Dr. Daniel O. Harrison...

Houston, TX • adu0fs@r.postjobfree.com • 719-***-****

Solution-oriented, transformational CISO with demonstrated expertise across all facets of information security. A cybersecurity expert with fluency in seven languages, top US security clearances, and a record of exemplary service building and leading multiple cybersecurity task forces across various US military branches and highly regulated industries. A change agent and servant leader who drives needed organizational transformations and turnarounds that optimize the security of mission-critical data, systems, and people and inspire individuals and teams to learn more, achieve more, and serve as a vessel for service excellence to others and the organizations.

§ A thought leader in cybersecurity with impeccable credentials: Served as a strategic partner to leaders in government and industry while earning certifications including CCISO, CRISC, CISM, CISA, and Security+. Provided thought leadership as a guest speaker in various CISO and CIO conferences. Authored numerous articles on cybersecurity published in leading cybersecurity magazines.

§ Providing strategic security leadership: Developed and implemented the first-ever enterprise cybersecurity strategy and program for the Department of the Army – Assembled Chemical Weapons Alternatives and Laboratory Information Systems Security Program at Pueblo Chemical Agent-Destruction Pilot Plant. Delivered and implemented a program fully compliant with environmental, United Nations Treaty, and cybersecurity-related compliance requirements.

§ Driving change that optimizes security: Transformed Travis Air Force Base Legacy Enterprise Cybersecurity Program to 21st Century Enterprise Cybersecurity Program in only 11 months.

§ Building and leading high-performance teams: Built and led high-performance teams in war and peacetime environments for the military and the private sector. Led engagements in the US, India, Korea, and Iraq. Trained, coached, and mentored numerous professionals in cybersecurity best practices to effectively promote a culture of security across global organizations.

§ Providing strong and steady leadership in geopolitical hotspots with lives in the balance: Facilitated establishment of a network infrastructure and network communication system that supported the efforts of

>5,000 solders, airmen, Marines, and Navy personnel in Iraq during Operation Iraqi Freedom and Operation Enduring Freedom (OIF/OEF) in Ar Ramadi, Iraq.

A Record of International Leadership in Mission-Critical Operations

§ Strategic Security Planning

§ Relationship Building

§ Information Security Governance

§ Information Security Management

§ Enterprise Architecture

§ Cloud Security

§ Enterprise Risk Management

§ Network Infrastructure Security

§ Project Management

§ Operational Technology and Cybersecurity

§ Security of Application and Data Technology,

Information and Resilience Risk Management

§ Compliance (HIPAA, PCI DSS, SOX, RMF, ISO/IEC)

§ High-Performance Team Building

§ ICS SCADA DCS HMI

§ Compliance (COBIT, ITIL, NIST, GDPR, HITRUST)

Transforming Organizations to Ensure a Strong and Reliable Security Posture Harris County, Houston, TX – Harris County is the third largest county in the United States comprising of 36 cities, towns, and villages with 82 departments across the county. 2021 – Present CHIEF INFORMATION SECURITY OFFICER (CISO)

Brought on to ensure security of Harris County network infrastructure and information systems and critical assets through program management, services delivery, and personnel and resource management in support of smart county programs. Drive continuing improvement in cybersecurity strategies, tactics, governance, risk management, and IT compliance. Serve as Trusted Advisor to Harris County executive leadership, Texas regional leadership, commissioners, and law enforcement chiefs in all cybersecurity matters. Support all law enforcement, public health, courts, public safety, and county administrations, OPTIMIZING INFORMATION SECURITY IN THE DIGITAL AGE Dr. Daniel O. Harrison Page 2

§ Providing strategic security leadership: Developed Harris County's Information Security function into a strategic and robust program fully capable of addressing both current and future 21st century IT security threats. Reimagined and developed security governance, risk, and compliance program complete with standards, policies, and procedures.

