2013 GISLA® Judges
Art Friedman, CISSP, Senior Strategist, Enterprise Engineering Office, National Security Agency
Mr. Arthur Friedman is the Senior Strategist for the Enterprise Engineering Office at the National Security Agency. He has 33 years of information technology and Cybersecurity experience and supports the development of policy and strategy for Identity and Access Management. He serves on several interagency working groups, including the Committee for National Security Systems and the Federal Identity, Credential, and Access Management Subcommittee. His education includes an undergraduate degree in mathematics and graduate degrees in business administration and national strategic studies. He is a Certified Information Systems Security Professional (CISSP) and a member of (ISC)² Government Advisory Board for Cybersecurity.
Art is an adjunct faculty member teaching network security classes for Towson University and a retired Colonel from the U.S. Army Reserves. He lives in Maryland and spends his free time boating on the Chesapeake Bay with his wife.
Steven Hernandez, CISSP, CISA, SSCP-Chief Information Security Officer, Office of Inspector General, Department of Health and Human Services
Mr. Hernandez is an information assurance professional presently working in the Washington DC area. He completed his MBA in Computer Information Systems and Information Assurance at Idaho State University. He also holds a BBA in Computer Information systems from Idaho State University and degrees in electronic systems, lasers, and electro-optics. Hernandez is affiliate faculty at Idaho State University and with the National Information Assurance Training and Education Center.
Through his work with the National Information Assurance Training and Education Center, Hernandez has lectured on topics in information assurance, risk management, capital planning, investing in security, certification and accreditation, cloud computing, social media, new media and mobile security to graduate level audiences. Hernandez is actively involved in educational content development for the International Information Systems Security Certification Consortium. He has been involved in information technology work in a variety of fields over the past 17 years including the Federal Government, education, higher education, industrial manufacturing, the finance sector and agriculture. His presently holds the role of Chief Information Security Officer and Director of the Information Assurance Division at the Office of Inspector General for the Department of Health and Human Services.
Ray A. Letteer, CISSP, Chief of the Cybersecurity Division of the Command, Control, Communications and Computer Department at Headquarters, U.S. Marine Corps.
Mr. Letteer oversees all efforts for cyber security and information assurance within the Marine Corps including computer network defense, public key infrastructure, electronic key management systems, and certification and accreditation. He also serves as the Marine Corps Senior Information Assurance Official (SIAO) and as the designated approval authority for the Marine Corps Enterprise Network (MCEN), which includes all networks and networked systems, whether in garrison or tactically deployed.
Charles “Chuck” McGann, CISSP, CISM, IAM, manager of corporate information security, U.S. Postal Service
Charles L. (Chuck) McGann, Jr. is the Corporate Information Security Officer for the United States Postal Service (USPS). In this capacity, he has the responsibility of securing an intranet that is one of the largest maintained by any organization in the world with over 145,000 workstations and more than 10,000 servers. The USPS infrastructure encompasses over 600 business applications that support all aspects of business operations as well as movement of the mail.
In his 23 years with the Postal Service, McGann has held numerous positions, entering as Manager, Information Systems for the Springfield, Massachusetts district, and later served as an acting postmaster, business systems analyst, business project leader, distributed systems security specialist and CIRT manager.
McGann holds an MBA from Strayer University, a bachelor’s degree from the University of Massachusetts, and two associate’s degrees from Springfield Technical Community College. He is a certified information systems security professional (CISSP), a certified information security manager (CISM) and holds a certification for information assurance methodology (IAM) from the National Security Agency (NSA).
Dara Gordon Murray, CISSP, Director of IT Security for the Program Support Center, U.S. Department of Health and Human Services (HHS)
Ms. Murray is the Director, IT Security, Program Support Center, U.S. Department of Health & Human Services. She holds a Bachelor of Science (B.S.) and Master of Business (MBA) of Administration from University of Maryland, University College, College Park and a Master of Science, (M.S.) Johns Hopkins University, Baltimore Maryland. Her main course of study was computer science, telecommunications engineeringand business management. She was one of the first to hold the credential as a Certified Information Systems Security Professional (CISSP) and is a distinguished member in good standing on the (ISC)² U.S. Government Advisory Board. She is also a certified Project Manager, Certified Cryptologist, National Security Agency.
