Point here to e-mail me at christopher.s.long@saic.com
Science Applications International Corporation (SAIC), Mclean, VA, 12/98 - Present
Chief Systems/Security Engineer, Sr. Systems/Security Engineer, Project Manager
Responsible for several systems/security engineering related projects and tasks. Provide worldwide DITSCAP/DIICAP Certification Authority and systems security compliance support, lead DOD related architecture and design engineering efforts associated with classified and unclassified systems and cross domain information solutions for Defense Information Systems Agency (DISA). Additionally, lead, plan and execute penetration and red team exercises for DOD organizations in order to assess enterprise security posture. Other organizations supported in this capacity include the DTRA, IC CIO, JWID, DIAP, OASD/C3I, NSA, JTF-CND, JCS, COCOMs, CNO/Navy. Perform Critical Infrastructure Protection Assessments and Analyses of mission critical and realtime systems identifying single points of failure, vulnerabilities, and formulating remediation strategies and solutions. Responsible for providing various architecture and engineering planning, prototyping, and product delivery for enterprise, fixed and tactical software and systems; perform cradle-to-grave large scale lifecycle systems engineering and integration projects for several systems, communications and infrastructure technology programs. Perform strategic and implementation planning, security certification and accreditations, security test and evaluation, risk management, and technology assessments to in the areas of communications, networking, operating systems, applications, security, messaging, and wireless. Requested to speak at a GSA/FTS Technology Conference on wireless communication technologies. Also, provide combatant commands IA exercise planning and execution related to the security of the evolving defense and intelligence, national, and Global Information Grid Infrastructures.
Analytical support includes research and development of defensive information warfare concepts and strategies, particularly within the national security framework. Coordinate related intelligence community and DOD DISA Federal Department and Agency IA planning activities and identification of policy, technical, and programmatic issues crossing organizational, functional, and program boundaries. Manage and participate in software, systems, and security engineering activities, such as: small and large scale systems and security engineering and development efforts; technology lab development for system and security application prototyping; architecture and infrastructure analysis; INFOSEC requirements definitions; technology evaluation and assessment; information management and workflow automation utilizing Lotus Notes and Domino R5; e-commerce, public key infrastructure (PKI) design and deployment; multi-level security technologies; intrusion detection and analysis; simulation and modeling; development of IA concepts and strategic implementation planning for Intel community CIO Office and DOD DISA organizations; web site and content design and development and integration of DIAP IA policy and guidance system to serve as centralized and authoritative source of IA policy, legislation, directive; perform and conduct system-level designs, reviews, and risk management assessments; develop certification and test and evaluation, technical reports, and project plans; perform systems integration and monitoring of the implementation of processes, hardware and software solutions, and technical writing.
Lockheed Martin Corporation (Management & Data Systems), Reston, VA, 05/97 - 09/98
Associate Chief Engineer, Sr. Staff Systems Engineer
Responsible for successfully completing the architecture, design engineering, installation and testing and transition to operations of a heterogeneous Multi-Level Security (MLS) TCP/IP communications and messaging infrastructure with automatic redundant fail-over to support mission and time critical intelligence customer applications and messaging systems. The infrastructure utilized IBM MQSeries messaging COTS and customized security and messaging GOTS was developed to permit three different security levels to communicate reliably and securely via priority message based queuing providing 100% data availability, integrity, and confidentiality. This was a large scale legacy migration effort transitioned a point-to-point mainframe based environment to a distributed multi-platform (Sun, SGI, Dec Alpha, IBM AIX/RS6000, Windows NT, and IBM 3090) environment. The systems communication infrastructure permitted remote site locations integration, interfacing and messaging across customized firewalls, routers, high-speed switches, public key encryption. Customized systems and network management platforms/software and intrusion detection monitoring and analysis were incorporated to operate & administer the critical mission applications and message queuing environments.
Provided extensive technical and managerial expertise, direction & support to various internal company programs and initiatives. Prepared the engineering and management proposal to win a $95million 5-year Information Technology and INFOSEC Security Engineering contract with NSA. Engineered a Fortezza-based Multi-level Secure (MLS) e-mail system, integrating COTS/GOTS software. Focused technology expertise included firewall, encryption, network and host-based intrusion detection, secure configuration of operating systems, network operating systems, EC/EDI, data mining and warehousing, secure messaging and e-mail service applications.
DIGICON Corporation, Bethesda, MD, 06/95 - 04/97
Chief Engineer, Technical Program Manager
Project engineer and technical manager for major Federal Aviation Agency effort to increase capacity/efficiency and reduce costs of information systems infrastructure. Applied engineering cost analysis techniques such as return-on-investment (ROI). Developed candidate architectures and process models. Served as company-wide senior INFOSEC and network management expert developing secure architectures & strategies, risk management, security posture and penetration analyses and assessments with corrective countermeasures and solutions, and product evaluations. Customers included Army Materiel Command (AMC), DISA, DoD, Defense Nuclear Agency, Internal Revenue Service, and General Accounting Office. Developed technical input to: Internet & intranet LAN/WAN/MAN strategies, concepts for offensive Information Warfare, INFOSEC, electronic commerce/electronic data exchange, systems and network management, data communications, e-mail.
