Derek A. Smith, CISSP
Dsmith8952@aol.com
www.Derekallsmith.net
(301)744-7355
A S E N I O R L E V E L C Y B E R S E C U R I T Y E XE C U T I V E W I T H P R O V E N A B I L I T Y T O C O M B I N E B R O A D B A S E D T E C H N O L O G Y , S E C U R I T Y A N D B U S I N E S S E X P E R T I S E . G O T O C Y B E R E XP E R T F O R
INTERNATIONAL AND LOCAL NE WS SHOWS
P ROFESSIONAL E XPERIENCE
Director of Cybersecurity Initiatives
National Cybersecurity Institute at Excelsior College
September 2014 - Present
Perform complex duties relating to the development and coordination of cyber security initiatives at the National
Cybersecurity Institute. Develop strategies to promote the NCI as an academic and research center dedicated to
increasing knowledge in the cyber security discipline and to assist the government, military, and industry sectors
meet the challenges in cyber security policy, technology and education. Promote Excelsior College and NCI as a
leader in the cyber security discipline and enhance the visibility of Excelsior College’s cyber security programs.
Lead a team; meet budget requirements and deadlines, marketing, social media, and computer applications, as well
as problem solving and decision making.
•
•
•
•
•
•
•
•
•
•
Established and manages a “for profit” business within NCI to perform cybersecurity assessments and
training.
Proactively promote and position NCI and Excelsior College as a thought leader in the cyber security
discipline.
Proactively cultivate and foster relationships with government agencies and industry to promote Excelsior
College and NCI as a leader in cyber security.
Design and implement academic and research initiatives to increase knowledge in the cyber security
discipline.
Travel as needed to promote the cyber security programs.
Establish effective works plans to accomplish goals and manage workflow efficiently.
Solicit/obtain grant funding for individual or collaborative cyber security research/ projects.
Collaborate to develop webinars, podcasts and other media.
Collaborate to develop white papers and other publications and professional research.
Proactively promote and market NCI and Excelsior College to enhance the visibility of Excelsior’s cyber
security programs
Director of Cyber Initiatives/Program Manager
Enlightened, Inc.
September 2013 – September 2014
Director of Cyber Initiatives at Enlightened, Inc. an award-winning, HUBZone certified, Information
Technology (IT) and Management Consulting firm.
•
•
Responsible for strategic and operational leadership that established, supported and continuously improved
cyber information strategies. Led the development and operations of Enlightened's Cyber Security division.
Project Manager for multimillion dollar cybersecurity contract with the U.S. Department of Health and
Human Services, Centers for Medicare & Medicaid Services.
Global Manager, Cybersecurity Education, Training and Awareness
Computer Sciences Corporation
Cybersecurity Architect/Project Manager
June 2012 – September 2013
• Developed and managed the Cybersecurity Education, Training and Awareness practice.
• Collaborated with clients to develop and refine information security strategies, roadmaps, and change
agendas that reflect information security “best practices.”
• Provided technical oversight for specified projects, and across multiple projects, to ensure that technologies
within the information security capability are properly leveraged.
1
Cyber Security Project Manager
•
•
•
Booz Allen Hamilton
July 2010 – June 2012
Senior Project Manager for eight information security projects and programs totaling $18 million for the
Enterprise Information Security (EIS) team, which secures the Booz Allen Infrastructure.
Coordinated multiple related projects directed toward IT security initiatives.
Led several small teams as a Career Manager include a Security Awareness Team, responsible for security
and awareness training and communications for the firm, Strategy and Metrics Team, responsible for
developing, and reporting performance metrics for the 15 EIS teams, and Personnel for EIS, responsible for
managing 60 rotational personnel for the 15 teams within EIS.
Information Assurance Team Manager
•
•
•
•
•
•
Government lead for two separate Computer Network Defense Service Provider (CNDSP) Protect Teams.
Directed eight contractor personnel in support of, as well as coordination amongst, the various CNDSP
elements for Protect Services.
Managed various projects relating to computer network defense.
Managed a team of security analysts who did analysis and management of incident response data from a
variety of sources. Determined work requirements, priorities, and maximized the effectiveness of analysts
through efficient scheduling and effective deployment of technology.
Directed, guided, and oversaw the activities of the CSIRT analysts. Assured a high quality of work
products, client communication, and incident response reporting.
Created and monitored team member performance goals, training plans, and organizational metrics.
Provided oversight to incident response activities (triage, root cause analysis, escalations, notifications,
communication, etc.). Determined the severity level of incidents, acted as a conduit for escalation to the
Senior Executive Team, and assured accordance with regulatory requirements.
Sr. Security Engineer/Information Security Manager
•
•
•
•
•
•
•
•
•
Army Research Laboratory
April 2009 – June 2010
InFozen
February 2008 – April 2009
Information Security Engineer for the Transportation Security Administration’s (TSAO), Transportation
Threat Assessment and Credentialing (TTAC) Secure Flight program. Information Security Officer for
TSA’s TTAC Secure Flight Program.
Monitored, tracked, and managed FISMA compliance for the Secure Flight Program.
Performed all actions associated with proper Information Assurance and security Certification and
Accreditation of information technologies for TSA’s Secure Flight program.
Conducted C&A-related enterprise network vulnerability scans using mandated tools (Nessus)
Provided 24 X 7 Internet Security Surveillance as the SOC manager.
Planned and prepared detail practices and procedures on various technical security processes.
Designed and configured network security and enterprise network monitoring.
Identified and tested vulnerabilities as well as conducted research in areas of information system and
network security.
Analyzed security incidents.
Federal Government:
April 1997 – February 2008
GS14 Criminal investigator/Program Manager
Department of Education Office of the Inspector General
United States Postal Service Office of Inspector General
Department of the Treasury, Office of the Inspector General
• Devised and executed strategies and managed programs, projects, budgets, and teams for assigned criminal
investigative regions and Investigative Services Headquarters.
2
•
•
•
Oversaw the planning and operation of field investigations activities across 5 regions
Provided technical direction/managerial leadership to 100+ employees.
Performed a variety of criminal investigative and analytical assignments to include: Analyzed initial
allegations and recommended the extent of required investigative resources and the necessity for collateral
support; planned, organized and conducted investigations with regard to a wide variety of allegations;
planned and conducted surveillance and undercover work.
National Training Director for Protective Services
•
•
•
•
As the first DIA National Training Director built and deployed certification program and validation
protocol for Protective Services officers in order to ensure team members received and maintained
adequate training to perform their duties.
Directed all activities related to national training and certification program for the Protective Services
Branch.
Acting Deputy Chief for the Protective Services Branch.
Supervised 57 Protective Services officers
USAF/Air Force Office of Special Investigations
July 1983 – April 1997
•
•
Defense Intelligence Agency
Criminal Investigator/Academy Instructor
As a Criminal Investigator, investigated felony crimes including murder, robbery, rape, assault, major
burglaries, drug use and trafficking, sex offenses, arson, black market activities, and other criminal
activities. Violations of the public trust, appropriated and non-appropriated funds activities, computer
systems, pay and allowance matters, environmental matters, acquiring and disposing of government
property, employee misconduct, and other major administrative irregularities.
Instructor at the Air Force Office of Special Investigations Special Investigations academy
T RAINING E XPERIENCE
TRAINING EXPERIENCE







