Lance Noel, CISSP-ISSEP, CISM, CCSP
Details
Cybersecurity
The George Washington University - School of Engineering & Applied Science
2020 : 2023
Bachelor of General Studies
Louisiana State University
Northrop Grumman
Sr Staff SSE/Cybersecurity Technical Lead
Manage the Tech Refresh effort which is primarily a hardware modernization effort for the platform’s cabin equipment and its supporting ground stations.
Cyber Security architecture, requirements, design and implementation, as well as Cyber resiliency, threat awareness, and integration of Enterprise Cyber capabilities.
Anti-Tamper technologies, methodologies, and policies.
Interface with the program office twice a week using Video Teleconferencing (VTCs) to manage progress and resolve issues.
Lead Technical Interchange Meeting (TIMs) at the customer’s site with subject matter experts, stakeholders, and the program office to share information about the problems and technology space, which allowed us to move in the correct direction.
Lead Tech Refresh’s ECPs covering both Information Assurance and System Integrity Protection; responsible for successful completion.
Support Cross Domain Solutions (CDS) development for a Multilevel Security (MLS) environment.
Supported Government penetration testing on white and black boxes.
Supported Type 1 encryptors selections and developed CONOPS for use in our environment.
Facilitate Public Key Infrastructure (PKI) to the secure transfer of information for our network activities.
Support the network team’s host based firewall reviews and the data flows between servers.
Responsible for the initial Risk Management Framework (RMF) security authorization package, and assuring that we will be able to get an Authorization to Operate (ATO) from the Designated Authorizing Official (DAO).
2007 : 2020
Raytheon
Multi-Disciplined System Security Engineering - Information Assurance & Anti-Tamper
Managed two Cyber Security teams to provide the program with a holistic form of security, which operates on multiple, fully integrated levels. One team consisted of System Integrity Protection SMEs and the other was Information Assurance SMEs.
Cyber Security architecture, requirements, design and implementation, as well as Cyber resiliency, threat awareness, and integration of Enterprise Cyber capabilities.
Experience with Anti-Tamper (AT), Secure Processing; Techniques, Implementations, and US Government System Security guidelines and provisions.
Supported RMF requirements using the NIST Cyber Security Framework to provide a policy framework of computer security guidance. NIST Special Publication 800-53 Revision 4 to provided security control selection guidance for the Information Systems and the CNSS Instruction 1253 provided additional guidance for the security systems.
The NIST Special Publication 800-53 provided us the security control assessment procedures for the program.
The security-focused rules are from an amalgamation of CWE, CAPEC, NIST, and others. Security incorporates polices which are based on MITRE/CWE-CAPEC and CERT Secure Coding Standards.
Led teams using Defense Information Systems Agency (DISA) tools such as, Assured Compliance Assessment Solution (ACAS) and Endpoint Security Solutions (ESS) which now covers HBSS.
Led penetration testing using tools like Nmap, and vulnerability assessments with Nessus.
Identity and Access Management (IdAM) used a combination of technical systems, policies and processes that create, define, and govern the utilization and safeguarding of identity information, as well as managing the relationship between an entity and the resources to which given access to person and non-person entities that can securely access all authorized DoD resources, anywhere, at any time.
Led reviews of Single Sign-On (SSO) implementation for our environment Linux and Windows workstations and virtual servers.
2007 : 2020
Raytheon, Space and Airborne Systems (SAS)
Cyber Security Manager and Technical Lead for Information Assurance and System Integrity
Skills
Aerospace, ATO, Certified Information Security Manager (CISM), CISSP, Communication, Compliance Management, Continuous Monitoring, Cyber-security, Cyber Security Manager , Defense, DoD, Earned Value Management, Engineering, Engineering Management, Escalations Management, Ethical Hacking, FedRAMP, Identity and Access Management (IAM), Information Assurance, Information Systems, Information Technology, Infrastructure, Integration, Linux, Military, Network Engineering, Network Security, Network Virtualization, NIST 800-53, Program Management, Public Cloud, Requirements Analysis, Security Engineering, Software Development Methodologies, System Architecture, System Integrity, Systems Design, Systems Engineering, Team Leadership, Team Management, Teamwork, Threat Modeling, Vulnerability, Vulnerability Assessment, Vulnerability Management, Vulnerability Scanning, Written Communication, Cyber Security , Financial Analysis, Business Analysis, B2B, Forecasting, Project Management, Marketing, Sales Management, New Business Development, Operations Management, Sales Operations, Public Speaking, Market Research, Financial Reporting, Business Strategy, Budgets, Business Planning, Commercial Banking, Small Business Lending, Leadership, Cross Selling, Credit Analysis, Customer Service, Mortgage Lending, Team Building, Commercial Lending, Finance, Strategic Planning, Loans
About
Senior Information Technology professional with 25 years of security experience, demonstrating the knowledge to effectively manage and complete projects on time, as well as the ability to work with others on diverse and complex projects to achieve a common goal and provide excellent customer service. Within the scope of my security experiences, I have 16 years of management and leadership roles.
DoDI 8570.01-M IAT Level-III Compliant Certification
DoDI 8570.01-M IAM Level-III Compliant Certification
DoDI 8570.01-M IASAE Level-II Compliant Certification
Profile Photo
