Jason Young

• Directed the integration of Information Security into GxP and 21 CFR Part 11 Compliance Validation Services for the company. • Served as Staff Information Security Engineer for all service offerings related to Cybersecurity and Quality Assurance Integration. • Drove all sales and attended conferences as the Infosec representative for the company.

Advised executives and engineers on corporate network infrastructure and data security design by implementing top level architectures, production network security controls, data segmentation, data privacy and data monitoring controls and processes. Provided risk management and auditing services to satisfy business and legal requirements financial, production, and personnel data protection. Performed vulnerability assessments and penetration tests providing recommendations to secure systems and processes.

Principally responsible for overseeing systems accreditation activities, developing information assurance and systems security policies. Interpreted patterns of system and process noncompliance to determine their impact on organizational security. Securely integrated organizational requirements into policies and procedures for the enterprise network. Ensured that protection and detection capabilities were acquired or developed using the secure methodologies consistent with policies for the organization.

Lead systems analyst and supervisor for 16 personnel that processed all systems validations, risk assessments and computer network defense efforts for the U.S. military in Europe. Primary interface between security requirements and command staff for decision making on risks posed to systems and process for approval or disapproval of operations. Main personal achievement was the first accreditation of the backbone infrastructure for the U.S. military in Europe.

Developed the information assurance and information security capabilities by establishing budget, management and sales processes for TCS. Assisted sales in acquiring external contracts and subject matter expert for all information assurance and information security concerns. Developed the company’s ISSLM (Information Systems Security Life-cycle Management) and the SDIM (Security Documentation, Implementation, and Maintenance) processes for validating systems and solutions provided by TCS to customers.

Advanced establishment of the information security business by creating budgetary requirements, marketing/sales collateral, equipment/software procurement, and writing successful proposals worth 3.2 million dollars. Provided technical inputs to solutions by analyzing/interpreting requirements for writing request for proposals, created basis of estimates and statements of work. Designed the security measures for satellite communications products that improved the security and operations of the systems.

Lead developer for the U.S. Army Europe's Information Assurance Computer Network Defense courses I and II. Developed and managed the CCV (Computer Compliance Verification) Station which conducted vulnerability assessments on deploying military units. Validated all information systems met U.S military security requirements and performed vulnerability assessments on network infrastructure. Developed the US Army Europe’s Mobile Training Team courseware from lessons learned in the CCV.

Network Manager for the Network Operations Security Center for the U.S. Army’s Balkans Region Network. Monitored network traffic for intrusions, errors, bandwidth, and node failures through the use of NetFlow, SolarWinds, and Spectrum. Created and maintained detailed diagrams of network and critical systems. Ensured routers and switches were upgraded with the latest IOS and configurations were compliant to security policies. Provided technical expertise to technicians at the Network Security Center.

Member of Vulnerability Assessment Team that assessed risk to military networks and information systems according to U.S. military policies and best business practices. Performed network security scans and created network diagrams. Surveyed users to analyze education levels, performed basic social engineering tests, and documented physical security for deficiencies. Assessed the operational impacts of security as it related to the operations, intelligence and information technology sections of battle staff.