Diverse pros do fine work in cybersecurity & intell
“Hard challenges make the job interesting! Every day is different and there’s always something new to learn.” – Susan Sherman, DLA lead incident handler
“Having a diverse workforce that looks like the nation we serve is a mission imperative.” – Donny Weber, NSA deputy chief of recruitment
By Laurel McKee Ranger
In today’s world the security of data and the networks on which it rides is critical to our government, our economy and even our way of life.
President Obama has called cybersecurity one of the most serious challenges faced by the nation. Shortly after he took office he ordered a review of federal efforts to defend the U.S. information and communications infrastructure, and the development of a comprehensive approach to securing our country’s digital backbone.
With ever-changing risks and threats to face, jobs in cybersecurity are both challenging and rewarding. Technical pros find opportunities in government organizations and with private companies that are increasingly aware of the need for secure and available networks.
Debora A. Plunkett is a director at the NSA
Debora A. Plunkett is director for the Information Assurance Directorate (IAD) at the National Security Agency (NSA, Washington, DC). The agency’s core missions involve protecting U.S. national security systems and collecting, processing and distributing intelligence information from foreign sources for intelligence, counterintelligence and support of military operations.
Plunkett grew up in Baltimore, MD and graduated from Towson University (Towson, MD) in 1981 with a BS in natural science. She went to work for the Baltimore city police department crime lab and had been there three years when she heard about opportunities at the NSA. She started with the NSA as a traffic analyst, studying foreign message traffic to determine communication patterns and gather intelligence. “Both jobs required the kind of analytic skills I had,” she says. In 1987 she was certified as a traffic analyst.
Plunkett has been on the intelligence side for much of her career at the NSA. In 1995 she was awarded an NSA graduate fellowship and used it to obtain a 1999 MBA at Johns Hopkins University (Baltimore, MD). In 2001 she completed NSA’s senior leadership development program and was given senior exec status.
From 2000 to 2001 she was a director on the National Security Council at the White House. She completed an MS in national security strategy from the National War College (Fort McNair, Washington, DC) in 2002.
In 2008 she was asked to come over to the information assurance side of the agency. “The missions are significantly different,” she says. “On this side we are much more open about our missions and a lot of what we do is public. But at the leadership level the challenges are very similar.”
The IAD, Plunkett’s side of the agency, is responsible for providing defense and security for
all U.S. national security systems. This includes cryptography plus telecom and information systems security. The directorate does vulnerability and threat analysis, develops and disseminates information, provides assurance guidance and develops IAD products and solutions.
Plunkett has ten direct reports. She begins her day about 7:00 AM and moves from meeting to meeting and from issue to issue.
When she first graduated from college she wanted work that would stretch her science skills, and she’s had it ever since. “I still find my job fascinating,” she says, “especially at this time with the technology growing and expanding.”
Her greatest current challenge is the complexity of information assurance requirements across the U.S. government. “It’s a juggling act,” she says, “but I enjoy seeing the difference we make and coming up with innovative solutions that help us stay ahead of problems.”
In 2007 the President of the United States conferred on her the rank of meritorious executive in the Senior Cryptologic Executive Service.
After hours Plunkett continues to use her detective skills in her hobby of genealogy. She’s used DNA analysis to trace her mother’s line back to what is now the Central African Republic of Cameroon.
Diversity and opportunity at the NSA
Donny Weber, deputy chief of recruiting, notes that “Having a diverse workforce that looks like the nation it serves is a mission imperative for the NSA.” The agency looks for backgrounds in CS, math, computer engineering, EE, languages, intelligence analysis and finance. Its recruiters attend diversity-oriented career fairs and work with HBCUs, Hispanic-serving schools and others with diverse populations.
The NSA offers training and education including courses through its National Cryptologic School. “We encourage professional development and ongoing education,” Weber notes.
The recession hasn’t affected the agency’s hiring. “We still hire about 1,300 people a year,” Weber says, “and we find the recession has made the government even more appealing to job applicants.”
Renee Stevens directs a lab for U.S. Customs and Border Protection
U.S. Customs and Border Protection (CBP, Washington, DC) has eight labs
and a teleforensics center. CBP is one of the largest and most complex components of the Department of Homeland Security, responsible for keeping terrorists and their weapons out of the U.S. It also secures and facilitates trade and travel and enforces hundreds of U.S. regulations, including immigration and drug laws.
Renee Stevens is director of a CBP lab in Springfield, VA. “I serve as a chemist as well as lab director,” she explains.
While the labs generally handle everything from trade and tariff protection to crime scene investigations and forensics, “My lab is responsible for methods validation for the other labs and for special projects and interagency working groups,” Stevens notes. The lab assesses screening tools and forensic equipment and looks at new testing methodologies and ways of enhancing current ones. It also has the unusual tasks of packaging drugs and developing scent profiles as training aids for CBP’s drug-sniffing dogs.
CBP needs to screen everything that comes across the border, from food and drugs to people. The lab is always looking for new ways to detect potential threats and determine the country of origin of various items.
