PDF of resume Available: HERE
Critical Infrastructure Cyber Security Resume
(Top Secret Clearance, Prior SCI, SABSA Certified Security Architect)
Jack Whitsitt | sintixerr@gmail.com | 703-409-9366 | Washington, DC
NOTABLE SUCCESSES
- Collaborative strategy for cyber security in the transportation sector to be used by industry and government (2012)
- Improved, more strategic TSA approach to cyber security and risk management in the private sector (2012)
- TSA adoption and implementation of collaborative business-driven risk management initiative supporting the national Pipeline industry (2012)
- First ever transportation cyber security exercise (2011)
- 2011 Cyber Security in Transportation Summit with 300+ attendees from private industry and government and 30+ speakers (2011)
- Volunteer Chairman of the Board of a 501c3 Arts non-profit (2007)
TECHNICAL ACHIEVEMENTS
- Software which makes art out of brainwaves recorded by consumer EEG-reading headset (2010)
- Open-source software implementing completely new method for visualizing network packet captures (Pkviz, 2008)
- Large data security visualization methodologies ultimately used by ArcSight in developing their Interactive Discovery tool (2004/6)
- Statistical anomaly detection & correlation add-on to ArcSight SIEM (still in use today) using log distance calling fraud detection engine (2004/5)
- Groundbreaking open-source active-response honeypot security software (Bait and Switch, 2003)
SPEAKING ENGAGEMENTS
- Cyber Security in Transportation Summit, Moderated Risk Management Panel, Washington DC, 2012
- NATO – Emerging Security Challenges, Cyber Security Isn’t Really Cyber, Tbilisi, 2011
- B-Sides Chicago Hacker Con, Human Attribute Cyber Security, Chicago, 2011
- Energysec Summit, Executive Responsibility in Cyber Security, Denver, 2010
- DoD/JTF-GNO Joint Information Assurance Tech Exchange, Data visualization for network security, Washington DC, 2005
- Recon Reverse Engineering Conference, Massive Data Visualization for the purposes of monitoring IDS, Montreal, 2005
- Northeastern University‘s ACM Speaker Series, Massive Data Visualization for the purposes of monitoring IDS, Boston MA, 2005
- Rubicon Hacker Con, Aggressive Honeypots, Detroit MI, 2003
REFERENCE QUOTE
“You and the team applied creativity and new techniques that have proven to be successful. I know the task has not been easy or without struggle on many fronts. But it was clear…that your efforts have been effective. Not just in completing your mission but in improving a much larger mission. You have influenced government and private industry to at least turn their wheelhouses in the right direction, as the ADMRL would put it… But the larger change that you may not see is you have begun to improve the overall security of the United States. I cannot say that about many people or many programs. The efforts you have taken you should be proud of, it is making a difference and people are listening.” – Senior Colleague
EMPLOYMENT AND WORK HISTORY
TSA | National Cyber Critical Infrastructure Protection, Awareness, Outreach (Team Lead)
11/2010 – PRESENT
Enhance TSA’s cyber security role with private industry as the Transportation Sector Specific Agency (SSA) under the National Infrastructure Protection Plan (NIPP)/Homeland Security Presidential Directive 7 (HSPD-7). Responsibilities include:
- Develop strategic consensus on cyber security topics across multiple organizations, industries, stakeholder seniority levels, and backgrounds
- Facilitate identification, prioritization and coordination of federal cyber security activities within transportation sector
- Design and gain support for implementation of sector-wide risk management program
- Promote and coordinate cyber security awareness of owners, operators
- Provide program level guidance for Critical Infrastructure (CIKR) protection to transportation and cross-sector communities
- Encourage private industry participation in non-mandatory initiatives
- Facilitate development of sector information sharing programs and mechanisms
- Develop agenda for and co-lead monthly national Transportation Systems Sector Cybersecurity Working Group (TSSCWG)
- Provide cyber security training to 60,000+ TSA employees as well as external stakeholders
Kingfisher Systems – TSA Contract | National Critical Infrastructure Cyber Security Expert
08/2010 – 11/2010
Contracted to enhance TSA’s cyber security role with private industry as the Transportation Sector Specific Agency (SSA) under the National Infrastructure Protection Plan (NIPP)/Homeland Security Presidential Directive 7 (HSPD-7)
Securicon (1099) | Control Systems Incident Consultant
06/2010 – 08/2010
Short 1099 contract to Securicon to investigate customer control systems (SCADA) incident. Utilized technical log analysis, scripting, visualization, presentation, and control systems security knowledge to determine potential root cases and present to executive leadership.
