DAVID JON HENDRIE, CISSP
617 W 3rd Ave
Lititz, PA 17543
Contact Information: DavidHendrie.com
OVERVIEW
Responsible for
integrating an Automated Intrusion Detection and Response System (T-AIDR) into
Army Future Combat Systems (FCS) Program.
With CERDEC, coordinated a multi-vendor environment where we built a
450+ computer lab emulating tactical networks and applications where cyber
warfare testing was performed to validate the maturity of the T-AIDR technology
to TRL 6. Prepared and presented the
TRL 6 report for T-AIDR to the IRT supporting Army G6.
Worked
in development of Strategic Plans for the Department of Defense. One plan is for the implementation of a
Computer Network Defense Enterprise Sensor Grid, and the other for the implementation
of a multi-tier Computer Network Defense Situational Awareness Capability.
Worked
almost five years as a senior security systems engineer at AT&T Labs, the
birthplace of networks and network security.
Developed and implemented a Honey Pot Deployment Architecture; patents
pending. Designed and deployed a
breakthrough no-false-positive Intrusion Detection System; patents
pending. Developed analysis techniques
to determine malicious intent from network content data. Worked with USPS on NetPost Certified, the
electronic version of certified and registered mail. Consulted internally on numerous security and network management
projects.
Worked
eleven years as a systems engineer at Con Edison developing automated
engineering and operational SCADA systems for the analysis and distribution of
electricity in all of NYC and Westchester.
Incorporated all above systems into unified desktop, including alarm
dashboard, in the distribution control centers, company intranet, and onto Palm
devices. Managed the Development and
Support efforts for these six control centers with 24x365 coverage.
Worked
three years at Gould Electronics (Modicon), a leader in the industrial
automation marketplace. Performed
pre-sales support as an application engineer and post-sales support as a
systems specialist. Worked in all
industries including manufacturing, petroleum, chemical, mining, food, and
cryogenics.
Worked
eight years at Lukens Steel Company as an engineer in the maintenance
organization and as a systems engineer in the process control
organization. Held multiple positions
from managing large groups of trade craftsmen to designing and implementing
large-scale multi-vendor process control systems.
ISC^2, 2003. Computer Information System Security
Professional (CISSP) certification.
SECRET
Clearance, May 2004
TECHRIZON,
LLC, A STANLEY Company
Security
Systems Lead NJ (Feb,
2006 Present)
Worked as
contractor to Boeing on the Army Future Combat Systems (FCS) Program. Was responsible for integrating an Automated
Intrusion Detection and Response System (T-AIDR) into FCS. Interfaced with DARPA*, where this
technology was in early testing and maturation, on transitioning and maturing
the technology into FCS. With CERDEC,
coordinated a multi-vendor environment where we built a 450+ computer lab
emulating tactical networks and applications where cyber warfare testing was
performed to validate the maturity of the T-AIDR technology to TRL 6. Prepared and presented the TRL 6 report for
T-AIDR to the IRT supporting Army G6.
o
Developed and
Implemented FCS Program Risk Plan for Intrusion Detection.
o
Coordinated
T-AIDR Test Team and Boeing on transitioning T-AIDR technology into FCS.
o
Delivered
T-AIDR technical briefs to various Army and DOD organizations.
Participated as
IA SME in TEAM ONE, systems engineering group, on integrating FCS system of
systems designs.
Worked on FCS
restructuring in response to Army s FCS redirection.
*Defense
Advanced Research Projects Agency
DREAMHAMMER,
INC. (in
mentor-prot g agreement with AT&T)
In a mentor-prot g program, an established,
experienced prime federal contractor guides a newcomer, teaching the smaller
company's officials how to build a federal business.
