track record of adapting to ever changing environments with dynamic security postures all while mitigating all levels of risk. With over 30 years of experience in security operations, vulnerability analyses, risk management, strategic/mitigation planning, cyber/information security, training, inspections/surveys, project management, and business management/development. A real change agent that can lead diverse groups through rapid growth and disruptive environments.
06/2015 to Current
Information Security OfficerTexas Department of Transportation － Austin, TX
TxDOT serves the constituents of Texas with 13,000 employees, 80,000 miles of road, 25 Districts and hundreds of external partners.
TxDOT has embarked upon an Enterprise Information Technical Architecture to address legacy and future service demands by centralizing IT.
In order to support an agency at this magnitude with this level of disruption, collaborations were formed to ensure that all levels of security posture were addressed, IE: Statewide Emergency Management, encompassing all major cities and counties, Federal programs, and Smart City and autonomous vehicle research efforts.
Also fostered were collaborations with external partnerships and research efforts to include Texas A&M, University of Texas, Southwest Research Institute, Federal Agencies and many technology partners.
TxDOT is unique as it is the only agency in Texas to outsource IT and Security.
This arrangement requires governance and vendor management expertise in order to be successful.
The TxDOT Security Team has been focused on building a comprehensive Security Program to enhance the outsourced vendor offering which includes all tenets of security.
This steep ramp up has been challenging but under my leadership, the team formed task forces and partnerships and developed and participated in District Engineering meetings in order to fully understand the challenges at every level of the agency.
Areas of impact: Performed baseline assessments to develop 5 year Security Strategic Plan Forged an alignment of information security with the functions of the various Business units for greater impact.
Increased executive security awareness of risk management and ownership of policy.
Spearheaded testing and validation of Proof of Concept projects for emerging security threats.
Partnered with TxDOT Commissioners and Texas Legislature to mitigate concerns from funding requests.
Developed a strategy that aligned and addressed rapid threat changes.
Integrated security tools into a single dashboard which allowed for earlier detection of anomalies and provide a comprehensive view of the network Compliance to all State Legislative mandates and provided input to future requirements.
05/2012 to 06/2015
Digital Design Modifications Cyber EngineerComanche Peak Nuclear Power Plant － Glen Rose, TX
Supported Comanche Peak Nuclear Power Plant (CPNPP) to comply with Federal Security regulations used for detecting and mitigating vulnerabilities in the cyber/digital component systems.
These systems were vulnerable as they could be exploited from either inside outside threats.
This role involved an evaluation of risk, the ability to adequately protect equipment and data, determine data classification, evaluate adequate protection levels, and maintain storage/retention requirements.
Also responsible for developing and implementing a baseline review process with a follow-up gap analysis which evaluated existing cyber/physical infrastructure.
Performed and evaluated analysis of each digital device/system to determine its criticality relative to safe shutdown of plant systems, emergency preparedness and response efforts, and business continuity.
Analyzed technical evaluations and modification design packages to ensure design, installation, testing and validation, and maintenance on all plant equipment and are performed under the proper maintenance and structural protocols.
08/2009 to 02/2012
Principal EngineerSouth Texas Nuclear － Bay City, TX
Served as principal Security interface between STP and the Engineering, Procurement and Construction (EPC) teams to ensure successful NRC licensure of two new Advanced Boiling Water Reactor (ABWR) 1800MW nuclear plants.
Managed Security/Communications/IT EPC team design of physical security systems, communications of infrastructure and the implementation of cyber security principles.
Provided project management principles to EPC team through concise and adequate communications, budgetary compliance, project schedule status and impacts, and provided engineering recommendations to implement regulatory requirements.
Coordinated with all potential investors to determine requirements would be integrated into the design and validation process of the cyber security system and communications infrastructure.
Provided Requests for Additional Information (RAI) responses to NRC, performed Table Top exercises, co-authored the Site Security Plan and Interdiction Capabilities Evaluation, lead Vulnerability Analysis, translated Security Operations requirements into design requirements, and reviewed/approved detailed design drawings provided by the EPC team.
Education and Training
Master Degree: Public AdministrationUniversity of OklahomaPublic Administration
Bachelor Degree of Science: Electronic Engineering TechnologySouth Dakota State UniversityElectronic Engineering Technology
Associate Degree of Science: Electronic Engineering TechnologyCommunity College of Southern NevadaElectronic Engineering Technology
Associate Degree of Science: Electronic Engineering Technology Education Dynamics InstituteElectronic Engineering Technology Education Dynamics Institute
business plan, Capital Expenditures, Concept, design and construction, Electrical Engineering, electrical systems, emergency preparedness, Engineering Manager 1, Environment Protection, feasibility study, inspection, manufacturing process, cameras, Procurement, improve product, program development, purchasing, risk management, robotics, sales, sorting, Systems Engineer 2, transformer, Underwriter, validation, vendor management