Idaho National Lab (INL) | ICS-CERT Liaison to DHS NCCIC/US-CERT
09/2009 – 06/2010
Supported Industrial Control Systems CERT (ICS-CERT) at the DHS National Cybersecurity and Communications Integration Center. Responsibilities included respond to and analyze control systems (SCADA) related incidents, providing situational awareness in the form of actionable intelligence, coordinating the responsible disclosure of vulnerabilities/mitigations, sharing and coordinating vulnerability information and threat analysis through information products and alerts, contributing to ICS-CERT & NCCIC CONOPS, and providing ICS-CERT briefings to senior cyber leadership of DHS, FBI, DOD including ongoing investigations and onsite incident response efforts
KCG – TSA Contract | National Critical Infrastructure Protection Cyber Security Expert
09/2008 – 09/2009
Contracted to enhance TSA’s cyber security role with private industry as the Transportation Sector Specific Agency (SSA) under the National Infrastructure Protection Plan (NIPP)/Homeland Security Presidential Directive 7 (HSPD-7)
KCG – TSA Contract | Senior Enterprise Information Security Architect
09/2006 – 09/2008
Contracted to utilize Federal Enterprise Architecture (FEA) and SABSA Enterprise Security Architecture knowledge to provide NIST and FISMA-driven security policy, engineering, and compliance services to TSA.
Lockheed Martin | SOC Shift Lead
07/2006 – 09/2006
Contracted to use ArcSight SIEM correlation and SOC CONOPS experience to enhance the FBI’s internal SOC team. Work with ArcSight administrator, ESOC lead, and other team members to develop ArcSight rules, channels, and analysis methodology. Oversee second-shift contractors and provided senior level analysis escalation.
Netsec | Correlation Architect, CSIRC Lead, Security Engineer, SOC Analyst
10/2003 – 07/2006
Hired by NetSec MSSP (now a part of Verizon Business) as a senior SOC analyst. Repeatedly rewarded for outstanding analysis capability and then promoted to multi-disciplinary Tier 3 team charged with improving the SOC through technology, process, training, and customer service. Specialized in developing analysis methodology, advanced automated data correlation and filtering techniques, and leading development/selection and integration of custom tools. Also led client operational relationship with large government Incident Response Coordination contract.
Perot Systems | IT and Desktop Engineer
10/1998 – 10/2003
Provided desktop, IT, development, system administration to large IT consulting firm in multiple locations throughout the US, including an Army Depot location tasked with neutralizing VX nerve agent.
PREVIOUSLY USED TECHNOLOGY (Not exhaustive)
- SEM / SIM: ArcSight, NeuSecure, Custom correlation tools
- Enterprise Architecture: MEGA tool, SABSA methodology, FEA Framework
- IDS / IPS / HIDS / NIDS: ISS, Enterasys Dragon, NFR, Sourcefire, McAfee (Intrushield), Cisco , Intrusion, Snort
- Scripting and Programming: C, Bash Shell Scripting, Python, PHP
- Vulnerability Scanning: Nessus
- Services: Postfix, Apache, IIS, MySQL, Oracle, others
- Firewalls: Checkpoint, Cisco Pix, iptables
- Ticketing: Remedy
- Visualization: Advizor Solutions’ “Advizor” visualization tool
- Server Platforms: Linux (various flavors), Windows 2000, Windows NT
- Protocols: TCP/IP (OS, network, and packet analysis), Custom developed TCP/IP extensions
- Honeypots / Honeynets: various flavors






6 comments
Comments feed for this article
May 9, 2008 at 2:50 pm
Off to see the Artomatic and Generic Site Info « Jack Whitsitt : Portraits and other Artworks
[...] Enterprise Security Architecture Resume / Security CV [...]
February 10, 2009 at 3:09 pm
National Critical Infrastructure Cyber Security SME Resume Update « Jack Whitsitt : Art and Security
[...] National Critical Infrastructure Cyber Security / Enterprise Security Architecture Resume / Security… [...]
February 4, 2011 at 8:14 pm
Christopher Hinn
This is a very impressive and extensive resume. You have a very good background. You can offer a lot of services because you are well-trained in your field of expertise.
October 31, 2011 at 2:58 am
Call A Job
Great information! Very useful and impressive, I will be looking to participate in the discussions if you guys are looking to discuss this thread further.
April 23, 2013 at 8:22 pm
arlington virtual office
It is in point of fact a great and helpful piece of information.
I am satisfied that you simply shared this useful information with us.
Please keep us informed like this. Thanks for sharing.
May 9, 2013 at 6:34 am
it consultancy companies in uk
I think the admin of this site is actually working hard for his web site, as here every data
is quality based material.