She has worked in many aspects of the security field, ranging from information system, physical, personnel, counterintelligence, and computer crime investigations for the Nuclear Regulatory Commission, Justice Department, Federal Bureau of Investigation, National Science Foundation, Smithsonian Institution. Dara's primary responsibilities are with assisting the institutions risk management, security planning, audit response, FISMA compliance, certification and accreditation, and intrusion detection & prevention.
Marc Noble, CISSP-ISSAP, CISM, NSA-IAM, MBCI, Director of Government Affairs for (ISC)²
Mr. Noble is currently the Director of Government Affairs for (ISC)² where he is responsible for advancing the professionalization principles of (ISC)² and increasing the organization’s impact, overall reputation and prestige throughout the U.S. federal, state and local government markets. Prior to his role at (ISC)², Mr. Noble worked as an Information Assurance Engineer for MITRE Corp., and held the offices of Chief Information Security Officer and Deputy Chief Information Officer at the U.S. Federal Communications Commission.
Over the course of a 30-year government career, Marc also served as Senior Information Security Analyst, Administrative Office of the U.S. Courts and as a Management and Systems Analyst at the U.S. General Services Administration. He received his B.A. History/Political Science from Virginia Commonwealth University and a Master's Certificate in Project Management from George Washington University.
Robert “Rocky” E. Young, CISSP-ISSAP/ISSMP, CISM, CHSP, IAM, CHFI, CEH, PMP, CGEIT, CRISC, Cyber Security and IT Specialist, Defense Information Assurance Program, Office of the Secretary of Defense, Networks and Information Integration, Department of Defense
Relevant Professional Experience: Dr. Young has been a professor at National Defense University since 2002. Prior to that, he was Chief of 11th Wing Information Assurance Office, USAF, providing policy guidance, technical support, and administrative oversight of communication, computer, emission, and information security requirements. Dr. Young spent 21 years in the Air Force and is also a certified physician associate who continues to work in that capacity as a medical provider throughout the DoD.
Scholarship: Dr. Young is an expert Cyb3r Security and/or Information Security (INFOSEC), Information Assurance (IA) and Information Operations (IO). He has presented widely on IA issues in healthcare, challenges related to wireless networks, cyber security, and network and systems security principles, safeguards, and practices. Recent presentations include “CYB3RSEC & U … What U Don’t Know Online Can Hurt U!” @ the 2011Defense Special Security Officer Conference (DoD) and “Wake Up & Smell the CYB3R: Banking Fraud, Socializing, Identity Theft and Stalking Online—Sounds Like FUN!” @ USDA/FDA.
Jerry G. Ormaner, CISSP, CIO, CISM, Senior Information Technology Project manager, Operations Services staff, U.S. Departmentof Justice
Jerry Ormaner currently serves as Senior Information Technology Project Manager for Department of Justice's (DOJ) Operations Services Staff. Jerry manages critical DOJ services for the following DOJ customers: Department of Homeland Security's (DHS) Immigration and Customs Enforcement (ICE); DHS US-VISIT; DHS U.S. Citizenship and Immigration Services; and DOJ's Litigation Case Management System (LCMS). These customers' systems involve sensitive but classified information and critical infrastructure data. Jerry's job responsibilities involve: mitigating security concerns or risks associated with these enterprise-wide critical systems; mitigating complex technical challenges as they develop; testing disaster recovery capabilities; assisting customers with certification and accreditation activities; and working with customer senior management executives to escalate and resolve risks to systems as they may develop.
Jerry Ormaner served as Assistant Director for U.S. Department of Justice's Security Program for over twelve years. In this very important role, Jerry managed the operational security program for the Department of Justice's critical infrastructure: enterprise-wide voice and data networks; data centers; and related systems. He coordinated the certification and accreditation for IT systems/networks and data centers; managed the contingency planning activities for the Operations Services Staff and the Continuity of Operations Planning for the DOJ's Office of Chief Information Officer; and evaluated vendor security support including training programs for the Department. He has utilized contracted security vendors as well as internal resources to provide security management training for DOJ and other Information Resource Management employees.
Mr. Ormaner assisted the FBI with certification and accreditation of their critical systems and with DOJ Information Management and Security Support, he managed the security oversight and issuance of policy guidance for DOJ's sensitive but unclassified systems and networks. In addition to establishing one of the first successful penetration testing and follow-up security improvement programs in the civilian government, he also supported the Federal Government and the Department's PKI working group and related pilots for DOJ, FBI and DEA.