Stevens grew up in Brooklyn, NY and earned a 1996 BS in premed at the City College of New York, part of CUNY. As part of a fellowship she received from the New York chapter of the National Coalition of Ten Black Women, Stevens was mentored by Muriel Petioni, MD, a trailblazer for African American women in medicine. The mentoring relationship led to an internship at CBP as a student trainee chemist and that changed her career choice.
So far at the agency, Stevens has worked as an analytic chemist, a chemist/science officer, first director of the teleforensics center and deputy assistant director of the domestic nuclear detection office. She has received awards from the CBP and the DHS.
While a student at CUNY, Stevens joined the National Organization of Black Chemists and Chemical Engineers (NOBCChE) and the American Chemical Society (ACS). She’s still very active with both, and is president of the DC metro chapter of NOBCChE.
Stevens likes being part of her agency’s mission. “We all sleep better at night because of the job our officers do on the front line,” she says.
CBP’s year of diversity
U.S. Customs and Border Protection has designated 2010 as a year of diversity and inclusion. The agency’s senior leadership has launched a diversity initiative to attract and retain underrepresented groups, explains Lorraine Phillips, exec director for HR ops programs and policy. “We have to reflect the nation we serve and to build on diversity, one of the essential strengths that makes our nation great,” she says.
Training is a priority throughout the agency. There’s a project management curriculum for IT pros that offers courses customized to reflect CBP’s IT needs and requirements. Successful completion of the program earns a masters certificate in project management from George Washington University (Washington, DC).
The agency attends diverse career fairs looking for backgrounds in engineering, chemistry, forensic science, IT, security and intell.
Anthony Brown: division manager at the Navy Cyber Defense Command
Anthony C. Brown manages a joint incident handling division assigned to the U.S. Navy’s Cyber Defense Operations Command (Virginia Beach, VA). It provides computer network defense for the Navy. Brown has been with the command since 2005 and is a member of the Government Forum of Incident Response and Security Teams.
“I’m responsible for incident handling at the Navy’s computer security response center,” he explains. “We work computer security issues from hacking to malicious software to unauthorized devices on the network.” He has about forty direct reports on three teams that provide coverage 24/7.
Sometimes team members have to go onsite to resolve serious incidents. “That can involve going just about anywhere. The Navy operates globally and we cover the Navy/Marine Corps intranet (NMCI), the world’s largest network. It’s huge!” Brown says.
Huge, indeed. The NMCI has some 350,000 users and 600,000 devices including servers, work stations, switches and routers. Brown’s team covers all these components. Local information assurance managers report to his team, and the team also detects problems on its own and reports them to the local groups. “At any given time there are hundreds of open incidents,” Brown explains. Each new virus can result in a huge surge of incidents, but the group develops mitigation plans to address the threats.
Brown has an AAS in computer and information science with a major in IT and networking, and a 2004 BS in IT from the University of Phoenix (Phoenix, AZ). He’s currently working on an MBA with a concentration in info security management through Saint Leo University (Saint Leo, FL). He’s also a certified information systems security professional (CISSP).
Following a six-year stint in the Navy as a hospital corpsman, Brown started a civilian career
in 2001, working for Canon IT Services as a product support rep. The next year he joined Computer Science Corp as a field engineer, and in 2004 moved to Lockheed Martin as a senior network assessment specialist.
“I started out in healthcare in the Navy,” he explains, “but ever since elementary school I’ve been into computers, and every place I went in the Navy I became the resident computer expert. It seems I was just wired that way.” He’s back with the Navy now, but as part of the civilian workforce.
The most rewarding part of Brown’s work today is when a major incident, like a virus outbreak on an operational system, causes a degree of chaos, but he and his group are able to handle the situation and help get the system back up and running. “You can really see the fruits of your labor then,” he says.
Diversity is a strategic imperative in the Navy
As Chief of Naval Operations Admiral Gary Roughead explains it, “Diversity has made our nation and Navy stronger. To derive the most from diversity, every individual, military or civilian, must be encouraged and enabled to reach his or her full potential. Those who are capable must be inspired and empowered to attain the most senior levels of leadership.”
Ebony Jarrett, an EEO officer for the Navy, agrees that “Diversity has a big role in the US Navy.” Some 43 percent of IT specialists in the Navy are diverse. “We participate in the Presidential Fellows Program and have internship and co-op programs for students, and we’re working to ensure that the U.S. Fleet Cyber Command has a special emphasis program manager for African Americans, women, Hispanics, Asian Pacific Islanders and people with disabilities. We’re now incorporating veterans into that as well,” she adds.
Lt Cmdr Mark Venzor, diversity officer for the Navy Cyber Forces, notes that a mentoring program for military and civilian personnel is under way. It includes an e-mentoring website
for the global workforce. “We also have very robust training programs,” he says.
Joseph Mathews: network security at the Naval Research Lab
“There’s no shortage of problems to be solved on the Internet,” says Joseph Mathews, a computer engineer doing network security
research for the Naval Research Lab (Washington, DC). “We do so much on line and there are so many ways to attack that. So we find ways to prevent attacks.”
