ROGER E.

HALES
Cell: 509-521-1731
E-mail: rogereh1@gmail.com

PROFESSIONAL SUMMARY

Highly qualified and dedicated professional with a clearance and Master of Science in Information Security and more than
13 years of experience working in the Industrial Control System (ICS) Cyber Security arena. Has extensive knowledge in
ICS cyber security plans, policies, procedures, risk assessments, risk mitigation, gap analysis, security controls, network
monitoring, control systems, mechanical and process engineering disciplines, and electrical circuits. Professional qualities
include: self-starter, organized, mechanically inclined, and driven to excel in responsibilities set forth.

TECHNICAL SUMMARY

Cyber Security
 Security System Plan (SSP), Cyber Security Plans, Procedures, Risk Assessments, DOD Risk Management
Framework (RMF - DoDI 8510.01), Department of Energy Cybersecurity Program (DOE O 205.1C), Risk Mitigation,
Critical Digital Assets (CDA) Assessment, Nuclear Energy Institute (NEI) 08-09 Cyber Security Plan for Nuclear
Power Reactors, 10 CFR 73.54 compliance, DISA STIGs, and NIST (CSF, 800-82, 800-53, 800-30), Cybersecurity
Maturity Model (CMMC), ISO 27001
 Cyber Security Controls: NIST Cyber Security Controls, Nessus Vulnerability Scanner, Physical, Systems Restore /
Backup, Disaster Recovery, Malware Protection, Network Monitors, Vistsumbler (WiFi scanner), and Anti-virus
 Cyber Security Evaluation Tool (CSET)
 Visibility, Security and Monitoring ICS/OT Tools: Dragos CyberLens and Nozomi Networks Guardian
 Deloitte Cyber Strategy Framework (CSF) Assessment Framework Platform

Automation and Robotics

 Programmable Logic Controllers (PLC): GE / Allen-Bradley
 GE Fanuc Automation- Proficy Machine Edition LD-PLC Training
 Robix Rascle and Fanuc Robots
 Control Systems Communication Protocols – Distributed Network Protocol (DPN 3), TCP/IP, Modbus, and Triangle
Microworks

Electrical Power
 Solar power systems installation, consulting, and maintenance
 Operational Technology (ICS / OT / SCADA)
 Areva Training: Eterrbrowser, Eterrahabitat System Management, Building a SCADA Model, Eterramodeler,
Eterracontrol, Building a Network Model, Introduction to E-terrahabitat, E-terrahabitat Databases, and Eterracomm
 SUBNET Solutions Inc. Training: ACE2000 Test Set, DNP3 Protocol, Subnet SERVER.NET, and Substation
Explorer
 OSIsoft PI System - PI Server

Network and Computer Applications

 Internet architecture and protocols / LAN / WAN / MAN
 Cisco Systems: Router -1841, 2811, and 7201 Switch- 2960, 3560, 3750 and 3560
 Cisco Certified Network Associate Routing and Switching Training (CCNA)
 Network Encryption - TACLANE®-Micro / TACLANE-GigE IP Encryptor Certification
 Network Tools: Wireshark, Tivoli Endpoint Manger Console, Putty, Citrix Console, Microsoft Management Console,
AlgoSec (Firewall Management)
 AutoCAD / AutoCAD Electrical
 Microsoft Visio
 Microsoft Office Suite (MS Word, Excel, SharePoint, Outlook, and PowerPoint)
 CompTIA Linux+ Training
EDUCATION
Master of Science in Information Security, City University, Seattle, WA - 2015
Bachelor of Science in Electronic Engineering Technology, (minor in Physics), Eastern Washington University, Cheney,
WA – 2008

