Dr. Alan M. Sadeghi, Ph.D. Information Security
Address: 1425 K Street NW Suite 350, Washington, DC 20005
Primary Phone: 423-677-7113 Work Number: 202-587-2750 E-mail: alan@etechsecurity.com
CYBERSECURITY DIRECTOR & SENIOR ADVISOR
A senior cybersecurity advisor with 15+ years in-depth experience in 5 key ingredients: Security Business
Management, Security Development, Systems Security, Security Compliance, and as well as IT Security
Architecture & Infrastructure focusing on Cybersecurity Management for National and International
Operations within the Financial, Health, Educational, Governmental, and Manufacturer, and Energy
Industries with significant experience in proposing, architecting and Sales of Security consulting &
solutions to Executives Managements of Multibillion Dollar Industries. Adept at cultivating partnerships
and building lasting relationships across all business sectors with progressive experience in security
services and directing complex projects with great strategy, leadership, and culture awareness.
CORE COMPETENCIES
17 years of providing of providing security business development, advisory, consulting,
solutions, management and services at the senior level in the following security arenas:



























Cybersecurity Business Development &Sales of Security Consulting, Solutions, and Services
Cybersecurity & Intelligence
Risk Assessment & Risk Management
Information Assurance & Analyst
Cyber Crime Law & Investigation
Security Project Management
Risk Analysis & Incident Response
Access Control Systems
Network & Telecommunications Security
Security Standard & Best Practices
Business Continuity& Disaster Recovery
Security Architecture & System Model
Social Engineering
Encryption &Cryptography, AKT, RSA Token, VeriSign PKI.
Computer Forensic & eDiscovery
Cloud Security Audit
SmartGrid Security
Security Policies &Methodology
Vulnerability Assessment &Penetration Testing
Application Security
Wireless, Mobile & Voice IP
Security Supervision of IDM, SIEM, and SSO Implementations
Operation & Physical Security
Regulatory Compliance Security Audit
Security Training & Awareness
Award Winning Customized Reports
Security Quality Assurance
1
PROFESSIONAL EXPERIENCE AT ETECHSECURITY
ETechSecurityPro, LLC, TN, VA, and Washington, DC; 2002 – Present (10+ years)
CIO/CTO/CISO, Senior Security Advisor, and Information Security Project Manager
Acted as a security services and solutions manager and senior cybersecurity advisor for over 10 years for
multimillion dollar sales per year and performed all related BD project such as; Cybersecurity Business
Development, writing NDA’s/SLA’s/SOWs/Customer Value Proposition, Staffing/Training, and QC.
Managed numerous large sales and implementations of IT security consulting and solutions services
projects for clients such as; DOD, DHS, VA Hospitals, and Financial Industries as a sub-contractor to
Northrop Grumman, Accenture, and etc.; and have been main point of contact to CEOs, CFO, and CIOs
of Multibillion Dollar Industries.
Architect and sold IT related security consulting, solutions/services, and enterprise security auditing with
significant expertise in regulatory compliance in Financial, Healthcare, Educational, Manufacture, Energy,
Retail Industries as well as and Government Agencies.
Manage and supervise regulatory compliance with the latest industry standards and information security
systems best practices for key clients, including: Banks, Credit Unions, Government Agencies, Healthcare
Systems and Nuclear Systems among others.
Effectively reduced security exposures and strengthen overall organizational effectiveness by strategically
designing secure networks and managing implementation of numerous security programs.
Adeptly perform ISO 17799 audit and ISO27001/27002 framework, including: policy, access controls,
network security, platform security, app security, compliance and incident response.
Concisely write thousands of information security scopes of work (SOW) for clients and government
RFPs. Consistently provide coordination support for investigations and extensive training in DIACAP and
Information Assurance for DOD clients.
Organized mini white-board sessions with client’s team with the objective of an interactive discussion of
client’s environment as it related to their current or future security initiatives with the value of providing
relevant feedback and begin establishing a level of trust and business relationships. Demonstrated
strategies and established credibility that helped clients to understand how they can have secure
complied data, get their IT personnel highly trained, and save time & money.
SELECTED RELATED ACHIEVEMENTS AT ETECHSECURITY