Excelsior College, Adjunct Professor, 2014- Present)
Certified ISC(2) Instructor – 2014-Present)
ASM Educational Center, Inc., Technical Instructor (2011-Present)
Nyack College, Adjunct Instructor (2005-2009)
Strayer University, Adjunct Instructor (2000-2011)
Southern New Hampshire University, Adjunct Instructor (2001-2008)
USDA Graduate School, Adjunct Instructor (1997-2005)
E DUCATION AND P UBLICATIONS
Doctor of Business Administration in Leadership– Doctoral Candidate
Walden University – Baltimore, MD
Doctor of Education in Organizational Leadership – (ABD)
Nova Southeastern University - Fort Lauderdale, FL
Master of Business Administration
University of Phoenix - Las Vegas, NV
Master of Information Technology in Information Assurance
University of Maryland, University College - College Park, MD
3
Master of Science in IT Project Management
American InterContinental University - Schaumburg, IL
Bachelor of Science in Education
University of Nevada - Las Vegas, NV
Associate of Science in Criminal Justice
Community College of the Air Force - Maxwell AFB, AL
Associate of Science in Information Systems
Community College of the Air Force - Maxwell AFB, AL
Associate of Science in Computing & Information Technology
Clark County Community College - Las Vegas, NV
Certificate in Information Security Specialist Certification Program
USDA Graduate School - Washington, DC
PUBLICATIONS


Book: Cybersense: The Leaders Guide to Protecting Critical Information
Book Chapter: Cyber Security in our Digital Lives “Cybersecurity and Insider Threat”
BOARDS

Board member on the Prince George’s Community College Computing and Information Technology
Institute (CITI) – Chairman of the Cyber Committee
C ERTIFICATIONS & M ILITARY
CERTIFICATIONS










Certified Chief Information Security Officer (C/CISO)
Certified Information System Security Professional (CISSP)
Certified EC-Council Instructor (CEI)
Certified Ethical Hacker (CEH)
Certified Hacking Forensic Investigator (CHFI)
Certified Authorization Professional (CAP)
Certified Computer Network Defense Architect (CNDA)
Certified SCADA Security Architect (CSSA)
Security +
IT Project+
MILITARY



Army National Guard, Military Intelligence and Criminal Investigations Command Criminal Investigator
(1998-2003)
U.S. Air Force – Flight Operations Specialist & Air Force Office of Special Investigations Criminal
Investigator (1983-1997);
US Naval Reserve, Heavy Equipment Mechanic, Seabees (1981-1983)
Experience key words: Cyber Security, Healthcare Cybersecurity, Cyber Forensics, Penetration Testing, Program
and Project Management, SCRUM, Lean Six Sigma, Leadership, Education and Training, Industrial Control System
Security, Business Analysis, LINUX, UNIX, ITIL, MS SQL Server 2014, MySQL, CISCO, VMWARE, Cloud
Computing and Security, Mobile Device Security, CISO
4