TRAINING / CERTIFICATIONS
 ICS 410: ICS/SCADA Security Essentials Training, SANS Institute- 2021
 ICS Cybersecurity (301) Training, U.S. Department of Homeland Security Cybersecurity and Infrastructure Security
Agency (CISA) – 2020
 Ovation OV365- Power and Water Cybersecurity Suite (PWCS) Training– 2021
 Cybersecurity L2 – Nexus OTArmor CSMS Intermediate Training - 2021
 Senior Systems Managers, Committee on National Security Systems (CNSS) No. 4012 Certification – 2015
 DOD / DOE Security Clearance (active status)
 PNNL Scientist and Engineer Development Program (SEDP)- focuses on augmenting the scientist’s technical
capabilities with skills that are essential to a successful career such as: effective communications, conflict
management, publishing, delivering technical presentations, creating technical posters, writing proposals, and
managing projects.
 Radiological Worker II
 Emergency Management of Radiation Accident Victims Course (REAC) and Certification
 Private Pilot with Instrument Rating

PROFESSIONAL EXPERIENCE
ICS/OT Network Engineer, Accenture (Remote)
September 2021- Present
Act as an ICS Cyber Risk Consultant to help complex organizations more confidently pursue their growth, innovation and
performance agendas through proactive management of the associated cyber risks. Support and advise the clients to focus
on improving cyber risk detection and responding more rapidly and effectively to reduce the impact of cyber risks.

 Design, integrate and configure cyber security and networking monitoring tools
 Help clients identify and evaluate security gaps in industrial control systems (ICS)
 Lead ICS security vulnerability assessments and remediation
 Identify system security requirements for external and internal facing web applications, Networks, Operating
Systems and Cloud environment.
 Ensure the secure design, architecture, installation, configuration, hardening, and remediation for software
applications to protect organizations' sensitive information

Senior Associate IS Security Engineer, CompuGain – Amgen Contactor (Remote)

Short-term Contract March 2021- July 2021
Support various capabilities within OT security like vulnerability management, cyber threat intelligence, and others. Work
with various partners at Amgen in a manner aligned to Amgen’s values to define and implement information security
services strategies, standards, tools and processes covering the areas of Operational Technology (OT).

 Identify and evaluate gaps in ICS systems. Drive implementation to mitigate security exposure
 Integrate, configure and conduct threat / vulnerability management for OT networks using Nozomi
 Configure, conduct, understand, review vulnerability assessments and provide false positive validation focused on the
OT/ICS/Manufacturing space
 Coordinate with internal and external partners to remediate or mitigate security vulnerabilities
 Advise incident responders as they develop and coordinate response, containment and remediation capabilities as
appropriate
 Assist in recommending and prioritizing remediation efforts within infrastructure and application teams
 Define, provide, and improve metrics on the assigned services including the use of appropriate applications and tools
for reporting handle tracking and remediation of vulnerabilities by using agreed-upon action plans and timelines with
support teams
 Serve as an escalation point for all technical issues regarding vulnerabilities
 Support Cyber Security Operations Center on security incidents including contributing to mock security incident
exercises.

Industrial Control Systems (ICS) Cyber Security Analyst, Artech, LLC- Duke Energy Contactor (Remote)
Short-term Contract February 2021- July 2021
Support the Regulated & Renewable Energy (RRE) Cyber Security program infrastructure asset security to include but
not limited to maintaining firewalls, endpoint protection, distributive control systems (DCS), patching, antivirus
protections, account management, cyber asset inventory and security management baselines.

 Provide direct service and support to all of RRE generating stations (6 states, 4 operating regions, 90+ generating
stations) to ensure compliance with the enterprise cyber security requirements, respond to cyber security threats
and events and management of the RRE cyber security program.
 Perform day-to-day activities in support of cyber security program and policies. This may include maintenance
(patching/upgrade), support of new installations or upgrades, and other items as directed.
 Assist in development and revision of the ongoing strategy of the RRE Cyber Security Program
 Assess and respond to complex distributed control system (DCS) cyber security events and incidents
 Assist in working closely with RRE NERC Compliance personnel to ensure NERC CIP regulatory compliance is
maintained.

Industrial Control Systems (ICS) Cyber Security Analyst, S&K Mission Support, LLC (Remote)
April 2020- December 2020
Provide ICS Cyber Security Oversight Support to the DOE Portsmouth/Paducah Project Office (PPPO) sites. Design,
implement, and manage the ICS cyber security assessment capability for the PPPO. Assess contractor and subcontractor
cyber security programs and government-owned/contractor-operated information systems (e.g., general support systems,
national security systems, industrial control systems, and major applications) across PPPO sites.