Managed 160+ information technology security engagements and in 17 States, and 14 Countries
including numerous large client IT security projects with 100’s of IT Staff and 1000’s of Users
Analyzed security market need such a; near term market drivers; long term market drivers;
complexity and cost, market segments; marketing strategy; sales strategy; direct sales, alliance
partners sales, competitive analysis, market analysis, competitive landscape, and competitive
differentiators. Created operations plan such as; calculating financial projections, P&L, income
and expenses, forecasting, planning, cash flow, and balance sheet projection.
Designed a secure network with full security life cycle project for State of Virginia, managed and
trained a team of 471 cybersecurity IT staff/consultants; Managed incident response and
computer forensic services. Developed a new log and monitoring technology saving the Virginia
Information Technology Agencies millions of dollars per year in 24/7 monitoring of 82+ State and
Federal Agencies such as; DOD, DHS,VA as a sub-contractor to Northrop Grumman for 5 years.
Wrote the entire Operation Security Policies, Procedures, and Handbooks for Bank of Tennessee
(14 billion dollar banking) as well as Eastman Credit Union a (8 billion dollar credit union).
Created an effective automated Business Continuity and Disaster Recovery plan for Bank of
Tennessee a 14 Billion dollar banking industry save them 1.5 million dollar annually.
Recommended and managed implementations of HP IDM/SIEM project for 2 Healthcare and 2
Financial Establishments.
2









Performed Risk Analysis/Risk Assessment/Risk Management for 25 billion dollar Eastman/Kodak.
Redesigned and architected network infrastructure for Eastman Credit Union when this 8 billion
dollar credit union separated form Eastman Kodak and became independent. The entire
infrastructure moved to a new secure data center with 0 second time downside, also governed
the entire vender management processes for selection of all security hardware & software.
Governed the entire vender management processes for all security hardware & software for
Citizens Bank a 2 billion dollar banking industry and invented an auditing & vulnerability testing
methodology that was recognized by FDIC as one of the best “IT Security Audit Customized
Reports” for financial systems. Re-designed a secure network for Citizens Bank and initiated
compliance with PCI DSS which save them hundreds of thousands dollars as Project Manager.
Devised and governed an Information Technology Operation Polices& Methodologies for
Mountain States Health Alliances a 12 billion dollar healthcare that won Tech Award for best
“Security Methodology”; also conducted PCI DSS compliance.
Managed and designed business continuity and disaster recovery plan for CareSpark a major 16
billion dollar Healthcare industry in TN/VA/NC/KY that saved the client millions of dollar.
Managed FISMA compliance for “National Health Information Network” for VA hospital in
prototype phase as a sub-contractor to Accenture and designed a secure patient access control
with 258 bit encryption with FIPS 140-2 certification.
Trained over hundreds of client’s IT staff in information security and awareness, designed and
wrote IT security operations handbooks for leading financial and Healthcare clients.
Created a Risk Management & Analysis Plan for a Nuclear Fuel Energy Company and saved the
client millions by helping them to comply with NCR and get their license back by Government.
Completed 1,500+security audit and assessment as well as PCI/FISMA/DIACAP/HIPAA/SOX
compliance; also performed over 10000+vulnerability assessment and penetration testing in
financial, health, and governmental industries.
PROFESSIONAL EXPERIENCE AT EDS
EDS US, Europe, Middle East and Asia), 1985 – 2002 (17+ years)
Senior Consultant & Project Manager
Managed numerous large client IT security projects with 100’s of IT Staff and 1000’s of Users such as;
Cisco, HP, IBM, Northrop Grumman (NG), and Accenture. Directed organizational infrastructure and daily
IT security operations in coordination with client staff that included: information technology control
objectives, FISMA and ISO 17799 compliance, policy and procedure templates, and risk: assessment
reports, delivery, management program, profile/vulnerability testing, final delivery of assessment report
and final management policy and procedures. Tasked with managing the implementation of client HP
OpenView for leading shipping company enabling HP to receive extensive bonus for smooth product
delivery, on-time and within scope. Drove management of enrollment and implementation of AS/400
systems for IBM in France to successfully complete project ahead of time saving millions of dollars in
estimated project budget.
SELECTED RELATED ACHIEVEMENTS AT EDS







Managed and implemented Cisco Routers, Firewalls, and IDS/IPS for Eastman, and was
awarded other contracts with the same client.
Managed implementation of HP OpenView project on schedule for a large Middle East shipping
company and saved client millions.
Managed, enrolled, and implemented IBM AS/400 systems in Europe for financial industries.
Managed large scale implementation of Cisco Routers and Firewalls for Financial Industry in EU.
Managed Implementation and configuration of IBM Tivoli for a large Hospital in EU.
Managed Implementation of CA UniCenter for a Financial Company in Middle East.
Managed Implementation and Configuration of IBM Mainframe in Asia.
3
EDUCATION

Ph.D. in Information Security from Sorbonne University

CISSP, CISA, CISM, DIACAP, CCIE, PMP, GIAC, CNSP, SANS GSLC, SCHSS HIPAA, HP
OVO & IDM, IBM Tivoli, CCSE, Sun Java, Linux, Certified Forensic Investigator

Security Framework & Methodologies:
CERTIFICATIONS
TECHNICAL AREAS OF EXPERTISE
Security Audits: GLBA, HIPPA, HITECH, SOX, FISMA, DIACAP, FERPA, NRC, PCI DSS
Compliance, SAS 70/94, ISO 17799, 27001, 27002, FIPS 200.201.202,203, 204, 205, COBIT,
NSA IAM, FDIC, FFIEC, IT Guidelines, NIST 800-53 with FIPS 200 and 201, DOD 8500-2, OMB
A-130, NSA INFOSEC IAM, OBIT, The Privacy Act of 1974974, Computer Security and Privacy
Act of 1987, National Plan for Information Systems Protection of 2000, The USA Patriot Act of
2002, Homeland Security Presidential Directive-3 (PDD3), 2002.

