Professional Documents
Culture Documents
HALES
Cell: 509-521-1731
E-mail: rogereh1@gmail.com
PROFESSIONAL SUMMARY
Highly qualified and dedicated professional with a clearance and Master of Science in Information Security and more than
13 years of experience working in the Industrial Control System (ICS) Cyber Security arena. Has extensive knowledge in
ICS cyber security plans, policies, procedures, risk assessments, risk mitigation, gap analysis, security controls, network
monitoring, control systems, mechanical and process engineering disciplines, and electrical circuits. Professional qualities
include: self-starter, organized, mechanically inclined, and driven to excel in responsibilities set forth.
TECHNICAL SUMMARY
Cyber Security
Security System Plan (SSP), Cyber Security Plans, Procedures, Risk Assessments, DOD Risk Management
Framework (RMF - DoDI 8510.01), Department of Energy Cybersecurity Program (DOE O 205.1C), Risk Mitigation,
Critical Digital Assets (CDA) Assessment, Nuclear Energy Institute (NEI) 08-09 Cyber Security Plan for Nuclear
Power Reactors, 10 CFR 73.54 compliance, DISA STIGs, and NIST (CSF, 800-82, 800-53, 800-30), Cybersecurity
Maturity Model (CMMC), ISO 27001
Cyber Security Controls: NIST Cyber Security Controls, Nessus Vulnerability Scanner, Physical, Systems Restore /
Backup, Disaster Recovery, Malware Protection, Network Monitors, Vistsumbler (WiFi scanner), and Anti-virus
Cyber Security Evaluation Tool (CSET)
Visibility, Security and Monitoring ICS/OT Tools: Dragos CyberLens and Nozomi Networks Guardian
Deloitte Cyber Strategy Framework (CSF) Assessment Framework Platform
Electrical Power
Solar power systems installation, consulting, and maintenance
Operational Technology (ICS / OT / SCADA)
Areva Training: Eterrbrowser, Eterrahabitat System Management, Building a SCADA Model, Eterramodeler,
Eterracontrol, Building a Network Model, Introduction to E-terrahabitat, E-terrahabitat Databases, and Eterracomm
SUBNET Solutions Inc. Training: ACE2000 Test Set, DNP3 Protocol, Subnet SERVER.NET, and Substation
Explorer
OSIsoft PI System - PI Server
TRAINING / CERTIFICATIONS
ICS 410: ICS/SCADA Security Essentials Training, SANS Institute- 2021
ICS Cybersecurity (301) Training, U.S. Department of Homeland Security Cybersecurity and Infrastructure Security
Agency (CISA) – 2020
Ovation OV365- Power and Water Cybersecurity Suite (PWCS) Training– 2021
Cybersecurity L2 – Nexus OTArmor CSMS Intermediate Training - 2021
Senior Systems Managers, Committee on National Security Systems (CNSS) No. 4012 Certification – 2015
DOD / DOE Security Clearance (active status)
PNNL Scientist and Engineer Development Program (SEDP)- focuses on augmenting the scientist’s technical
capabilities with skills that are essential to a successful career such as: effective communications, conflict
management, publishing, delivering technical presentations, creating technical posters, writing proposals, and
managing projects.
Radiological Worker II
Emergency Management of Radiation Accident Victims Course (REAC) and Certification
Private Pilot with Instrument Rating
PROFESSIONAL EXPERIENCE
ICS/OT Network Engineer, Accenture (Remote)
September 2021- Present
Act as an ICS Cyber Risk Consultant to help complex organizations more confidently pursue their growth, innovation and
performance agendas through proactive management of the associated cyber risks. Support and advise the clients to focus
on improving cyber risk detection and responding more rapidly and effectively to reduce the impact of cyber risks.
Design, integrate and configure cyber security and networking monitoring tools
Help clients identify and evaluate security gaps in industrial control systems (ICS)
Lead ICS security vulnerability assessments and remediation
Identify system security requirements for external and internal facing web applications, Networks, Operating
Systems and Cloud environment.
Ensure the secure design, architecture, installation, configuration, hardening, and remediation for software
applications to protect organizations' sensitive information
Identify and evaluate gaps in ICS systems. Drive implementation to mitigate security exposure
Integrate, configure and conduct threat / vulnerability management for OT networks using Nozomi
Configure, conduct, understand, review vulnerability assessments and provide false positive validation focused on the
OT/ICS/Manufacturing space
Coordinate with internal and external partners to remediate or mitigate security vulnerabilities
Advise incident responders as they develop and coordinate response, containment and remediation capabilities as
appropriate
Assist in recommending and prioritizing remediation efforts within infrastructure and application teams
Define, provide, and improve metrics on the assigned services including the use of appropriate applications and tools
for reporting handle tracking and remediation of vulnerabilities by using agreed-upon action plans and timelines with
support teams
Serve as an escalation point for all technical issues regarding vulnerabilities
Support Cyber Security Operations Center on security incidents including contributing to mock security incident
exercises.