 Perform validation of organizational, programmatic, and technical security controls.

 Conduct cyber security-related documentation reviews and document results.
 Conduct risk assessment activities and assess compliance with accepted government standards (NIST 800-53, 37, &
82, Department of Energy Cybersecurity Program (DOE O 205.1C), and NERC-CIP).
 Support Safeguards and Security-lead vulnerability and risk assessments documentation for Authorizing Official
Designated Representative (AODR) approval.
 Produce Security Assessment Reports and present results to site management.
 Execute, process, and consolidate data calls.
 Develop security control overlays for ICS operation.
 Provide guidance to site personnel on improving security posture and reducing cyber security related risk incurred by
the PPPO from the operation of general support systems, national security systems, industrial controls systems, and
major applications.
 Provide quarterly Technical Threat Assessments for AODR information.

Cyber Risk Industrial Control Systems (ICS) Senior Specialist, Deloitte & Touch, LLP (Remote)
August 2018- December 2019
Act as an ICS Cyber Risk Advisor to help complex organizations more confidently pursue their growth, innovation and
performance agendas through proactive management of the associated cyber risks. Support and advise the clients to focus
on improving cyber risk detection and responding more rapidly and effectively to reduce the impact of cyber risks.
 Identify and evaluate complex business and technology risks and remediation methods to mitigate risks
 Demonstrate problem solving, critical thinking and logical structuring skills
 Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects
 Actively participate in decision making with engagement management and seek to understand the broader impact of
current decisions
 Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services
 Identify opportunities to improve engagement profitability and manage engagement economics
 Demonstrate ability to identify and address client needs: building solid relationships with clients; developing an
awareness of firm services; communicating with the client in an organized and knowledgeable manner; delivering
 clear requests for information; demonstrating flexibility in prioritizing and completing tasks; and communicating
potential conflicts to the manager
 Demonstrate a general knowledge of market trends, competitor activities, Deloitte Advisory products and service lines

ICS Cybersecurity SME, TradeWind Services LLC, Piketon, OH (Portsmouth Gaseous Diffusion Plant)
Short-term Contract - May 2018- July 2018
Perform security analysis of the Portsmouth Gaseous Diffusion Plant Industrial Control System (ICS) operational and
development environments, threats, vulnerabilities and internal interfaces to define and assess compliance with accepted
government standards (NIST 800-53, 37, & 82 and NERC-CIP).
 Contribute to the Risk Managed Framework (RMF) for new and existing information systems, to include facilitating
Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), Risk Acceptance Letters
(RAL) and Continuous Monitoring (CONMON) Conduct compliance review of operating systems (i.e., Windows,
Linux) to governing requirements.
 Assess test/analysis data to document state of compliance with security requirements.
 Conduct risk assessments and investigations, execute appropriate risk mitigations, and incident response activities.
 Interface with the appropriate customers, and company personnel to implement protective mechanisms and to ensure
understanding of and compliance with cybersecurity requirements.

Senior Nuclear ICS Information Security Analyst, Vitaver (Florida Power and Light), Jupiter, FL (Remote)
Short-term Contract - December 2017- March 2018
Providing ICS cyber security support for the Florida Power and Light (FPL) Nuclear Division
 Understand the cyber security implications surrounding the overall architecture of plant networks, operating systems,
hardware platforms, plant-specific applications, and the services and protocols upon which those applications rely.
 Develop / maintain Nuclear Division (ND) cyber security processes and procedure.
 Participate in the development of cyber security solutions to meet corporate standard and/or NRC Cyber Security
Standard (Nuclear Energy Institute (NEI) 08-09 Cyber Security Plan for Nuclear Power Reactors and 10 CFR 73.54)
 Troubleshoot ND cyber security issue.
 Lead / support cyber security improvement and Life cycle project.
 Prepare documentation in support of audits and maintaining compliance of ND Sites in the area of the Corporate
and/or NRC Cyber Regulations.
 Oversee annual Cyber Vulnerability Assessment (CVA) activities.
 Act as a liaison with Nuclear Oversight & Support (NOS) organization for audit related activities.

