DAVID JON HENDRIE, CISSP

617 W 3rd Ave

Lititz, PA 17543

Contact Information: DavidHendrie.com

 

 

OVERVIEW

 

Responsible for integrating an Automated Intrusion Detection and Response System (T-AIDR) into Army Future Combat Systems (FCS) Program. With CERDEC, coordinated a multi-vendor environment where we built a 450+ computer lab emulating tactical networks and applications where cyber warfare testing was performed to validate the maturity of the T-AIDR technology to TRL 6. Prepared and presented the TRL 6 report for T-AIDR to the IRT supporting Army G6.

 

Worked in development of Strategic Plans for the Department of Defense. One plan is for the implementation of a Computer Network Defense Enterprise Sensor Grid, and the other for the implementation of a multi-tier Computer Network Defense Situational Awareness Capability.

 

Worked almost five years as a senior security systems engineer at AT&T Labs, the birthplace of networks and network security. Developed and implemented a Honey Pot Deployment Architecture; patents pending. Designed and deployed a breakthrough no-false-positive Intrusion Detection System; patents pending. Developed analysis techniques to determine malicious intent from network content data. Worked with USPS on NetPost Certified, the electronic version of certified and registered mail. Consulted internally on numerous security and network management projects.

 

Worked eleven years as a systems engineer at Con Edison developing automated engineering and operational SCADA systems for the analysis and distribution of electricity in all of NYC and Westchester. Incorporated all above systems into unified desktop, including alarm dashboard, in the distribution control centers, company intranet, and onto Palm devices. Managed the Development and Support efforts for these six control centers with 24x365 coverage.

 

Worked three years at Gould Electronics (Modicon), a leader in the industrial automation marketplace. Performed pre-sales support as an application engineer and post-sales support as a systems specialist. Worked in all industries including manufacturing, petroleum, chemical, mining, food, and cryogenics.

 

Worked eight years at Lukens Steel Company as an engineer in the maintenance organization and as a systems engineer in the process control organization. Held multiple positions from managing large groups of trade craftsmen to designing and implementing large-scale multi-vendor process control systems.

 

ISC^2, 2003. Computer Information System Security Professional (CISSP) certification.

 

SECRET Clearance, May 2004


EXPERIENCE

 

TECHRIZON, LLC, A STANLEY Company

 

Security Systems Lead NJ (Feb, 2006 Present)

        Worked as contractor to Boeing on the Army Future Combat Systems (FCS) Program. Was responsible for integrating an Automated Intrusion Detection and Response System (T-AIDR) into FCS. Interfaced with DARPA*, where this technology was in early testing and maturation, on transitioning and maturing the technology into FCS. With CERDEC, coordinated a multi-vendor environment where we built a 450+ computer lab emulating tactical networks and applications where cyber warfare testing was performed to validate the maturity of the T-AIDR technology to TRL 6. Prepared and presented the TRL 6 report for T-AIDR to the IRT supporting Army G6.

o       Developed and Implemented FCS Program Risk Plan for Intrusion Detection.

o       Coordinated T-AIDR Test Team and Boeing on transitioning T-AIDR technology into FCS.

o       Delivered T-AIDR technical briefs to various Army and DOD organizations.

        Participated as IA SME in TEAM ONE, systems engineering group, on integrating FCS system of systems designs.

        Worked on FCS restructuring in response to Army s FCS redirection.

 

*Defense Advanced Research Projects Agency

 

DREAMHAMMER, INC. (in mentor-prot g agreement with AT&T)

 

In a mentor-prot g program, an established, experienced prime federal contractor guides a newcomer, teaching the smaller company's officials how to build a federal business.

 

Senior Security Architect (May, 2004 October, 2004)

        Worked in development of a Strategic Plan for the Department of Defense (DOD) Computer Network Defense (CND) Situational Awareness Capability. This multi-tier situational awareness capability, to be in place in 2006, provides a common operational picture that will allow operators at every level to have immediate access to critical information. Developed a survey and distributed it to DOD organizations to determine the current as-is architecture. Developed an end-state architecture for this operational capability together with the roadmap leading to its implementation.