Prior to this, Mr. Ormaner held several positions with the InternalRevenue Service, including the Information Resources Management and Infrastructure Technology Group. He led the design of up-front security forenterprise-wide data systems involving electronic filing applications for the multi-billion dollar Tax Systems Modernization Program and the Secure Dial-In (SDI) Network for IRS. With the General Services Administration FTS 2000, Mr. Ormaner coordinated the design and installation of new FTS data and voice circuits for federal customers. Prior to government service, he was with American Telephone & Telegraph, Communications where he was a Network Designer and Market Administrator for National Accounts.
Mr. Ormaner holds a BA from State University of New York in Business and English, an MBA in Management and Marketing from Marymount University, Virginia, and Chief Information Officer Certification from Carnegie Mellon University, Pennsylvania. He is also a Certified Information Systems Security Professional (ISC)² and Certified
Katrice N. Lewis, Assistant Professor of Systems Management (Information Assurance and Security), Information Resources Management College, National Defense University
Ms. Lewis has over 15 years of professional experience in Information Assurance (IA). Upon receipt of a Bachelor of Science degree from Loyola College, Ms. Lewis began her career as an Engineer and Scientist with Lockheed Martin Naval Electronics and Surveillance Systems-Undersea Systems (NE&SS-Undersea Systems) located in Manassas, Virginia. In this position, she worked with both classified and unclassified information systems on contracts with various U.S. government departments and agencies to include the Department of Defense. While serving in this capacity, she performed various functions in support of departmental and agency missions to include engineering, simulation modeling, and programming.
Upon conferment of a Master of Science degree from the University of Michigan, Ms. Lewis transferred to Lockheed Martin Information Technology (LMIT) where she served as a Senior Web Solutions Developer and Technical Manager. In these roles, she was responsible for management and oversight of engineering laboratory facilities and projects. Ms. Lewis later transitioned into civil service as a federal employee working for organizations such as the U.S. Department of Treasury and Department of Agriculture.
Prior to her current position as a faculty member of the iCollege, Ms. Lewis served as a Security Officer, Security Manager, Information Systems Security Officer (ISSO), and Information Systems Security Manager (ISSM) for U.S. Department of Treasury, Internal Revenue Service (IRS); Department of Treasury, Financial Management Service (FMS), and the Department of Agriculture, Animal and Plant Health Inspection Service (APHIS).
Ms. Lewis is designated a Certified Information Systems Security Professional (CISSP), Certification and Accreditation Professional (CAP), and Project Management Professional (PMP). She currently holds a Master of Science degree in Information from the University of Michigan-Ann Arbor, Bachelor of Science degree in Applied Mathematics from Loyola College, and a Certificate in Information Assurance from the University of Maryland University College. She is currently pursuing a Ph.D. in Computer Information Systems (DCIS) with a concentration in Information Security at Nova Southeastern University.
Harold E. "Pete" Stark, CISSP, CRISC, Manager, H E Stark Consulting, LLC
Mr. Stark is currently Manager, H E Stark Consulting, LLC, providing information technology management consulting services.
In over 32 years with the U.S. Postal Service, Mr. Stark has held a variety of positions, most recently Manager, IT Strategy and Compliance, and Manager, SOX and Process Improvement.
As Manager, Corporate Information Security (CISO), reporting to the Postal Service CIO, Mr. Stark was responsible for protecting postal corporate information assets, ensuring that they were stored and operated in secure and trusted environments; promoting security awareness and security risk management as integral parts of postal business decisions; and providing postal employees and managers with the knowledge and tools they need to protect corporate information assets. Mr. Stark also ensured that Information Technology had policies and processes in place to support the recovery of critical postal business functions through a comprehensive business continuance program.
Prior to his security position, Mr. Stark managed the technical development of usps.com and various corporate applications. He has also held positions in postal operations.
Mr. Stark holds a Bachelor of Arts degree from the College of William and Mary, a Master of Science degree in Library Science from the University of North Carolina at Chapel Hill, and a Master of Science degree in Administration from the George Washington University. He was a recipient of the 2011 Federal Computer Week Fed100 award.
Brad Nix, CISSP, CISO, USDA Food & Nutrition Service
Brad Nix is the Chief Information Security Officer for the U.S. Department of Agriculture's Food & Nutrition Service. In this role Brad is responsible for leading the organization's information security and information assurance programs.