§ Optimizing cybersecurity: Designed security strategy for AWS cloud migration and data center inventory. Developed Harris County's and Public Health Hospital cybersecurity's policies, standards, and procedures. Established its Information Technology and Infrastructure Security Governance Program as well as its NIST Risk Management Framework. Developed strategic cybersecurity program in support of election administration across Harris County.

US Air Force, Fairfield, CA – The aerial warfare service branch of the United States Armed Forces, one of the eight US uniformed services. 2018 – 2021

WING INFORMATION SYSTEMS SECURITY MANAGER

Brought on to modernize the USAF's Cybersecurity Program. Served as a trusted advisor to the United States Air Force on information security-related issues and remediation efforts. Led deployment of multimillion-dollar enterprise network security for DoD classified and unclassified networks and enterprise land mobile radio systems, supporting 15 Air Force bases and a call center supporting 10 Air Force bases and 40,000 end users.

§ Providing strategic security leadership: Served as subject matter expert for systems' cybersecurity controls. Provided assistance to stakeholders in all matters involving cybersecurity, risk management, governance, and regulatory compliance. Developed and provided well-defined systems security plans, policies, procedures, and recommendations on how to optimize IT security controls and meet DoD cybersecurity mandates.

§ Driving change that optimizes security: Spearheaded the rebuild of the entire cybersecurity program for Travis Air Force Base. Developed and implemented a strategic enterprise information security and risk management program and framework ensuring confidentiality, integrity, and availability of information systems and fully compliant with President Obama's Executive Order 13636. Secured accreditation for classified and nonclassified networks at Travis Air Force Base using risk management framework.

§ Developing and leading a world-class security organization: Planned and directed the efforts of three distinct teams dedicated to improving infrastructure, operations, and cybersecurity across Travis Air Force Base and David Grant Military Hospital.

§ Instilling a culture of security: Developed and provided on-the-job training to government, contractor, and military personnel on various IT security tools, policies, and procedures required to protect resources and meet standards.

Bechtel Nuclear Security and Environment, Pueblo Chemical Alternative Pilot Plant, Pueblo, CO – An American engineering, procurement, construction, and project management company and a leading DoD contractor. 2015 – 2018 CYBERSECURITY MANAGER INFORMATION SYSTEMS SECURITY MANAGER (2016 – 2018) Deployed to head up a major security initiative with the Department of the Army. Planned and led development and implementation of the first-ever cybersecurity program for the Pueblo Chemical Alternative Pilot Plant, a chemical agent destruction plant chartered to destroy stockpiled munitions with dangerous chemicals in accordance with the provisions of a UN treaty. Responsibly managed a budget of $10M utilizing a risk management framework.

§ Providing strategic security leadership: Closely liaised with high-level government officials to proactively protect industrial control systems utilized to destroy the chemical weapons stockpile, mustard agent, and safe disposal. Developed and submitted Cybersecurity Action Reports to NSA, DHS, ACWA, ARL, and Bechtel. Conducted a weekly conference call.

§ Optimizing cybersecurity: Identified and remediated a variety of issues and violations in the plant's labs and industrial control systems. Developed and implemented security procedures that substantially tightened access to the lab and industrial control systems. Completed the initiative in only three years, four years ahead of schedule, to obtain operational accreditation for the Industrial Control System Network.

§ Modernizing infrastructure: Replaced all the network legacy components of enterprise-wide industrial control systems and laboratory networks with 21st century equipment impacting over 120,000 employees. Equipment included core switches, distribution switches, servers, remote terminal units (RTUs), programmable logic controllers, human machine interface, intelligent electronic devices, and PDAR Historian Databases. SENIOR CYBERSECURITY ADMINISTRATOR (2015 - 2016)

Recruited to lead a plant-wide cybersecurity organization tasked with upgrading industrial control system networks supporting the operations of a chemical agent destruction pilot plant for the Department of Army with a 12-year operations charter. Planned and directed the efforts of a team of central cybersecurity staff and specialists deployed Dr. Daniel O. Harrison Page 3

into other organizations involved in the design, construction, and operations of the Plant Hospital Risk Management Program and Plant Operations. Responsibly managed a budget of >$7M.

