PDF of resume Available: HERE

National Cybersecurity Protection, Resilience, and Partnership Resume / CV

SUMMARY/BIO

 Jack Whitsitt, recently identified by Tripwire as one of the top 10 Rising Stars and Hidden Gems in security education, and winner of TSA’s “Honorary Award” – the highest award given by the agency – brings a breadth of cyber security knowledge and thought leadership to any project he is involved with.

Currently a principle Analyst for Energysec, his unusual combination of hard technical, public/private partnership development, facilitation, and national risk management experience allow him to provide particular insight into and leadership of strategic organizational, sector, and national cyber security initiatives and educational endeavors.

A participant in the national critical infrastructure protection dialogue for seven years, Jack has provided regular advice, insight, and thought leadership to all levels of government and industry and has been responsible for several successful sector-level initiatives. His background includes facilitation, cutting-edge technical research & development, national control systems cyber incident response (as a member of ICS-CERT via Idaho National Lab at the NCCIC), community building, large scale data analysis, Sector Specific Agency program development & execution (as a GS-14 at TSA), sales & marketing, and more.

Further, Mr. Whitsitt’s experience and skill at developing and providing targeting training and education opportunities to a variety of audiences allows him to effectively communicate his knowledge and to positively affect behavior, culture, and outcomes within organizations.

Recently, Mr. Whitsitt was also cited as an author in a NATO-sponsored report to develop Cybersecurity Confidence Building Measures intended to help nations avoid unintentional conflict escalation in cyberspace and was invited by name to a related MIT-sponsored “Cyber Norms Workshop 3.0” discussing sources of instability in cyberspace, cyberwar, deterrence, and related topics.

EMPLOYMENT AND WORK HISTORY

Energysec/NESCO | 07/2012 – Present | Principle Analyst

Helping to develop a non-profit organization focused on developing and providing educational cybersecurity products, services, and capabilities for under-served small and medium electric utilities.

  • Presently writing a “Practical Cybersecurity Frameworks for Executives and Technologists” class for delivery in 2015 and a follow-up to a one-time class on “Cybersecurity Framework Development and Integration Techniques” given in 2013.
  • Applied federal sector specific agency program and partnership building, national industrial control systems incident response, and security tool R&D experience to participation in all six of the NIST Cybersecurity Framework Development Workshops across the country. Was invited by name to the White House release event.
  • Facilitated a series of workshops to create internal report on Small & Medium electric utility Incident Response needs using the NIST Framework and NERC CIP as supporting context.
  • Formerly supported the National Electric Sector Cybersecurity Organization (NESCO).

TSA | 11/2010 – 07/2012 | National Cyber Critical Infrastructure Protection, Awareness, Outreach

Enhanced TSA’s cyber security role with private industry as the Transportation Sector Specific Agency (SSA) under the National Infrastructure Protection Plan (NIPP)/Homeland Security Presidential Directive 7 (HSPD-7). Responsibilities and success included:

  • Developed strategic consensus on cyber security topics across multiple organizations, industries, stakeholder seniority levels, and backgrounds
  • Facilitated identification, prioritization and coordination of federal cyber security activities within transportation sector
  • Designed and gained support for implementation of subsector-wide risk management program
  • Promoted and coordinated cyber security awareness of owners, operators
  • Provided program level guidance for Critical Infrastructure protection to transportation and cross-sector communities and encouraged private industry participation in non-mandatory initiatives
  • Facilitated development of sector information sharing programs and mechanisms
  • Developed agendas for and co-lead monthly national Transportation Systems Sector Cybersecurity Working Group (TSSCWG)
  • Provided substantial input into and direction of the first ever national transportation cyber security exercise and co-organized the 2011 Cyber Security in Transportation Summit with 300+ attendees from private industry and government and 30+ international speakers from hackers to senior government officials such as the CIO of the CIA
  • Provided cybersecurity training, outreach, and education to TSA’s entire federal workforce (50,000+), with a focus on TSO’s stationed at airports throughout the country.

 Kingfisher Systems – TSA Contract | 08/2010 – 11/2010 | National Critical Infrastructure Cyber Security Expert

Contracted to enhance TSA’s cyber security role with private industry as the Transportation Sector Specific Agency (SSA) under the National Infrastructure Protection Plan (NIPP)/Homeland Security Presidential Directive 7 (HSPD-7)

Securicon (1099) | 06/2010 – 07/2010 | Control Systems Incident Consultant

Short 1099 contract to Securicon to investigate customer control systems (SCADA) incident. Utilized technical log analysis, scripting, visualization, presentation, and control systems security knowledge to determine potential root cases and present to executive leadership.