Information Security ICS SME, Loyal Source (Vencore), NASA Kennedy Space Center (KSC)
Short-term Contract- February 2017- November 2017
Providing cybersecurity (OPSEC, COMPUSEC, COMSEC & INFOSEC) engineering support for NASA Industrial
Control System (ICS) subsystems and Command, Control & Communication Networks enclaves of existing ground space
(GSE) systems & newly developed launch vehicle (SLS) ground support systems, towards achieving & maintaining
Authorization-to-Operate (ATO) via the implementation of security standards & guidelines in accordance with the
FISMA & RMF A&A processes, utilizing FIPS 199 and NIST (SP 800-37,-53/-82.r2) security controls for industrial &
non-industrial control devices that require ITSEC & DHS policy directives, compliance & pertinent NASA cybersecurity
instructions.
 Evaluate ICS (PLCs/DCS/SCADA/PC104 Controllers with Modbus, Fieldbus, ControlNet, Ethernet/IP busses on
various “smart” end-items/assets (e.g. EN2FFR g/w & switches, servo valves, variable frequency drives, flowmeters,
etc.)) security throughout the Security Development Lifecycle (SDLC) of the NASA Ground Control Subsystem from
architecture design to procurement to installation to maintenance to decommissioning.
 Create, review existing, and modify subsystem security policies, practices, processes, desktop instructions, concept of
operation (CONOPS), INFOSEC Block Diagram & Security Architecture Document (SAD), and collect artifacts and
evidence to complete construction of System Security Plans (SSPs) and Contingency Plans.
 Complete tasks and activities for the Assessment and Authorization (A&A) Process to obtaining an ATO approval.
 Perform security risk assessments, analysis, and periodic information system technical reviews to ensure FIPS 199
and NIST (SP 800-37,-53/-82.r2) security controls are categorized accurately and implemented utilizing defense-in-
depth strategies, continuously monitored, and remain compliant for each system.
 Perform the design and execution of vulnerability assessments, security audits, review of logs and reports of all in-
place devices, whether they are under direct control (i.e., as a security tool console operator) or not (i.e., workstations,
servers, network devices).
 Provide subsystem stakeholders with methods in developing and employ/enhance non-existent/IT Security gaps
within the sub-system (i.e. hardening) to include disabling unused ports and services on ICS devices after testing to
assure this will not impact ICS operation. Restricted physical access to the ICS network and devices via ICS user
privileges to only those that are required to perform each person’s job (i.e., established role-based access control and
configured each role based on the principle of least privilege).
 Supported the INFOSEC Verification &Validation (V&V) compliance activities & actions regarding Plan of Action
& Milestones (POA&M), Risk Acceptance Letters, and Continuous Monitoring and significantly contributed as a
member of cross-functional and collaborative teams. Involved with the Security Assessment Review Team (SART)
and provided feedback to team regarding IT & ICS SAs, Peer Review of Design Packages, implementation
detail/evidence, and POA&M items. Reviewed all NASA Engineering (NE) organization’s system-related
information System Security Plans (SSPs) and acted as a liaison for coordinating the effort to consolidate plans.

Information Security System Manger (ISSM), HX5, Wright-Patterson Air Force Base (WPAFB), Dayton, OH
November 2016 – February 2017
Act as a technical advisor and maintain the overall security posture of the KC-10 Training Systems (TS), an ACAT III, in
Milestone (MS) C accordance with the DoD 8500.01: Cybersecurity and DOD 8510.01: Risk Management Framework
(RMF) for DoD IT, AFI 33-200, and Information Assurance (IA) Management.
 Incorporate cybersecurity requirements into all KC-10 TS configuration items. Identify system vulnerabilities and
mitigations and/or risk reduction strategies for those vulnerabilities. Provide system artifacts to support certification
and accreditation of the system.
 Develop, implement, and maintain the KC-10 Training System information security programs Security System
Policies (SSP), procedures, plans, and standards; and carry out security awareness and control campaigns.
 Complete the KC-10 TS implementation of DOD 8510.01: RMF (formerly PIT) and DoD: 8500.01 Cybersecurity.
 Review proposed new systems, networks, and software designs for potential security risks; recommend mitigation or
countermeasures, and resolve integration issues related to the implementation of new systems within the existing
infrastructure.
 In charge of the continuous monitoring of system within the purview to ensure compliance with Cybersecurity
policies and systems are securely configured in accordance with DOD: 8510.01 RMF and DoD: 8500.01
Cybersecurity.
 Perform security risk analysis, preparation of action plan, security evaluation, and certify the validity of all
information security risk analysis.

