BILLY M. WALTERS
August 2010-Present Securboration, Melbourne FL
Information Security Architect
* Managed key DoD customer relationships.
* Integrated information assurance into existing solution lines.
* Managed cost schedule and progress of small software development teams.
* Modeled semantic interoperability with information assurance concepts.
* Delivered capability briefings to customers.
November 2007-August 2010 Northrop Grumman, Melbourne FL
Information Security Architect
October 2003-November 2007 General Dynamics, Melbourne FL
Information Assurance Manager
* Directed security risk management, compliance and design of large-scale enterprise architectures.
* Provided executive security guidance to global supply chain, including suppliers from software, manufacturing, transportation and distribution industries.
* Generated sales of $3.25 million in FY 2009 and managed $1.5 million.
* Security and Risk Management Responsibilities
* Final approval and risk acceptance of information security architectures and artifacts.
* Decreased program risk metrics by 40%.
* Identified programmatic and technical information security risks.
* Created security and risk management artifacts, presented them to upper management and built consensus for recommendations.
* Interfaced with government compliance organizations to mitigate certification risks.
* Performed Defense Information Security Agency (DISA) Security Readiness Reviews (SRR) and Security Technical Implementation Guidelines (STIG) to mitigate technical risks.
* Maintained DoD security Approval to Operate.
* Assessed compliance with various security standards, such as DO-178B, ISO/IEC 2700 Series, JAFAN 6/3, DoDI 8500 Series, NATO Series, Global Information Grid (GIG), Net-Centric Operations Warfare, DoD Architecture Framework (DODAF) and Net-Centric Enterprise Services (NCES).
* Project Management Responsibilities
* Managed 20 indirect reports.
* Liaison to international risk management stakeholders, including legal and accreditation authorities.
* Managed cost, schedule and technical progress of 8 trade study teams.
* Reported earned value to upper management.
* Represented corporate interests on government committees.
* Staffed and mentored engineering teams for efficient execution.
* Estimated time and materials for cost proposals.
* Created detailed plans and work breakdown structures to define milestones and inch-stones.
* Technology and Data Architecture Responsibilities
* Led all stages of information security systems engineering including requirements analysis, functional analysis, integration, verification, validation, governance and compliance.
* Designed boundary protections, anti-tamper, data architecture, identity management, vulnerability patching, key management and availability controls.
* Presented technical architectures, studies and deliverables to customers and upper management for final approval and implementation.
* Wrote engineering plans for software reuse, software development, systems engineering management, and security certification and accreditation.
* Defined interface specifications and software architectures.
* Led operational UML system modeling and thread development.
* Reviewed and assessed application code for vulnerabilities.
* Designed, implemented and analyzed infrastructure prototypes for 1) DDS Publish/Subscribe, 2) Identity Management with SOAP-embedded X.509 Certificates, 3) Multi-level BEA WebLogic Service Bus on Solaris 10 with Trusted Extensions, 4) Data-labeling Gateway, 5) JNI Bindings to Trusted Extensions for J2EE applications, and 6) Multilevel Monitoring and Control System for Avionics.
* Led, implemented and presented key trade studies for security boundary devices and thin-client visualization performance.
* Negotiated information security architectures with accreditation authorities from National Security Agency and the US Air Force.
* Administered 15-20 Sparc-based Trusted Solaris hosts.
* Modeled messaging interfaces and data flows with UML and Java.
* Programmed modules for processing of multi-classification data.
* Wrote subsystem specifications and software requirements specifications.
March 1999-August 2003 Ernst & Young L.L.P., Los Angeles & New York
Manager, Security and Technology Solutions, 2000 – 2003
* Delivered security and business advisory services to healthcare, technology, communications, entertainment and financial services customers.
* Developed and delivered risk management methodologies, information security policies and custom information security service offerings.
* Performed and managed compliance assessments for SOX-404, HIPAA, GLBA, SAS70
* Performed business effectiveness analyses.
* Performed enterprise architecture reviews.
* Led and attack and penetration engagements.
* Generated $1.1 million in service revenue in FY 2002.
* Built successful client relationships.
* Chaired capability briefings, kickoff meetings and final debriefings.
* Participated in weekly client strategy and planning meetings.
* Managed engagement scope, completion criteria and key performance indicators.
* Managed advisory service engagement teams.
* Staffed to ensure client satisfaction, leadership development and learning.
* Wrote proposals, statements of work and statements of objectives.
* Budgeted to minimize risk and balance customer expectations.
* Scheduled to integrate objectives, deliverables and milestones.
* Interviewed, evaluated and mentored colleagues.
May 1998-March 1999 Sytel Inc., Bethesda MD
* Developed information security business plans, marketing collateral and best practices.
* Performed network security assessments.
* Implemented network architectures.
July 1996-May 1998 Trident Data Systems, Oakton VA
Network Systems Engineer
* Administered Unix, Windows NT and Cisco equipment.
* Wrote shell scripts, C programs and Perl scripts.
* Implemented virtual private networks.
* Remotely monitored client networks for security breaches.
* Instructed 50+ certified training courses for Checkpoint’s Firewall-1.
* M.S. Telecommunications, University of Colorado, Boulder, CO 1999
* B.S. Mechanical Engineering, University of North Carolina, Charlotte, NC 1994
CERTIFICATIONS AND CLEARANCES
* Top Secret DoD Clearance (Active)
* CISSP (Certified Information Systems Security Professional) #3989
* ISSAP (Information Systems Security Architecture Professional) #3989