Sign in

Security Manager

Colorado Springs, Colorado, United States
August 28, 2018

Contact this candidate



Leroy Lacy

**** ******* ****** ******

Colorado Springs, CO 80917


Leader developing architectures and applications targeted at the managed security services in the cloud environment.

Extensive experience in secure UNIX Operating Systems, Relational Database Systems, Big Data, IaaS, PaaS, Cloud Computing, Critical Infrastructure, and Formal Software Development Methodologies.

Expertise in secure IP Telephony, Leading Security products, Machine Learning, Artificial Intelligence, Agile Development, Scrum, Kanban, Rally, and Service Oriented Architecture development.

NTTSecurity Inc. (2013 – 2017) – Sr. Director Security Architecture

Leader of architecture group creating and enhancing the NTTSecurity Wide Angle Managed Security Service.

Managed a group of 5 technical architects supporting the development of the WideAngle Global Managed Security Services suite of applications.

Developed the architecture to integrate WideAngle from a series of independent nodes (Pods) regionally supporting WideAngle functionality into a world wide fully integrated managed security service.

Transitioned the WideAngle MSS from traditional datacenter to cloud architecture that allow NTT multinational customers a view of their global estate, while maintaining compliance with regional privacy and data residency laws.

The data broker architecture received a Japanese patent.

Designed the WideAngle Security Appliance (WASA), a completely “no touch” software appliance deployable in any customer environment delivering the WideAngle services to the customer infrastructure.

WASA is easily deployable in any cloud environment (AWS, Assure, Verizon, Rack Space, and many others).

Supports one click deployment, completely hands free, compliant with local architecture.

Led the successful effort to improve the quality and productivity of the Singapore development group.

Provided the leadership to move the Singapore development team (staff of 32) from the traditional waterfall methodology to an agile environment (Kanban and Scrum).

Beat down the “Us vs. Them” environment that existed between the various teams supporting WideAngle product development.

Moved from a “Big Bang” delivery to continuous build environment closely associated with the DevOps staff who were much more involved with the development and deployment process.

Utilized the Atlassian tools suite:

Confluence – Wiki documentation

Jira – bug tracking system

HipChat – communication system supporting our global environment

Bamboo – Continuous build.

Other open source tools

Trans Lattice Inc. (2011 – 2012) – Director Government Technology

Provided leadership for the product development with respect to the security features as well as the assurances necessary to protect government classified information processed by Translattice Applications Platform (TAP).

Created the artifacts package necessary to evaluate the product against the common criteria.

Created artifacts package to allow a successful certification of TAP in support of a cross-domain application using SABI requirements.

Directed the effort to migrate the hardware appliance components to leading cloud environments



Rack Space


Developed the relationships with the cloud providers to offer TAP as one of their offerings

Configured the software and environment into commands deployable in the various cloud offerings

LynuxWorks inc. (2008– 2011) – Manager Security Technology

Responsible for the security assurance package as well as the artifacts to evaluate the LinuxWorks separation kernel against the Common Criteria at EAL 6.

Managed two subcontracts as part of the evaluation process.

Responsible for the architecture of several security and cryptography features in the LynxSecure product.

Created the artifacts package to support the evaluation at “High Robustness” security level.

Interfaced with several customers to apply Separation Kernel functionality to the end user product.

Acted as interface to government with respect to the evaluation program

Became deeply involved with the LynuxWorks embedded Unix operating system products.

Avaya Inc. (2005 – 2008) - Senior Manager, Security Group

Manage group of 18 software engineers developing security components to enhance the Avaya family of IP Telephony products to a completely secure solution from end to end.

Manage Agile development of new SIP functionality for Avaya's new generation products.

Work with product houses for all Avaya components to understand where and how software assurances as well as end to end cryptography are required.

Led effort to make Avaya products compliant to DOD-JTIC requirements.

Led the development of the VPN phone.

The VPN phone allowed employees of a company using Avaya products to take a phone home and securely access the Avaya phone system securely.

Received the Avaya Labs Cup for the creation of the VPN Phone

Managed development of Java based telephony enabled applications to move Avaya products into the Web 2.0 environment.

Conducted research in security enhancements for secure IP Telephony systems.

Received patent for the SIP Spam filter.