Industrial Control Systems (ICS) Cyber Security Analyst, Artech, LLC- Duke Energy Contactor (Remote)
Short-term Contract February 2021- July 2021
Support the Regulated & Renewable Energy (RRE) Cyber Security program infrastructure asset security to include but
not limited to maintaining firewalls, endpoint protection, distributive control systems (DCS), patching, antivirus
protections, account management, cyber asset inventory and security management baselines.
Provide direct service and support to all of RRE generating stations (6 states, 4 operating regions, 90+ generating
stations) to ensure compliance with the enterprise cyber security requirements, respond to cyber security threats
and events and management of the RRE cyber security program.
Perform day-to-day activities in support of cyber security program and policies. This may include maintenance
(patching/upgrade), support of new installations or upgrades, and other items as directed.
Assist in development and revision of the ongoing strategy of the RRE Cyber Security Program
Assess and respond to complex distributed control system (DCS) cyber security events and incidents
Assist in working closely with RRE NERC Compliance personnel to ensure NERC CIP regulatory compliance is
maintained.
Industrial Control Systems (ICS) Cyber Security Analyst, S&K Mission Support, LLC (Remote)
April 2020- December 2020
Provide ICS Cyber Security Oversight Support to the DOE Portsmouth/Paducah Project Office (PPPO) sites. Design,
implement, and manage the ICS cyber security assessment capability for the PPPO. Assess contractor and subcontractor
cyber security programs and government-owned/contractor-operated information systems (e.g., general support systems,
national security systems, industrial control systems, and major applications) across PPPO sites.
Cyber Risk Industrial Control Systems (ICS) Senior Specialist, Deloitte & Touch, LLP (Remote)
August 2018- December 2019
Act as an ICS Cyber Risk Advisor to help complex organizations more confidently pursue their growth, innovation and
performance agendas through proactive management of the associated cyber risks. Support and advise the clients to focus
on improving cyber risk detection and responding more rapidly and effectively to reduce the impact of cyber risks.
Identify and evaluate complex business and technology risks and remediation methods to mitigate risks
Demonstrate problem solving, critical thinking and logical structuring skills
Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects
Actively participate in decision making with engagement management and seek to understand the broader impact of
current decisions
Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services
Identify opportunities to improve engagement profitability and manage engagement economics
Demonstrate ability to identify and address client needs: building solid relationships with clients; developing an
awareness of firm services; communicating with the client in an organized and knowledgeable manner; delivering
clear requests for information; demonstrating flexibility in prioritizing and completing tasks; and communicating
potential conflicts to the manager
Demonstrate a general knowledge of market trends, competitor activities, Deloitte Advisory products and service lines
ICS Cybersecurity SME, TradeWind Services LLC, Piketon, OH (Portsmouth Gaseous Diffusion Plant)
Short-term Contract - May 2018- July 2018
Perform security analysis of the Portsmouth Gaseous Diffusion Plant Industrial Control System (ICS) operational and
development environments, threats, vulnerabilities and internal interfaces to define and assess compliance with accepted
government standards (NIST 800-53, 37, & 82 and NERC-CIP).
Contribute to the Risk Managed Framework (RMF) for new and existing information systems, to include facilitating
Memorandums of Understanding (MOU), Interconnection Security Agreements (ISA), Risk Acceptance Letters
(RAL) and Continuous Monitoring (CONMON) Conduct compliance review of operating systems (i.e., Windows,
Linux) to governing requirements.
Assess test/analysis data to document state of compliance with security requirements.
Conduct risk assessments and investigations, execute appropriate risk mitigations, and incident response activities.
Interface with the appropriate customers, and company personnel to implement protective mechanisms and to ensure
understanding of and compliance with cybersecurity requirements.
Senior Nuclear ICS Information Security Analyst, Vitaver (Florida Power and Light), Jupiter, FL (Remote)
Short-term Contract - December 2017- March 2018
Providing ICS cyber security support for the Florida Power and Light (FPL) Nuclear Division
Understand the cyber security implications surrounding the overall architecture of plant networks, operating systems,
hardware platforms, plant-specific applications, and the services and protocols upon which those applications rely.
Develop / maintain Nuclear Division (ND) cyber security processes and procedure.
Participate in the development of cyber security solutions to meet corporate standard and/or NRC Cyber Security
Standard (Nuclear Energy Institute (NEI) 08-09 Cyber Security Plan for Nuclear Power Reactors and 10 CFR 73.54)
Troubleshoot ND cyber security issue.
Lead / support cyber security improvement and Life cycle project.
Prepare documentation in support of audits and maintaining compliance of ND Sites in the area of the Corporate
and/or NRC Cyber Regulations.