        Worked in development of a Strategic Plan for the Department of Defense (DOD) Computer Network Defense (CND) Enterprise Sensor Grid. The Enterprise Sensor Grid is to be completed by 2008 with the intermediate Federated Sensor Grid in place by 2006. All sources of Computer Network Defense Information, whether dedicated to CND or part of the Network Protection Architecture (i.e. Routers and Firewalls) are part of this Grid. Developed and distributed a survey for DOD organizations to determine the current as-is architecture. Developed an end-state architecture and a sensor placement strategy for the grid as well as the roadmap leading to its implementation.

 

A T & T

 

Senior Security Systems Engineer AT&T Labs (August, 1999 May, 2004)

        Developed and implemented a unique Honey Pot Deployment Architecture; patents pending. This architecture solves the major problems of deploying Honey Pots within a corporate environment while increasing their flexibility and management.

        Designed and deployed a breakthrough no-false-positive Intrusion Detection System (IDS); patents pending. Based on the earlier work with the Honey Pot Deployment architecture, this innovative and highly cost effective IDS can be deployed for one tenth of the typical cost of IDS deployments.

        Worked with internal developers of network analysis toolset. As a member of the Advanced Analysis and Intelligence District, I exercised the toolset to perform network analysis and find the limiting factors and shortcomings of the software. During this process, I developed analysis techniques to determine malicious intent from network content data.

        Worked with USPS on NetPost Certified, the electronic version of certified and registered mail. I evaluated vendor proposals and helped develop the requirements for this system.

        Worked with a team in preparing AT&T's responses to RFP's and RFI's. Technical area of response is systems engineering, network management, security, and PKI.

        Evaluated a wide variety of new technologies for application into possible security solutions.

        Worked with at team to develop a prototype Intrusion Detection Correlation Engine.

 

CONSOLIDATED EDISON COMPANY of NEW YORK

 

Manager of Engineering Automation Group (March, 1991 August, 1999)

        Developed, implemented, and supported company's integrated electrical distribution control center system. This system has subsequently been deployed to the remaining five distribution control centers within the company, and is responsible for monitoring and analysis of electrical distribution for all five boroughs of New York City and Westchester. It provides access to multiple independent data acquisition and analysis systems through a standard client platform.

-              Built from scratch a state of the art DEC based data acquisition system to replace the existing Apollo system, resulting in massive improvement in data gathering speed and analysis and alarm capabilities.

-              Developed contingency analysis software, which performs sophisticated analysis on both the electrical models and the current live status of the underground electrical distribution system for New York City.

-              Developed Alarm Server and Monitor system that receives and displays alarms from any other applications on the network, and provides the ability to link back to the sending system to receive more detailed data on each alarm.

-              Developed an alphanumeric paging system supporting multiple paging vendors. Integrated this system into the existing control center systems, including paging individual customers during distribution and transmission events, providing them with up to the moment data on the status of their own systems.

-              Migrated these control center systems onto an intranet platform, providing company wide access, using a web browser, to every facet of the data and information from all of the control centers.

-              Migrated the core control center systems, in browser format, on a variety of palm devices such as the Palm III and many Windows CE devices.

        Worked with other major project leaders in the development of their systems. Served as advisor on integration into other existing and 'in-progress' systems. Was also responsible for general evaluation of project direction, resource allocation and feasibility, sometimes leading to major project redirection or project termination.

        Managed the Manhattan Electrical Maps and Records Department and the Apollo Group. Responsible for the production of all electrical maps and the updating of associated electrical models.

        Coordinated the integration of the new electronic mapping systems and the model generation into the existing manual mapping organization.

 

Software and Systems Consultant (full-time at ConEdison) (March, 1988 - March, 1991)

        Developed and converted engineering analysis software, using networked Apollo workstations.

        Created and tested simulation models of city-wide electrical distribution system. These models are used to analyze the distribution system under various normal and critical load configurations to determine most effective allocation of physical and human resources.

