John Stower

**** ***** ***** ** – Owens Crossroads, AL – adlf0m@r.postjobfree.com – 206-***-****

SUMMARY

A results driven IT leader with 30+ years’ experience who can balance risk management with business priorities. An analytical mindset with a security focus in IT operations, information assurance, and enterprise architecture. Frequently recognized for constructive team building, devotion to process excellence, and dedication to positive customer outcomes.

POSITIONS OF EXPERTISE

IT Project Manager IT Intelligence Systems Engineer

IT Department Manager Cyber Security Consultant/Engineer

Information Systems Security Manager Information Systems Security Officer

EDUCATION/CERTIFICATIONS

MS, Information Technology – Information Assurance & Security, Capella University; Minneapolis, MN

BA/Business, Louisiana Technical University; Ruston, LA

CISSP - ISC2 (104541)

CAP – ISC2 (104541)

INTELLIGENCE/MILITARY BACKGROUND

NRO Satellite Reconnaissance - Intelligence; USAF Special Intelligence programs; DEA Counter-drug Systems; DHS/CBP Secure border systems; Air Force Command Post management; Missile Defense Agency (MDA)

USAF Retired

Security Clearance

Active - TS/SSBI (CE)

PROFESSIONAL EXPERIENCE

Boeing, Seattle, WA and Huntsville, AL (Nov 2005- Sep 2009; 2019 - Present)

Systems Security Engineering consultant (Commercial Aircraft and Federal Govt. programs)

Supported the SBInet program, provided IT security design consultation to Department of Homeland Security (DHS) and U.S. Customs and Border Patrol (CBP). Designed security architecture’s and performed Certification and Accreditation (C&A) activities utilizing RMF and NIST requirements.

Technical lead on the following missile systems: Patriot, Avenger, Aegis, Arrow, Thaad and GMD.

Lead IT/IS project manager for system requirements traceability, system integration, test case generation and impact assessments.

GBSD Technical Lead Expert (TLE) for the Risk Management Framework processes for Systems Engineering, System test and integration, Supply Chain Risk Management (SCRM) and Software Development.

Developed a cybersecurity risk management processes for SCRM that included software assurance, vendor product evaluation, program protection profiles review for hardware/software/firmware, criticality analysis, and identification of know threats and vulnerabilities during acquisition process.

Northrop Grumman – Mission Systems, Huntsville, AL (Dec 2014 – 2019)

Information Systems Security Manager – ISSM // Sr Cyber Security Engineer

Managed 10 support staff personnel maintaining the security program for the Distributed Mission Operations Network (DMON) DoD Training systems. Managed vulnerability risk program for the Ground Mid-Course Defense (GMD) system products (IFICS Data Terminal, GMD Fire Control, GBI Maintenance Manager, GBI Launch Manager, GMD Communications Network) Experience with: NISPOM, ICD-503, JSIG and NIST 800 series publications.

DMON ISSM: Responsible for managing the Information Assurance (IA) team’s (Engineers, ISSOs and Administrators) activities including: • Risk Management Framework (RMF), and DSS/NISPOM accredited computer networks • Computer System Incident Response • Design system security architectures to include SPLUNK, LogRythm solutions • Vulnerability assessment and remediation for a weapons system• Harden systems (AIX, Solaris, RH LINUX) to protect against attacks • POA&M development and management supporting an Authorization To Operate (ATO)

GMD: Experience on the Missile Defense Agency (MDA) Ground Mid-Course Defense (GMD)– leading cyber engineering processes for the risk management program

Sr. cybersecurity engineer in the JSTARS and E2D aircraft. Developed cybersecurity processes for Supply Chain Risk Management (SCRM) and software development. Worked directly with the government ISSOs and ISSM on all RMF phases for a successful Authorization To Operate.

Booz Allen Hamilton Inc., Orlando, FL (Oct 2011- Dec 2014)

Associate: Lead Systems Security Engineering Consultant

Security Consulting and IT Engineering support to HQ Air Force Civil Engineering Center (AFCEC) and Air Force Agency Modeling & Simulation (AFAMS) on Certification and Accreditation (C&A), Information Assurance, System Security Engineering, and Cyber/Intelligence Security for Air Force Industrial Control Systems (ICS): SCADA, HVAC, Water, Electrical plants, etc. Cyber Security SME for the Air Force Modeling & Simulation (M&S) Organization for Live, Virtual Constructive (LVC) training.

Led development of strategic initiatives for the newly formed HQ AFCEC ICS Program Management Office that included MacAfee SIEM HBSS integration, secure system design for firewalls, IDS and IPS configurations

Managed the C&A Validation – Assessment team developing security requirements using NIST, JAFAN, JSIG, NISPOM, ICD and DoDIIS. Disaster recovery and contingency operations SME for live-virtual-constructive environments.

Security Controller Assessor Representative (SCAR) on over 1800 systems.

Working group member for NERC, FERC compliance for DoD Smart Grid computing environments.

Johnson Controls Federal Systems, Huntsville, AL (Sep 2009- Oct 2011)

Information Assurance Manager

Managed an engineering team performing access control system and UMCS design and installation for security certification and accreditation auditing activities on DoD and Federal IT systems. Project Manager for configuration of various application architectures and implemented processes for IA control verification testing for DoD and NIST certification.

Project Manager for a 4 million dollar Information Assurance program for System Security Engineering and Certification and Accreditation (C&A) auditing functions.

Developed security policies, plans and standards required for compliance with Federal government regulations and directives (FERC, FIPS 201, HSPD-12)

Experience with International Standards Organization (ISO) 17799/27001, FIPS and NERC CIP compliance.

Raytheon (Sep 2002- June 2005)

Manager Information Systems Security

Responsible for Information Assurance security services for the Navy/Marine Corps Intranet (NMCI) across the Midwest Region. Team Lead conducting penetration testing; vulnerability and risk assessments; security policy development and risk mitigation procedures. Six Sigma trained.

Implemented an enterprise IT security program for 200 Navy and Marine Corps sites.

Designed classified architectures for the Secret Internet Protocol Router Network (SIPRNET), provided EKMS cryptographic keying operations and maintenance support on TACLANE, KG195/6, KG84, Sectera, STUIII and NES Cryptographic systems. Biometrics experience with EBTS.

Developed Disaster Recovery and Emergency Response plans for Security Operations Center (SOC) and Network Operations Center (NOC)

Experience in System Program Protections, Information Security, Technical Security, Physical Security, Organization Security and Administrative Security. FSO and COMSEC duties administered per NISPOM requirements.

Central Intelligence Agency (Grade: GS-13) (Aug 1997- Sep 1999)

Communications Systems Engineer (COMMO Officer)

Engineered facilities design and configuration management of the Communications Distribution Network (CDS) for a large Technology Center hosting Navy, Air Force and other Intelligence agencies.

Performed site surveys for installation of communications infrastructures to include CDS, Central Computer Facility (CCF), and communications equipment. Evaluated design characteristics for Sensitive Compartmented Information Facility (SCIF) accreditation.

Coordinate satellite communications between OSD elements and foreign governments

- Designed SCIF Special Access Program (SAP) areas using DCID 6/9 requirements for 2 major CIA facilities.

United States Air Force (Retired – July 1977 – Aug 1997)

Information Technology Manager and Cryptographic Specialist – Provided Operations & Maintenance on ~ 3000 CCIs (KGs, KYs, STEs, STUs) administering over 25,000 customers. Supported network IT engineering, installation and maintenance leadership for DoD Intelligence communities (NSA, CIA, and White House). Designed specs for the upgrade of Intelligence Satellite downlinks.

Contact this candidate