Armadillo Systems (2002 – 2005) –Computer Security Consultant

Acted as an expert witness to defend a firewall gateway product developer in a patent infringement suit over deep packet inspection and virus detection at the gateway level.

As a Consultant, acted as project manager for the evaluation of a leading Network Intrusion Detection System (NIDS) against the Common Criteria.

Authored Security Target Document, Functional Specification, and High-level Design documents.

Lead development team to create necessary documentation and procedures to allow successful evaluation of product at EAL-3.

Created security model document for strength of function proof of the secure communications between various instances of the NIDS communicating using a shared secret and AES encryption.

Conducted seminars in the process of Common Criteria Evaluation.

Exodus Communications (1996 -2002) - Director of Security

Acted as CISSO for Corporation and was responsible for all aspects of Exodus Security policy and products.

Authored the Exodus Communications Risk Management Plan

Authored and enforced Exodus security policies for both the corporation as well as all data centers and the exodus backbone network.

Designed the physical Security for the Exodus award winning secure data centers.

Enforced the security and disaster response policies and procedures.

Conducted exercises to ensure seamless functionality responding to emergency situations encountered by the Exodus Data Centers.

Created the Exodus Managed Security product line of business consisting of managed firewalls, Intrusion Detection, VPN, single sign-on using Kerberos, and vulnerability analysis products.

Led the development of a secure portal that allowed the monitoring and secure management of all the security appliances.

Designed a similar portal to allow customers to view the access logs for the security managed services and monitor security status of their networks.

Managed the group that developed, deployed, monitored, and managed the products in the field.

The Security Managed Services products became the most profitable service offered by Exodus. Thirteen staff members were responsible for over $20 million in annual revenue.

Lockheed Martin (1992-1995) - Director of Engineering

Chief engineer for Los Angles County Emergency Management System project. Program manager and technical leader of group of 6 software and hardware engineers who designed, coded, and implemented the information system that controls the operation of the LAEOC.

The group created the software linking a Geographic Information System (GIS) and relational database to track and control all operations of the LAEOC during any county emergency.

The Emergency Management Information System (EMIS) consisted of over 1million lines of code and provided all protocol and process enforcement during a large county wide emergency.

Chief Technologist for bid and proposal efforts for several US government agencies.

Chief Engineer for the Veterans Administration NOAVA project that provided secure IT solutions to all components of the Veterans Administration.

Armadillo Systems, Inc. (1990 – 1992) – President

President of Product Company that developed secure firewalls, mail gateways, network monitoring systems based on trusted UNIX operating systems.

Won contract to develop a secure mail gateways for Her Majesty’s Treasury United Kingdom.

Won contracts with CESG and Royal Signals Corps to develop secure mail systems.

As a consultant to a start-up corporation, acted as chief engineer and technologist for efforts to provide new services via the national cable television systems in Costa Rica and the Island of St. Vincent and the Grenadines.

As a consultant to Progress Software, I conducted engineering studies to develop a secure version of the Progress RDBMS client-server architecture.

Informix (1989-1990) Director Multilevel Secure Products

Program Manager responsible for all aspects of the development of the multilevel secure Informix relational database product. MLS Informix was the first MLS database product to be successfully evaluated by NSAs National Computer Security Center (NCSC) against the Secure RDBMS criteria (C2 and B1). Led group of 12 software engineers to design, implement, and document the B1 product. Our goal was to accomplish this task with no more than a 15% degradation in performance; however, when complete the product outperformed the existing product by 5% on corporate benchmark tests.


BS Mathematics California State University Hayward.


Seminars in Common Criteria Evaluation process

Security Managed Services in a Hosting Environment – Net world Interopt

Covert Signaling Channels in an MLS Relational Database – Institute for Defense Analysis

Multilevel Secure Informix – NIST Security Conference


Lockheed Engineering Achievement Award

Expert Panel Presentation – Aerospace Secure Applications Conference

Design Award Exodus Firewall Chassis

Avaya Labs Cup for Innovative product development


A Small Air Sampling Device

SCSI Based Encryption Device

SPAM Detection mechanism for VOIP Telephony Systems

Data Broker, Mechanism for Exchanging Information Between Disparate Products (Japanese patent)

Contact this candidate