Tools & Networking:
Qualys, ISS, eEye Iris & Retina, Tenable Nessus, Checkpoint, Cisco, Snort, AAA,
HyTrsut, IDS/IPS, OpenView, Tivoli, SSO, WSDL, VPN, SSH, SSL, PGP, AKT, PKI, RSA,
VeriSign, SOA, SDLC, UUDI,SOAP, SAML, SIM, SIEM, SME, CA SiteMinder, WebSphere,
ArcSight, OWASP, IBM, HP, and Oracle Identity Management, Access Management, Content
and Consent Management, HL7, RSA Token and eGRCE, and VeriSign PKI, EnCase and FTK.

Computer Languages:
Have familiarity with Java, C++, HTML, Visual Basic, Perl, XML, SQL, ASP.NET, and PHP.

Platforms:
Windows, Linux, UNIX, Mac OS X, and AS/400, Mainframe, and VAX.
AWARDS, PROPRIETARY, AND INTELLECTUALS






Was recognized for creating “IT Security Audit Best Customized Reports” in Financial Industries.
Won Tech-Award for “Security Best Methodology” in Healthcare Systems.
Designed Consumer Secure Access Control Technology, 258 bit Encryption with FIPS 140-2.
Invented Security Hexagon Methodology by focusing the same amount of importance to the;
Confidentiality, Integrity: Availability, Accountability, Interoperability, and Reliability.
Founded local ISACA/ISSA (Information Systems Security Association); The Tri-Cities Chapter.
Praised by local community for voluntary time as a senior cybersecurity advisor to local FBI to
stop crimes against children abuse and elderly identity theft.
PUBLICATIONS
Published 3 Books:



Establish Preparedness in Government IT: By Dr. Alain Sadeghi
Information Security Operation in Health IT: By Dr. Alain Sadeghi
Protecting Security of PII: By Dr. Alain Sadeghi
CITIZENSHIP

US Citizen
SECURITY CLEARANCE


Active Secret Clearance from Department of Defense and Department of Homeland Security
Bonded by FBI and Eligible for Top Secret Clearance
4
TRAVELING & RELOCATION

Can travel up to 75% of the time and willing to relocate anywhere within US and internationally for
the right opportunity
AVAILABILITY

Can be available based on 1 to 2 weeks’ notice

LinkedIn: http://www.linkedin.com/in/etechsecurity


French, Italian, Spanish, Farsi, and German
Hold a European Union Passport as well
SOCIAL MEDIA PROFILE
FOREIGN LANGUAGES
REASON FOR EXPLORING OTHER OPPORTUNITIES


Sold share at eTechSecurityPro and now exploring a great opportunity with the right company.
I spent most of my 27 years working in the Information Technology with 17 years in the
Information Security field positioned in Silicon Valley and over-seas. My life long career in the IT
Industry continues to be a fulfilling part of my life. I derive a great deal of satisfaction and
enjoyment from my work, as I do from other parts of my life. 10 years ago I single-handedly
created a $2 Million per year Information Security Service Company in a small blue collar town
located in Northeast Tennessee, with nothing but determination. After careful consideration, I
decided to seek outside employment for the long-term stability while advancing as a professional
in the industry I’m so enthusiastic about.


Short Term: Looking for Senior Cybersecurity Contracts Opportunities.
Long Term: Looking for a full time Cybersecurity Management Opportunities with a good
company that would make me to be more effective and stay more interested in this field over the
long haul and be thriving in its environment/culture for ideal long-term career goals. Based on my
background and strength the factors that would be most accounted for my career success would
be exploiting my most outstanding qualities in all areas of information security works that I do
excel and this would motivate me to contribute the most to success of the company as well.
TYPE OF OPPORTUNITIES INTERESTED
EXPECTED COMPENSATIONS

It is negotiable and it should be based on experience, expertise, qualification, education, and
certifications.
REFERENCES

Work and Clients references available only, when there is a real interest by your firm and I have
been selected for specific position.

Please read my resume thoroughly before contacting or interviewing me to make sure that I’m the
right candidate for you or for your client.
SPECIAL REQUEST
5