Lance Noel, CISSP-ISSEP, CISM, CCSP
Education:
Masters in Engineering in Cybersecurity Policy
Cybersecurity
The George Washington University - School of Engineering & Applied Science
2020 : 2023
Bachelor of General Studies
Louisiana State University
Experience:
2020 : Present
Northrop Grumman
Sr Staff SSE/Cybersecurity Technical Lead
Manage the Tech Refresh effort which is primarily a hardware modernization effort for the platform’s cabin equipment and its supporting ground stations.
Cyber Security architecture, requirements, design and implementation, as well as Cyber resiliency, threat awareness, and integration of Enterprise Cyber capabilities.
Anti-Tamper technologies, methodologies, and policies.
Interface with the program office twice a week using Video Teleconferencing (VTCs) to manage progress and resolve issues.
Lead Technical Interchange Meeting (TIMs) at the customer’s site with subject matter experts, stakeholders, and the program office to share information about the problems and technology space, which allowed us to move in the correct direction.
Lead Tech Refresh’s ECPs covering both Information Assurance and System Integrity Protection; responsible for successful completion.
Support Cross Domain Solutions (CDS) development for a Multilevel Security (MLS) environment.
Supported Government penetration testing on white and black boxes.
Supported Type 1 encryptors selections and developed CONOPS for use in our environment.
Facilitate Public Key Infrastructure (PKI) to the secure transfer of information for our network activities.
Support the network team’s host based firewall reviews and the data flows between servers.
Responsible for the initial Risk Management Framework (RMF) security authorization package, and assuring that we will be able to get an Authorization to Operate (ATO) from the Designated Authorizing Official (DAO).
2007 : 2020
Raytheon
Multi-Disciplined System Security Engineering - Information Assurance & Anti-Tamper
Managed two Cyber Security teams to provide the program with a holistic form of security, which operates on multiple, fully integrated levels. One team consisted of System Integrity Protection SMEs and the other was Information Assurance SMEs.
Cyber Security architecture, requirements, design and implementation, as well as Cyber resiliency, threat awareness, and integration of Enterprise Cyber capabilities.
Experience with Anti-Tamper (AT), Secure Processing; Techniques, Implementations, and US Government System Security guidelines and provisions.
Supported RMF requirements using the NIST Cyber Security Framework to provide a policy framework of computer security guidance. NIST Special Publication 800-53 Revision 4 to provided security control selection guidance for the Information Systems and the CNSS Instruction 1253 provided additional guidance for the security systems.
The NIST Special Publication 800-53 provided us the security control assessment procedures for the program.
The security-focused rules are from an amalgamation of CWE, CAPEC, NIST, and others. Security incorporates polices which are based on MITRE/CWE-CAPEC and CERT Secure Coding Standards.
Led teams using Defense Information Systems Agency (DISA) tools such as, Assured Compliance Assessment Solution (ACAS) and Endpoint Security Solutions (ESS) which now covers HBSS.
Led penetration testing using tools like Nmap, and vulnerability assessments with Nessus.
Identity and Access Management (IdAM) used a combination of technical systems, policies and processes that create, define, and govern the utilization and safeguarding of identity information, as well as managing the relationship between an entity and the resources to which given access to person and non-person entities that can securely access all authorized DoD resources, anywhere, at any time.
Led reviews of Single Sign-On (SSO) implementation for our environment Linux and Windows workstations and virtual servers.
2007 : 2020
Raytheon, Space and Airborne Systems (SAS)
Cyber Security Manager and Technical Lead for Information Assurance and System Integrity
Company: Northrop Grumman
Years of Experience: 16
DoDI 8570.01-M IAT Level-III Compliant Certification
DoDI 8570.01-M IAM Level-III Compliant Certification
DoDI 8570.01-M IASAE Level-II Compliant Certification