Idaho National Lab (INL) | 09/2009 – 06/2010 | ICS-CERT Liaison to DHS NCCIC/US-CERT

Supported Industrial Control Systems CERT (ICS-CERT) at the DHS National Cybersecurity and Communications Integration Center (NCCIC). Responsibilities included: responding to and analyzing control systems (SCADA) related incidents, providing situational awareness in the form of actionable intelligence, coordinating the responsible disclosure of vulnerabilities/mitigations, sharing and coordinating vulnerability information and threat analysis through information products and alerts, contributing to ICS-CERT & NCCIC CONOPS, and providing ICS-CERT briefings to senior cyber leadership of DHS, FBI, DOD including ongoing investigations and onsite incident response efforts.

KCG – TSA Contract | 09/2008 – 09/2009 | National Critical Infrastructure Protection Cyber Security Expert

Contracted to enhance TSA’s cyber security role with private industry as the Transportation Sector Specific Agency (SSA) under the National Infrastructure Protection Plan (NIPP)/Homeland Security Presidential Directive 7 (HSPD-7)

KCG – TSA Contract | 09/2006 – 09/2008 | Senior Enterprise Information Security Architect

Contracted to utilize Federal Enterprise Architecture (FEA) and SABSA Enterprise Security Architecture knowledge to provide NIST and FISMA-driven security policy, engineering, and compliance services to TSA.

Lockheed Martin | 07/2006 – 09/2006 | SOC Shift Lead

Contracted to use ArcSight SIEM correlation and SOC CONOPS experience to enhance the FBI’s internal SOC team. Work with ArcSight administrator, ESOC lead, and other team members to develop ArcSight rules, channels, and analysis methodology. Oversee second-shift contractors and provided senior level analysis escalation.

Netsec | 10/2003 – 07/2006 | Correlation Architect, CSIRC Lead, Security Engineer, SOC Analyst

Hired by NetSec MSSP (now a part of Verizon Business) as a senior SOC analyst. Repeatedly rewarded for outstanding analysis capability and then promoted to multi-disciplinary Tier 3 team charged with improving the SOC through technology, process, training, and customer service. Specialized in developing analysis methodology, advanced automated data correlation and filtering techniques, and leading development/selection and integration of custom tools. Also led client operational relationship with large government Incident Response Coordination contract.

Perot Systems | 10/1998 – 10/2003 | IT and Desktop Engineer

Provided desktop, IT, development, system administration to large IT consulting firm in multiple locations throughout the US, including an Army Depot location tasked with neutralizing VX nerve agent.

OTHER NOTABLE SUCCESSES

  • Hiked 300 miles of the Appalachian Trail in late 2014
  • Chairman of the Board of a 501c3 “Art” non-profit (Art Outlet, 2007)

SPEAKING ENGAGEMENTS (Partial List)

  • Suits & Spooks in New York, Building More Effective Public/Private Partnerships, NY, 2014
  • MIT Round Table, Building International Cybernorms, MA, 2014
  • FIRST Energy Summit, Small & Medium Sized Utility Cybersecurity Considerations, VA, 2013
  • B-Sides DC, Critical Infrastructure Protection Panel, DC, 2013
  • ISSA-DC, Introduction to National Cybersecurity and Critical Infrastructure Protection, DC, 2013
  • Florida Natural Gas Association, Cybersecurity Panel, FL, 2013
  • Energysec Summit, Using Frameworks to Enhance Security and Compliance, CO, 2013
  • Source Boston, Cyber Momentum – Understanding & leveraging the National Dialogue, Boston, 2013
  • Cyber Security in Transportation Summit, Moderated Risk Management Panel, Washington DC, 2012
  • NATO – Emerging Security Challenges, Cyber Security Isn’t Really Cyber, Tbilisi, 2011
  • B-Sides Chicago Hacker Con, Human Attribute Cyber Security, Chicago, 2011
  • Energysec Summit, Executive Responsibility in Cyber Security, Denver, 2010
  • DoD/JTF-GNO Joint Information Assurance Tech Exchange, Data visualization for network security, Washington DC, 2005
  • Recon Reverse Engineering Conference, Massive Data Visualization for the purposes of monitoring IDS, Montreal, 2005
  • Northeastern University‘s ACM Speaker Series, Massive Data Visualization for the purposes of monitoring IDS, Boston MA, 2005
  • Rubicon Hacker Con, Aggressive Honeypots, Detroit MI, 2003

OLDER TECHNICAL ACHIEVEMENTS

  • Wrote software which makes art out of brainwaves recorded by consumer EEG-reading headset (2010)
  • Wrote open-source software implementing completely new method for visualizing network packet captures (Pkviz, 2008)
  • Large data security visualization methodologies ultimately used by ArcSight in developing their Interactive Discovery tool (2004/6)
  • Conceptualized and managed the development of a statistical anomaly detection & correlation add-on to ArcSight SIEM using long distance telephone fraud detection engine (2004/5)
  • Conceptualized, developed, used, and presented a groundbreaking open-source active-response honeypot security software (Bait and Switch, 2003)

Jack Whitsitt | @sintixerr | sintixerr@gmail.com | 703-409-9366 | Washington, DC