Senior Cybersecurity / Control Systems Engineer, Bechtel Corporation, Richmond, KY / Richland, WA

June 2015 – October 2016
Conduct security assessments on networks and Industrial Control System (ICS), design cyber security solutions, support
implementation of those solutions, and identify security trends and practices.
 Perform cyber assessments to identify all digital assets at Columbia Generating Station (Energy Northwest Nuclear
Facility) and assess them to determine which should be considered critical digital assets (CDA).
 Conduct cyber assessments in accordance with the requirements of the Energy Northwest Nuclear Cyber Security
Plan, Nuclear Energy Institute (NEI) 08-09 Cyber Security Plan for Nuclear Power Reactors, and 10 CFR 73.54
compliance.
 Document key observations, analyses, and findings during cyber the assessment process.
 Evaluate assumptions and conclusions about cyber security threats; potential vulnerabilities to, and consequences
from an attack; the effectiveness of existing cyber security controls, defensive strategies, and attack mitigation
methods; cyber security awareness and training of those working with, or responsible for, critical digital assets and
cyber security controls throughout their system life cycles; and estimates of cyber security risk levels.
 Perform technical work for starting up and operation for the Bluegrass Chemical Agent-Destruction Pilot Plant at the
Bluegrass Army Depot; specifically, preparation of various Engineering and project policies, plans and procedures for
meeting government mandated cyber security requirement DOD 8510.01: Risk Management Framework (RMF) in
accordance with appropriate standards (NIST SP 800-53, 800-37, 800-82, etc).
 Implement necessary security controls and enhancements on the ICS.
Cyber Security Architect, Pacific Northwest National Laboratory (PNNL), Richland, WA
August 2008- May 2014
Providing analyst and engineering services through conducting technical analysis related to information operations and
cyber security for PNNL Cyber Security Department; primarily to include electrical power Supervisory Control and Data
Acquisition (SCADA) systems and networks.
 Design, build, test, and deliver computers, electrical power SCADA systems (relays, switch gear, HMI, PLC, circuit
breaker, transformer) to clients.
 Configure and maintain PLC and HMI and establish protocol and communication parameters between electrical
power SCADA systems, PLC, HMI, Remote Terminal Unit (RTU), sensors, and devices.
 Developed computer hardware suites, tools, technologies, reports, presentations for policy and technical audiences.
 Research, design, develop, assemble, modify, train on, and test (sometimes to failure), isolated networks of
computers, software applications, and miscellaneous associated hardware and software components.
 Ensured that training methods were developed, based on assembled systems and unique design.
 Implemented and provided detailed evaluation of assembled systems for training, to include on and off-site training.
 Administered threat assessments, network security assessments, Critical Infrastructure Protection (CIP) Vulnerability
Assessments, network intrusion detection, computer network defense, and secure network architecture in support of
PNNL Cyber Security Department.
 Develop, evaluate, update, and implement Cyber Security Plans to include policies, strategy, standards, solution
roadmaps, and risk mitigation for system upgrades.
 Review, study, and provide feedback on Nuclear Facilities Cyber Security Plans and Nuclear Energy Institute (NEI)
08-09 Cyber Security Plan for Nuclear Power Reactors.
 Maintain, monitor, and evaluate Real-time Network Traffic.

PUBLICATIONS
Integrating Cyber and Physical Security into Bulk Power System Engineering Practices, IEEE & NERC, 2022