As Technical Program Manager for 5 subcontractors and 80 technical staff for developing, designing, documenting, testing, and implementing an IRS asynchronous nationwide-wide system. Engineered technical and workflow concepts and build-out and physical and communications security of three distributed data centers. Implemented RAPTOR firewall, customized communications server to implement security multi-authentication, hashing & public key encryption techniques. Systems security engineering was audited by NSA/ARCA representative who reported no flaws.
DIGICON Corporation, Bethesda, MD (half time), 05/94 - 05/95
Served as Senior INFOSEC/Network engineer consultant in support of the Patent and Trademark Office (PTO), performing various INFOSEC, network management design and integration activities. Provided network and security guidance and assistance to Pentagon Network Integration and Design team. Formulated INFOSEC technical papers and briefings and provided design and access solutions for security and network issues associated with Internet and remote access, encryption and MLS cryptography implementation. Developed a liaison relationship with the National Security Agency (NSA) pertaining to MLS and COMSEC cryptographic equipment, practices, and future solutions and strategy associated with MISSI program planning and implementation. Maintained relationships with organizations such as IETF, NSCA, CERT and ASSIST regarding INFOSEC and network management.
ECI Systems and Engineering, Inc., Virginia Beach, VA, 10/88 - 09/95
Developed and implemented an Information Systems Security Program for the US Army’s Information Systems Command-Pentagon (ISC-P) to protect the network management of a heterogeneous dual-Broadband Communications Network (BCN) that is basis for a centralized "joint service" data center. Prepared and maintained security accreditations. Performed 24x7 traffic monitoring, analysis, and incident reporting. Performed COMSEC/cryptographic equipment integration and operations. Planned and implemented penetration testing. Provided network design, security, training and accreditation guidance to other services. Worked closely with DoD, law enforcement and intelligence organizations to develop policy, perform incident investigation and provide training (Dept. of Justice, DoD Office of SecDef, CIA, NSA, etc.). Developed and implemented several SAP initiatives and covert operations. Functioned as Sr. Technical Expert and Representative for ISC-P sponsor on various INFOSEC & Network Management and STAMIS/MDW Data Center consolidation task forces -- created, reviewed and provided evaluation and comment on various network management, security and strategic planning documents. Drafted regulatory requirements & updates to Army Regulation 380-19 on information security. Key requirements input to INFOSEC Masters Degree program at Eastern Michigan University. Performed network management and engineering of BCN components; assisted with implementation of an ATM test network.
Served as Project Manager performing requirements analysis, design, and installation of a customized dual screen Video TeleConferencing (VTC) CLI-based system for the Director of DMA at four separate CONUS locations interfaced to JWICS and provided operational training; designed and installed an autonomous Novell Netware 3.x based, high speed FOIRL AutoCad Network; Planned, coordinated and managed the delivery and shipments of over 500 Cabletron network component devices (value over $2.x million) to multiple locations supporting enterprise network upgrades; served as a Deputy Project Manager for a Department of Education Pell contract involving all phases of the systems development life cycle process to maintain stringent deliverables that enabled national disbursements of more than a billion dollars of financial aid; developed a prototype electronic document handling system and strategic management and migration plan to migrate from a manual paper-based processing system to an electronic-based submission processing system which was successfully implemented; performed technical writing; designed, managed, and executed the management and technical business and transition plan to create a centralized ADP operational facility (10,000 sqft), optimizing operational systems and work-flow activities; provided facilities and operations management support for a multi-million dollar IRS nationwide customer support center contract operation.
Techmatics Technologies, Inc., Silver Spring, MD, 05/86 - 10/88
Managed and implemented various contract projects--supervising over 42 employees; systems life cycle management, systems analysis, configuration management, systems security, programming, database development, requirements and test specification definition for various applications; designed and programmed a corporate executive information system to streamline contract billing, cost tracking, graphic, invoice production-audit-accounting, and electronic time-sheet at the corporate and project levels utilizing various cost accounting and budget control techniques for various contract types; installed a 3COM ethernet network connecting three remote offices to corporate headquarters. Designed physical security for a data center.
Night Vision Electro-Optics Laboratory, Ft. Belvoir, VA, 10/83 - 04/86
Developed multi-dimensional, statistical, data acquisition, modeling and simulation programs and performed code conversions in support of the Army’s Night Vision Electro-Optics Laboratory Visionics Division and Data Acquisition Field Testing Programs; developed optical recognition and imaging software and I/O peripheral and instrumentation device driver systems; Assisted with scientific technical reporting for world wide distribution.
COMPUTER PROFICIENCY: (Extensive Listing will be provided)
Operating Systems:
IBM Mainframe(VM,MVS,VS1,CMS), DEC Alpha, SUN OS/Solaris, HPUX, AIX, Linux, DOS, Windows 2000/XP/NT Server/WS, Windows ME/98/95, Novell, Apple/Macintosh, Prime, and various others.
Hardware: IBM, DEC, SUN, RISC, PC, INTEL, Motorolla, Apple, CDC, HP, and various others.
Software: Various COTS, GOTS, Programming (JAVA, CGI, Perl, C++, C, Fortran, Pascal, JCL, AI, Prolog, Cobol, Assembly, and various others)