Senior
Security Architect (May,
2004 October, 2004)
Worked in development of a Strategic Plan for the Department of Defense (DOD) Computer Network Defense (CND) Situational Awareness Capability. This multi-tier situational awareness capability, to be in place in 2006, provides a common operational picture that will allow operators at every level to have immediate access to critical information. Developed a survey and distributed it to DOD organizations to determine the current as-is architecture. Developed an end-state architecture for this operational capability together with the roadmap leading to its implementation.
Worked in development of a Strategic Plan for the
Department of Defense (DOD) Computer Network Defense (CND) Enterprise Sensor
Grid. The Enterprise Sensor Grid is to
be completed by 2008 with the intermediate Federated Sensor Grid in place by
2006. All sources of Computer Network
Defense Information, whether dedicated to CND or part of the Network Protection
Architecture (i.e. Routers and Firewalls) are part of this Grid. Developed and distributed a survey for DOD
organizations to determine the current as-is architecture. Developed an end-state architecture and a
sensor placement strategy for the grid as well as the roadmap leading to its
implementation.
A
T & T
Senior
Security Systems Engineer AT&T Labs (August, 1999 May, 2004)
Developed and implemented a unique Honey Pot Deployment Architecture; patents pending. This architecture solves the major problems of deploying Honey Pots within a corporate environment while increasing their flexibility and management.
Designed and deployed a breakthrough no-false-positive Intrusion Detection System (IDS); patents pending. Based on the earlier work with the Honey Pot Deployment architecture, this innovative and highly cost effective IDS can be deployed for one tenth of the typical cost of IDS deployments.
Worked with internal developers of network analysis toolset. As a member of the Advanced Analysis and Intelligence District, I exercised the toolset to perform network analysis and find the limiting factors and shortcomings of the software. During this process, I developed analysis techniques to determine malicious intent from network content data.
Worked with USPS on NetPost Certified, the electronic version of certified and registered mail. I evaluated vendor proposals and helped develop the requirements for this system.
Worked with a team in preparing AT&T's responses to RFP's and RFI's. Technical area of response is systems engineering, network management, security, and PKI.
Evaluated a wide variety of new technologies for application into possible security solutions.
Worked with at team to develop a prototype Intrusion
Detection Correlation Engine.
Manager of Engineering
Automation Group (March,
1991 August, 1999)
Developed, implemented, and supported company's integrated electrical distribution control center system. This system has subsequently been deployed to the remaining five distribution control centers within the company, and is responsible for monitoring and analysis of electrical distribution for all five boroughs of New York City and Westchester. It provides access to multiple independent data acquisition and analysis systems through a standard client platform.
- Built from scratch a state of the art DEC based data acquisition system to replace the existing Apollo system, resulting in massive improvement in data gathering speed and analysis and alarm capabilities.
- Developed contingency analysis software, which performs sophisticated analysis on both the electrical models and the current live status of the underground electrical distribution system for New York City.
- Developed Alarm Server and Monitor system that receives and displays alarms from any other applications on the network, and provides the ability to link back to the sending system to receive more detailed data on each alarm.
- Developed an alphanumeric paging system supporting multiple paging vendors. Integrated this system into the existing control center systems, including paging individual customers during distribution and transmission events, providing them with up to the moment data on the status of their own systems.
- Migrated these control center systems onto an intranet platform, providing company wide access, using a web browser, to every facet of the data and information from all of the control centers.
- Migrated the core control center systems, in browser format, on a variety of palm devices such as the Palm III and many Windows CE devices.
Worked with other major project leaders in the development of their systems. Served as advisor on integration into other existing and 'in-progress' systems. Was also responsible for general evaluation of project direction, resource allocation and feasibility, sometimes leading to major project redirection or project termination.
Managed the Manhattan Electrical Maps and Records Department and the Apollo Group. Responsible for the production of all electrical maps and the updating of associated electrical models.
Coordinated the integration of the new electronic
mapping systems and the model generation into the existing manual mapping
organization.
Software and Systems
Consultant (full-time at ConEdison) (March, 1988 - March, 1991)
Developed and converted engineering analysis software, using networked Apollo workstations.