Brad has almost 20 years of IT experience with the last 15 years devoted to enterprise information security specializing in information security program assessments and development, governance, architecture, technical vulnerability assessments, and product assessments.
Prior to his career in public service, Brad benefited from extensive consulting experience with small and large enterprise security programs. Brad has provided information security subject matter expertise to several entities across the private and public sector, to include Citigroup, J.P. Morgan, ADP, the Federal Bureau of Investigation, Symantec, the Federal Deposit Insurance Corporation, the United Nations Development Program, and the Departments of Agriculture, Commerce, Interior, and State.
Brad has received a Master's in Management Information Systems from the University of Virginia, and a Bachelor's in Business Administration from James Madison University. Brad is a Certified Information Systems Security Professional (CISSP) and an American Council for Technology / Industry Advisory Council (ACT-IAC) Fellow.
Johan Bos-Beijer, Senior Advisor, Office of the Assistant Commissioner ITS and Director, Strategic AnalysisGeneral Services Administration
Mr. Bos-Beijer has over 37 years of senior management experience equally divided between the public and private sectors. His management work has involved program and lifecycle management, technical operations, client services, finance, analytics, identity management, managed security services, change control and audit resolution. Before joining the federal government, he served at executive and senior management levels in Academia, Financial Aid, Financial Management, and Vice President of Operations for a large law practice and financial banking and servicing. He was a principal contributing author of the US Department of Education Audit Guide and initiated the first Integrated Project Teams and Change Control processes. Mr. Bos-Beijer is author of the 2007/08 identity and access management framework for Department of Education which in turn helped shape the federal framework. His work enabled ED to deploy the first consolidated initiative for program audits and reviews using analytics in 1999/2000 focused on fraud prevention and program integrity. Under his leadership interoperability between the multi-billion dollar portfolios held in the Debt Management and Collection System (DMCS) and National Student Loan Data System (NSLDS) was achieved. In the public sector he has held such key positions as Director of Change Control, Chief of Staff, Deputy General Manager, Special Advisor to the Deputy Secretary, and was the first full time eCommerce Director at ED. Mr. Bos-Beijer initiated the first managed security services provider concept for the agency and served as the principal Director for the Business Continuity and Identity Management Programs. His work has been recognized in Special Act awards from the ED OIG, HHS OIG, special recognition from the Office of the Secretary at ED, DoDIG, and for his teams throughout his career. Mr. Bos-Beijer is also the recipient of a special veterans support in education recognition award for his counseling and guidance to tens of thousands of veterans representing deployments in multiple conflicts as they reentered civilian life.
Since being recruited to join GSA in 2008, he has served as Director of Strategic Solutions and Senior Advisor overseeing, the successful design and migration of the dotGOV domain management program to a direct order service for customers as well as the achievement of a milestone for over $1 billion in cost avoidance for the SMARTBuy program. He created the customer engagement framework in 2009 and developed a repeatable acquisition strategy for data center services in 2010. In his current role Mr. Bos-Beijer is often consulted as an experienced analytics practitioner as advisor to various public agencies in the civilian and defense sectors in maturing or initiating their programs. He completed a special one year (2010/2011) executive senior advisory assignment at the request of the HHS OIG which included the successful development and implementation of the consolidated data analysis center program, predictive analytics framework, data and program management. His recent accomplishments included overseeing enterprise commodity program management in the Office of the Assistant Commissioner where he authored a marketplace strategy and internal consolidated acquisition platform concept of operations across multiple multi-billion dollar portfolios at GSA. He has been a founding and contributing member, as well as speaker, for major organizations including the National Association of College and University Business Officers, National Council of Higher Education Loan Programs, Education Finance Council, Postsecondary Electronic Standards Council, National Association of Credit Managers, National Healthcare Association, American Law Institute, Coalition of Higher Education Assistance Organizations, and the CyberLaw Resource Network. He is federal chair of the ACT-IAC Analytics and Big Data Committee and the Chair of the Government Advisory Panel. Mr. Bos-Beijer has been an advocate of mentoring throughout his career and respected for his passionate dedication in continuing to provide coaching to those starting, changing, or already engaged in their career, most recently volunteering for the armed forces to civilian acclimation services. His development of leaders of the future in their respective fields aligns with the objectives of GISLA and this unique recognition program.