§ Breaking new ground in security: Built the first-ever enterprise cybersecurity program for the Department of the Army Assembled Chemical Weapons Alternatives (ACWA) and Laboratory Information Systems Security Program at Pueblo Chemical Agent-Destruction Pilot Plant (PCAPP). Designed and implemented a security program that protected the enterprise against advanced persistent threats and nation-state attacks from US enemies while supporting $1M a day expenditure of the plant to ensure confidentiality, integrity, and availability. Newmont Mining Corp (Denver), Progressive Insurance (Colorado Springs), FedEx (Colorado Springs) – Leading companies involved in mining, insurance, and logistics. 2012 – 2014 CYBERSECURITY CONSULTANT

Served in roles including IT Senior Systems Analyst, IT Senior Test Engineer (FedEx 2012 – 2013 Progressive 2013 – 2014), Senior Global Application Support Analyst and Senior IT Systems Security Engineer (Newmont Mining 2014). At FedEx, developed an action plan to secure accreditation for a geolocation and live video system utilized to track deliveries. At Progressive, established back-end security testing standards for Microsoft Databases utilized by Progressive. At Newmont Mining, liaised with professionals in Africa, Peru, and Australia to implement statistical project deployment, establish security controls, and assure information integrity.

§ Enhancing operational visibility: Enabled delivery tracking via the web at FedEx by replacing legacy code with platform-independent, modern code that effectively mimicked the legacy code to provide mission-critical, 24x7 delivery monitoring.

§ Providing strategic leadership: Defined the test plan, configuration, and usability testing utilized to establish and implement back-end security testing for Microsoft databases at Progressive.

§ Providing security leadership on a global scale: Played a pivotal role in the deployment of network servers supporting underground mining initiatives in Africa, Peru, and Australia. Effectively utilized multilingual skills to accurately assess operations security, identify deficiencies, and implement corrective actions. CAREER NOTES

Early success as a Systems Analyst/Production Support Offshore Lead with Verizon Business and as Systems Security Compliance Analyst/IT Systems Analyst with El Paso Corporation. Additional professional experience in service with the United States Army in the United States, South Korea, and Iraq. Facilitated deployment of information systems and phone services in geopolitical hotspots including Ramadi and Fallujah in support of Operation Iraqi Freedom and Operation Enduring Freedom. Education and Certifications

Doctorate in Computer Science in Information Assurance (DCS-IA), Colorado Technical University, Colorado Springs, CO (Dissertation: DoD Systems Certification and Accreditation Problems: A Qualitative Case Study) MS, Information Systems Security Management, Colorado Technical University, Colorado Springs, CO BS, Information Systems Management, cum laude, Colorado Technical University, Colorado Springs, CO EC-Council Certified Chief Information Security Officer – Certification Number ECC43250476103 ISACA Certified Information Security Manager – Certification Number 1736342 ISACA Certified Information Systems Auditor – Certification Number 17142419 ISACA Certified in Risk and Information Systems Control – Certification Number 1926447 CompTIA Security+ certification Number COMP001020437537 Project Management Institute Project Management Professional – In Progress Department of Defense Cyber Security for Industrial Control Systems Department of Defense Operation Security for Industrial Control Systems Publications and Interests

Author of numerous articles published in Cyber Defense Magazine addressing topics including Industrial Control Systems Vulnerabilities, Social Media Dangers, IoT Premier Security Issues, Enterprise Systems Security Assessment Challenges, Cloud Computing Security Issues, and Problems Confronting Systems Certification and Accreditation

(C&A) of Government Information Systems. Download information can be found at https://www.linkedin.com/in/dr- daniel-harrison-dcs-cciso-crisc-cism-cisa-sec-38459015/. Member Name Page 4

Interests include Entrepreneurship, Telecommunications, Industrial Control Systems, Robotics, Coaching, Soccer, and Motorcycles.

Contact this candidate