Created and tested simulation models of city-wide electrical distribution system. These models are used to analyze the distribution system under various normal and critical load configurations to determine most effective allocation of physical and human resources.
Interfaced between VISION, S&IP (at the time, now IR) and Engineering Departments to develop, document and implement specifications for changes to existing engineering software and databases.
INDEPENDENT CONSULTANT (concurrent with
ConEdison) (May,
1987 March, 1991)
Systems Engineering
Consultant for Industrial Automation Systems.
Provided complex system engineering for multi-vendor, multi-level industrial automation systems including:
- detailed functional specifications.
- hardware and software configurations.
- hardware and software implementation.
- user training and documentation.
- total system troubleshooting including identification, diagnosis and correction of any system malfunction, whether software, hardware, data communications, or human error.
GOULD ELECTRONICS, INC. Andover, MA (August, 1984 May, 1987)
Regional Systems Specialist
- Parsippany, NJ Field Service Office.
Last-resort troubleshooting of complex hardware/software/engineering problems involving plant outages or other circumstances of extreme pressure.
Interfaced with Gould Engineering and Manufacturing to resolve problems discovered in the field which resulted from imperfections in design or manufacture of the product line.
Trained Field Service Engineers in trouble-shooting of complicated system problems.
Acted as consultant and technical advisor to customers, senior management, and other company technical personnel on all aspects of the Gould product line and competitive hardware and software.
Senior Applications Engineer
- Philadelphia, PA Sales Office
Reviewed and modified customer system design proposals
Developed original hardware/software system design to customer specifications using both Gould and other vendor hardware.
Trained customers in writing advanced and complex software supported on Gould equipment.
Provided technical expertise to Sales Engineers during customer calls.
Worked as advisor/consultant to Gould Engineering and Marketing Departments concerning the specifications and design of new products.
LUKENS STEEL COMPANY,
Coatesville, PA (June,
1976 August, 1984)
Lead Systems Engineer and
Hardware Engineer - Process Control Department
Responsible for overall systems engineering and hardware design of five-year migration project featuring multi-vendor distributed computer/programmable control system.
Responsible for implementation of all technology required to support the system, including mini- and micro-computers, programmable controllers, fiber-optic communications, statistical multiplexers, and total system networking.
Designed and implemented many local control system replacements using state of the art programmable controllers.
Worked on introduction of all non-data processing computer equipment within company.
Electrical Engineer -
Electrical/Mechanical Maintenance Division
Coordinated maintenance activities during major plant and facility outages.
Responsible for line supervision of hourly and salaried employees.
Developed and implemented OSHA inspection program for all 200 overhead cranes within plant. Produced detailed documentation of all violations.
Hardware:
SUN: Enterprise, Sparc
DEC: Alpha, VAXstation, DECstation, PDP-11, Terminal Servers, Routers, Terminals
HP: C160, 9000/735, Apollo DN10000, Apollo DN5500 etc.
IBM PC, Compaq, Dell etc.
Routers, Firewalls, VPNs, IDS, Switches, Bridges and Concentrators
Modicon Programmable Controllers
Modems, Data Line Analyzer, RS232 interface
Software:
SUN: Solaris
DEC: Alpha VMS, Alpha UNIX, Alpha NT, Alpha OSF, VAX VMS, Ultrix, RSX-11, Netscape Server, TCP/IP, DECNET, OSF-X11
HP: HPUX, Apollo Domain, OSF-X11
PC: Linux, Windows (all), MS-DOS, Netscape, Internet Explorer, Office Suite
Languages:
HTML, CGI, Java
C, Fortran, Basic
Programmable Controller Ladder Logic
EDUCATION
Lafayette College, Easton, PA, 1976. BSEE with concentration on Computer Design,
Control Systems, Power Generation and Transmission.
ISC^2, 2003. Computer Information System Security
Professional (CISSP) certification.
SECRET
Clearance, May 2004