Oversee annual Cyber Vulnerability Assessment (CVA) activities.
Act as a liaison with Nuclear Oversight & Support (NOS) organization for audit related activities.
Information Security ICS SME, Loyal Source (Vencore), NASA Kennedy Space Center (KSC)
Short-term Contract- February 2017- November 2017
Providing cybersecurity (OPSEC, COMPUSEC, COMSEC & INFOSEC) engineering support for NASA Industrial
Control System (ICS) subsystems and Command, Control & Communication Networks enclaves of existing ground space
(GSE) systems & newly developed launch vehicle (SLS) ground support systems, towards achieving & maintaining
Authorization-to-Operate (ATO) via the implementation of security standards & guidelines in accordance with the
FISMA & RMF A&A processes, utilizing FIPS 199 and NIST (SP 800-37,-53/-82.r2) security controls for industrial &
non-industrial control devices that require ITSEC & DHS policy directives, compliance & pertinent NASA cybersecurity
instructions.
Evaluate ICS (PLCs/DCS/SCADA/PC104 Controllers with Modbus, Fieldbus, ControlNet, Ethernet/IP busses on
various “smart” end-items/assets (e.g. EN2FFR g/w & switches, servo valves, variable frequency drives, flowmeters,
etc.)) security throughout the Security Development Lifecycle (SDLC) of the NASA Ground Control Subsystem from
architecture design to procurement to installation to maintenance to decommissioning.
Create, review existing, and modify subsystem security policies, practices, processes, desktop instructions, concept of
operation (CONOPS), INFOSEC Block Diagram & Security Architecture Document (SAD), and collect artifacts and
evidence to complete construction of System Security Plans (SSPs) and Contingency Plans.
Complete tasks and activities for the Assessment and Authorization (A&A) Process to obtaining an ATO approval.
Perform security risk assessments, analysis, and periodic information system technical reviews to ensure FIPS 199
and NIST (SP 800-37,-53/-82.r2) security controls are categorized accurately and implemented utilizing defense-in-
depth strategies, continuously monitored, and remain compliant for each system.
Perform the design and execution of vulnerability assessments, security audits, review of logs and reports of all in-
place devices, whether they are under direct control (i.e., as a security tool console operator) or not (i.e., workstations,
servers, network devices).
Provide subsystem stakeholders with methods in developing and employ/enhance non-existent/IT Security gaps
within the sub-system (i.e. hardening) to include disabling unused ports and services on ICS devices after testing to
assure this will not impact ICS operation. Restricted physical access to the ICS network and devices via ICS user
privileges to only those that are required to perform each person’s job (i.e., established role-based access control and
configured each role based on the principle of least privilege).
Supported the INFOSEC Verification &Validation (V&V) compliance activities & actions regarding Plan of Action
& Milestones (POA&M), Risk Acceptance Letters, and Continuous Monitoring and significantly contributed as a
member of cross-functional and collaborative teams. Involved with the Security Assessment Review Team (SART)
and provided feedback to team regarding IT & ICS SAs, Peer Review of Design Packages, implementation
detail/evidence, and POA&M items. Reviewed all NASA Engineering (NE) organization’s system-related
information System Security Plans (SSPs) and acted as a liaison for coordinating the effort to consolidate plans.
Information Security System Manger (ISSM), HX5, Wright-Patterson Air Force Base (WPAFB), Dayton, OH
November 2016 – February 2017
Act as a technical advisor and maintain the overall security posture of the KC-10 Training Systems (TS), an ACAT III, in
Milestone (MS) C accordance with the DoD 8500.01: Cybersecurity and DOD 8510.01: Risk Management Framework
(RMF) for DoD IT, AFI 33-200, and Information Assurance (IA) Management.
Incorporate cybersecurity requirements into all KC-10 TS configuration items. Identify system vulnerabilities and
mitigations and/or risk reduction strategies for those vulnerabilities. Provide system artifacts to support certification
and accreditation of the system.
Develop, implement, and maintain the KC-10 Training System information security programs Security System
Policies (SSP), procedures, plans, and standards; and carry out security awareness and control campaigns.
Complete the KC-10 TS implementation of DOD 8510.01: RMF (formerly PIT) and DoD: 8500.01 Cybersecurity.
Review proposed new systems, networks, and software designs for potential security risks; recommend mitigation or
countermeasures, and resolve integration issues related to the implementation of new systems within the existing
infrastructure.
In charge of the continuous monitoring of system within the purview to ensure compliance with Cybersecurity
policies and systems are securely configured in accordance with DOD: 8510.01 RMF and DoD: 8500.01
Cybersecurity.
Perform security risk analysis, preparation of action plan, security evaluation, and certify the validity of all
information security risk analysis.
PUBLICATIONS
Integrating Cyber and Physical Security into Bulk Power System Engineering Practices, IEEE & NERC, 2022