Summary

Chief Scientist for Security, Systems, and Networks

Creativity, analysis, and leadership across a diverse range of classified and open technological problem areas, such as cloud-based DDoS Defense, realtime U.S. Weapon System defense, dynamic & deceptive networks, Intrusion Detection, Firewalls, Cyberwarfare Planning & Operations, and the first web server load balancer on the market.

Career Highlights

Perspecta Labs (a.k.a. Applied Communication Sciences, Vencore Labs)Basking Ridge, NJ

Senior Scientist

May 2012 – Present

Ideated, proposed, planned, conducted, and technically directed $14M in research programs. For the DARPA Extreme Distributed Denial of Service (DDoS) Defense program (XD3) program, used deceptive network maneuvers implemented on distributed, ephemeral, cloud-based VMs to inexpensively defend against and deceive both sophisticated high and low volume attacks against any network protocol. Designed and acquired a terabit per second network testbed to allow realistic testing of large scale network attacks (now used by five contracts); and designed and implemented test software that could work on laptops, the terabit cluster, and live internet cloud providers. For AFRL Cyber Deception, created a dynamic & ephemeral network environment using Software Defined Networks to deceive and confuse cyber attackers while preserving a seemingly normal user experience. For the defense of U.S. Weapons systems, created a real-time system to add critically-needed security to both legacy and modern platforms.
Developed new business by analyzing and applying advanced methods, theories, and research techniques to create substantiated proposals to solve complex and advanced technical problems posed by customers. Proposal lead for the programs listed above, and helped with the DARPA EdgeCT and two classified programs. Won or helped win $37M in total new business in last three years.
Provided leadership, design, development, and testing expertise. For the DARPA Plan X program, created an attribution-hiding cloud provisioning system for Computer Network Operation listening posts, redirectors, and vantage nodes; designed and developed test, wargaming, and operational range automated instantiation, performed initial system capability development and deployment; prototyped Cyber Domain Specific Language and reasoning system. For other programs, created a high-security Android cell phone (SMC), framework (CRUSHPROOF), and Linux security systems (DEFIANT) for the U.S. Army; including development of anomaly detectors plus user and kernel IDS modules for both Android and Linux, synchronizing development on both platforms, plus creating build and deployment infrastructure.
Additionally, authored six patent applications, published research papers, developed classified lab security audit systems, mentored junior staff, and created technical documentation and automation tools for team members.

Raytheon Trusted Computer SolutionsHerndon, VA

Principal Secure System Engineer

August 2008 – May 2012

Lead Technologist for and driving the technical design, implementation, core code design, security, and integrity of CounterStorm, a network intrusion and attack detection and response appliance, including SELinux, STIG, and IPv6 implementation. Performed tactical management of a distributed team of developers. Further responsible for RShield-ICAP integration, Nagios monitoring of RShield installations, RShield log analysis and mail load synthesis.

CounterStormNew York City

Chief Architect

August 2001 – August 2008

Chief Architect for CounterStorm as described above until company acquired by Raytheon. Responsible for patents, senior technical liaisons, technical management of DARPA Information Assurance and Army FCS projects, on-site deployment at governmental facilities, and Homeland Security contracts for bot-net and worm detection.

Product users include: New York Police Department, Warner Music Group, The Brookings Institute, McGraw-Hill, Columbia-Presbyterian Hospital, BAE Systems.

HydraWEB TechnologiesNew York City

Chief Technical Officer

September 1994 – May 2001

Lead Technologist for HydraWEB & created first web load balancer on market. Responsible for all technical evaluations, plans, designs, and technical customer proposals. Senior inventor, designer, and developer of HydraGPS (WAN client/server reliability and optimization system), HydraWEB (LAN client/server reliability and optimization device), Brimstone (firewall), and Proconsul (serial console middle ware). Responsible for patents, senior technical liaisons, plus core code design, review, and integrity. Systems/network administrator and guidance for both the company LAN, the Internet connection, plus several large corporate clients with large Unix Internet-connected network installations dealing with Interactive TV and WWW hosting.

Product users include: Allen Bradley, Ascend, Associated Press, ATKK, AT&T, Bear Stearns, Citicorp, Corel, DLJ, Deutsche Post, Dow Jones, JC Penney, Juno, MCI, Monster, Reuters.

Columbia UniversityNew York City

Systems Manager/Programmer

January 1988 (FT&PT) — FT: March 1992 – August 1994

Solely responsible for all CTR systems, maintenance, and network operations for a network of 300+ users, 90+ Unix machines, and 100+ PCs, Macs, and X-terminals. Including requirement analysis, purchase, installation, and maintenance of all technical equipment and software. Compiled, installed, and maintained all normal Internet services such as DNS, sendmail, USENET, WWW, anonymous FTP, and IRC. Extraordinary duties included the total redesign, purchase and implementation of the network due to a move to a different building.

Publications

Patent

Patent Applications

Education

Columbia University, School of Engineering and Applied Sciences. B.S. in Computer Science, 1992.

Clearance

TS/SCI