Description
Senior Chief Technology Officer / Chief Scientist / Chief Engineer with extensive experience in strategic planning, business development, technical planning and operational execution of complex networking, computer and network security, robotics, autonomous land navigation, vehicle control systems, artificial intelligence planning, business process automation and distributed, data intensive software development and research and development organizations in DoD, industry and academia. * Proven accomplishments as demonstrated by success in developing research and development programs, launching new products, achieving revenue goals, cost savings, business restructuring, business process integration, security controls development, security management, and enterprise management systems integration. * Proven inventor of key Cyber technologies including Cyber Mission Planning, Cyber Command and Control, Offensive Cyber Operations and, Defensive Cyber Operations systems. * Skillful manager of the entire software development lifecycle (SDLC) from product concept, to requirements, to analysis, design, development, test planning, component test, integration test, packaging, roll-out and delivery. * Demonstrated product development for wearable medical appliances with embedded processors (ARM M0, ARM M4) on Cypress Semiconductor PSOC 6, using direct print to electronics solid freeform fabrication technologies. Wrote sensor device drivers, sensor applications, smart phone integrating applications, and scalable, secure, distributed backend infrastructure to meet HIPAA and FISMA privacy and security requirements. * Significant practical experience in information technology, and information security governance, risk management and compliance. * Proven Corporate CISO experience in a large, heterogeneous, distributed organization. * Direct development and execution of full spectrum CNO efforts, including Network Warfare Operational Capabilities for 950th ELSG, initially on two contracts, each subsequently extended. * Extensive background in control system design, development, stability analysis and performance tuning for robotics, automotive embedded electronics, and missiles. * In depth knowledge, installation, and use of enterprise network management systems, internet security systems and markets. * Demonstrated excellence in business process integration software product development, enterprise management solutions delivery, and operational management of the information technology planning and delivery process. * A hands-on energetic team participant who effectively, yet firmly, drives consensus in dynamic and challenging environments. * Significant contributions to businesses, and to research, using information technology to drive the cost and time out of business processes, thus accelerating product development, increasing revenue, and driving profit to the bottom line. * Nationally recognized technology leader in the federal government, with established contacts and customer relationships with DARPA, U.S. Army, U.S. Air Force, U.S. Navy, U.S. Marine Corps, National Security Agency, National Geospatial and Imagery Agency, Central Intelligence Agency, Department of Homeland Security, Department of Commerce, Office of National Drug Control Policy, Federal Bureau of Investigation, Department of Commerce, Department of Justice, and others. KEY EXPERIENCE AND QUALIFICATIONS Served as lead developer and CTO for autonomousID, a manufacturer of BioSole, a medical appliance with 949 pressure sensors, 949 thermal sensors, a GPS receiver, a 9 DOF inertial navigation system, Blue Tooth low energy receiver-transmitter, and Wi-Fi receiver-transmitter. Placed 1st in a World-Wide "Technology Innovation for Diabetes, " against a field of 410 entries, as a diabetes detector and diabetes disease progression monitoring system. Key contributions included: * Participated in contribution or authoring key parts of 8 patents in gait-based approaches for disease detection and disease monitoring. 6 have been awarded, 2 remain in process. * Chief design engineer for the BioSole system of systems, and BioSole sensor appliance. * Wrote device drivers for sensor systems, and developed BLE communication interfaces between BioSole and smart phone applications. * Delivered technical presentations to potential investors. While serving as Cyber Chief Scientist, and Acting Chief Information Security Officer (CISO) at Battelle Memorial Institute, Dr. Mettala participated directly in a number of activities that closely align with requirements for the AutonomousID Chief Technology Officer position. These include contributions in several critical areas including: Leadership & Execution * Defined an information security program including development of security policies, definition of the corporate CISO organization, defined security standards including FISMA, PCI, SOX, HIPAA, ISO 27001, NIST 800-53, specified security controls necessary to comply with required security standards, identified and procured assessment tools including vulnerability assessment, network topology mapping, and security mapping tools. * Established the Cyber Security Working Group (CSWG), including senior executive leadership, and directed daily standup, and monthly executive briefings to the Board of Directors Executive Committee. CSWG retained complete responsibility for the definition, execution and compliance verification of the security program. * Established a vulnerability and risk management program, including identification of vulnerabilities, risk assignment for each vulnerability, and daily management of all risk burn-down efforts. * Developed a policy for security incident response. Identified key individuals to participate in IR efforts. Identified and contracted with backup expert organizations provide incident response on an as needed basis. Exercised and Directed Incident Response team in remediation of an advanced, nation-state advanced persistent threat (APT). * Managed acquisition of scope of enterprise security technologies, coordinated staff training in their usage, and participated in training. Technologies included: McAfee EPO McAfee VSE McAfee DLP McAfee NIP McAfee HBSS McAfee End-Point Encryption Triumphant Network Intrusion Prevention, and Damballa Failsafe. * Defined, specified and configured a comprehensive set of appropriate metrics used to determine effectiveness and efficacy of IT Security controls in the context of the known organization vulnerability posture. * Defined, specified and configured corporate Public Key Infrastructure (PKI), certificate management, certificate authority and key storage mechanisms. * Built and maintained relationships with business leaders to ensure the IT Security program meets their requirements and expectations. * Coordinated directly with CxO's, and Presidents of operating divisions to ensure that executive leadership was informed of current risk profile, activities ongoing to improve the risk profile, and impact on business requirements that might arise due to current vulnerabilities and risks, and ongoing risk burn down activities. * Defined security organization, wrote job descriptions, hired the CISO staff, defined training program, defined training plans and materials. * Defined and led a non-nonsense approach to vulnerability assessment, risk identification and risk burn-down necessary to achieve a culture of continuous IT Security improvement.. * Identified working relationships with McAfee, Symantec, Damballa and Triumfant to coordinate ever evolving knowledge of emerging threats. Coordinated with counterpart CISO's to identify, test, and verify appropriate threat mitigation courses of action. Operational * Defined and managed day-to-day execution of Information Security for an international organization of 9 major sites including 7 DOE Laboratories and 22,700 end users. * Defined and managed processes for security controls management, security and information event management, virus, spam, phishing, and malware identification and remediation. * Wrote the information security policies * Provided strategic risk guidance and operational assessment for IT projects, including the evaluation and recommendation of technical solutions and controls. * Maintained daily and monthly highly organized approaches for scheduling security initiatives in response to currently identified vulnerabilities and risks. Coordinated with sector Presidents to identify potential conflicts with security roll-out schedules and sector business operations. * Provided training for IT security staff of industry trade study approaches, conducted and maintained active trade studies for 11 separate security technology areas (e.g., Host Intrusion Prevention, Data Loss Prevention, etc.). Ensured that relevant monitoring and assessment tools and resources are available to IT security staff. * Defined and developed corporate BYOD policy. Consulted on network security and regulatory compliance of enterprise wireless implementations.
Work Experience
Accomplishments
Highlights:
Companies I like:
Bravura Information Technology Inc.
Job Skills
Keywords