        Interfaced between VISION, S&IP (at the time, now IR) and Engineering Departments to develop, document and implement specifications for changes to existing engineering software and databases.

 

 

INDEPENDENT CONSULTANT (concurrent with ConEdison) (May, 1987 March, 1991)

 

Systems Engineering Consultant for Industrial Automation Systems.

        Provided complex system engineering for multi-vendor, multi-level industrial automation systems including:

-              detailed functional specifications.

-              hardware and software configurations.

-              hardware and software implementation.

-              user training and documentation.

-              total system troubleshooting including identification, diagnosis and correction of any system malfunction, whether software, hardware, data communications, or human error.

 


GOULD ELECTRONICS, INC. Andover, MA (August, 1984 May, 1987)

 

Regional Systems Specialist - Parsippany, NJ Field Service Office.

        Last-resort troubleshooting of complex hardware/software/engineering problems involving plant outages or other circumstances of extreme pressure.

        Interfaced with Gould Engineering and Manufacturing to resolve problems discovered in the field which resulted from imperfections in design or manufacture of the product line.

        Trained Field Service Engineers in trouble-shooting of complicated system problems.

        Acted as consultant and technical advisor to customers, senior management, and other company technical personnel on all aspects of the Gould product line and competitive hardware and software.

 

Senior Applications Engineer - Philadelphia, PA Sales Office

        Reviewed and modified customer system design proposals

        Developed original hardware/software system design to customer specifications using both Gould and other vendor hardware.

        Trained customers in writing advanced and complex software supported on Gould equipment.

        Provided technical expertise to Sales Engineers during customer calls.

        Worked as advisor/consultant to Gould Engineering and Marketing Departments concerning the specifications and design of new products.

 

 

LUKENS STEEL COMPANY, Coatesville, PA (June, 1976 August, 1984)

 

Lead Systems Engineer and Hardware Engineer - Process Control Department

        Responsible for overall systems engineering and hardware design of five-year migration project featuring multi-vendor distributed computer/programmable control system.

        Responsible for implementation of all technology required to support the system, including mini- and micro-computers, programmable controllers, fiber-optic communications, statistical multiplexers, and total system networking.

        Designed and implemented many local control system replacements using state of the art programmable controllers.

        Worked on introduction of all non-data processing computer equipment within company.

 

Electrical Engineer - Electrical/Mechanical Maintenance Division

        Coordinated maintenance activities during major plant and facility outages.

        Responsible for line supervision of hourly and salaried employees.

        Developed and implemented OSHA inspection program for all 200 overhead cranes within plant. Produced detailed documentation of all violations.

 

 


TECHNICAL SUMMARY

 

Hardware:

        SUN: Enterprise, Sparc

        DEC: Alpha, VAXstation, DECstation, PDP-11, Terminal Servers, Routers, Terminals

        HP: C160, 9000/735, Apollo DN10000, Apollo DN5500 etc.

        IBM PC, Compaq, Dell etc.

        Routers, Firewalls, VPNs, IDS, Switches, Bridges and Concentrators

        Modicon Programmable Controllers

        Modems, Data Line Analyzer, RS232 interface

 

Software:

        SUN: Solaris

        DEC: Alpha VMS, Alpha UNIX, Alpha NT, Alpha OSF, VAX VMS, Ultrix, RSX-11, Netscape Server, TCP/IP, DECNET, OSF-X11

        HP: HPUX, Apollo Domain, OSF-X11

        PC: Linux, Windows (all), MS-DOS, Netscape, Internet Explorer, Office Suite

 

Languages:

        HTML, CGI, Java

        C, Fortran, Basic

        Programmable Controller Ladder Logic

 

 

EDUCATION

 

Lafayette College, Easton, PA, 1976. BSEE with concentration on Computer Design, Control Systems, Power Generation and Transmission.

 

ISC^2, 2003. Computer Information System Security Professional (CISSP) certification.

 

SECRET Clearance, May 2004