The NRL conducts scientific research for the Navy, covering everything from biologics to cyber security. Mathews is a task and team lead and his work covers a number of different areas. The first involves visualizing the health and posture of U.S. Navy networks.
“How do you visualize the status and behavior of a million different computers? It’s not an easy problem to solve,” says Mathews.
His team also works directly with the warfighter community to create problem-solving tools. Since he joined the organization, both Mathews and his team have won awards for technical excellence.
Mathews grew up in Baltimore, the son of immigrants from southern India. He has a 2002 BS and a 2004 MS in computer engineering from George Washington University (Washington, DC). He worked on the MS while on an information assurance scholarship from the NSA, and began with his current team as part of the scholarship. He liked the NRL work so much that he was into it fulltime even while he was still in school.
“The work we do influences the strategic direction of information assurance policy across the entire DOD and even internationally,” he says.
“The technology landscape is so fast-changing. Ten years ago adversaries exploited network vulnerability. Five years ago the vulnerability was at the operating system level and today it’s at the application level. The landscape of threat changes constantly.”
Diversity keeps the NRL vital and cutting-edge
Lori Hill, Deputy EEO officer at the NRL, declares that “A diverse workforce is essential to our mission, and helps ensure that the lab is vital and cutting-edge.
The NRL offers long-term training at the Naval Post-Graduate School in Monterey, CA and other venues. There’s also a sabbatical program that lets senior researchers go to labs anywhere in the world to do their work.
Susan Sherman is lead incident handler at the DLA
The Defense Logistics Agency (DLA, Fort Belvoir, VA) provides a variety of logistics and technical acquisition services to the Army, Navy, Air Force, Marine Corps, other federal agencies and the joint and allied forces. It’s the largest logistics combat support agency for the Department of Defense.
The DLA’s computer systems around the world come under constant attack. Susan Sherman, lead incident handler, manages the investigation of all computer security incidents.
She started with the agency as part of an outstanding scholar program in 1987. She trained for six months as a programmer, then became a data admin, and moved into security in 2004.
Sherman has a 1982 BS in education and comprehensive communications from Kent State University (Kent, OH) and a 1994 law degree from Capital University (Columbus, OH). She completed that degree while working fulltime at the DLA. “It helps me with my investigations,” she explains.
After graduating from Kent State Sherman started in teaching. Then she moved to computers and on into computer security. “It seemed to be the wave of the future,” she says. She trained in security at the SANS Institute and through the DOD, and has both CISSP and CGIH certification.
Ever-changing attack vectors are the greatest challenge of the work. “As soon as one weak area is patched another is found. The attackers are hidden behind routers and bot-net computers. If a bot-herder has 100,000 computers, it’s hard to find them all,” she explains.
Hard challenges, but they make the job interesting. “I don’t do the same work any two days. Every day is different and there’s always something new to learn.”
Sherman, who grew up in Ashland, OH, is on the board of directors for the Westerville, OH Special Olympics and a member of the PTA at her daughters’ school.
Diversity gives the DLA unique perspectives
Liz Vigil, HR specialist at the DLA, says the agency “realizes that having a diverse workforce helps us accomplish our mission of helping the warfighter. Diverse workers bring unique qualities and perspectives.”
The DLA’s workforce equity initiative, begun last year, appoints likely people throughout the organization to help with workforce development, recruitment and retention. “We’re also looking at developing partnerships with affinity groups and organizations like Blacks in Government and Federally Employed Women,” Vigil says.
Some 37 percent of IT specialists at the DLA are female and 16 percent are African American. Hispanics make up 2.5 percent of IT specialists and Asians make up four percent. One out of three IT specialists in network ops and security is a woman, one in five an African American; 2.5 percent are Hispanic and one percent Asian.
Employment at the DLA remains steady. “The current recession is really encouraging employment with the federal government,” Vigil has noticed. The agency hires both IT specialists and engineers, and looks for security backgrounds with certifications in the area.
Rick Muse does IT research at Battelle
As a research scientist in IT and information research at Battelle (Columbus, OH), the independent R&D organization, Rick Muse maintains the security of several sensitive networks. He also provides day-to-day desktop support for more than a hundred computer systems.
He works in the national security global business, on a network segregated from the rest of Battelle’s systems so his group can do information research without risk of infecting the organization’s own files or its clients’ files.
“We specifically go to sites where we’ll pick up viruses in the course of our research,” Muse says. “Part of my job is remediating the viral damage. We back the system up regularly, and although we’ve had the system up and running for two years we haven’t taken a major hit yet.”
Muse earned a BS in IT from the University of Phoenix (Tucson, AZ) in 2001, while stationed in Arizona with the Air Force. He first joined the Air Force in 1981, starting in the medical field as a lab specialist, then moving into logistics and electronic intelligence.
“My first intelligence job was to keep the enemy from communicating,” he explains. “Then I
did deep-space surveillance for three years followed by low-altitude surveillance. Being in electronic warfare made me realize the importance of cybersecurity.”
After his career in the military, security seemed a natural fit. He worked for a government organization that updated security clearances, then moved on to Battelle.
Muse loves being at a cutting-edge company that’s into so many things. He’s pleased that he can keep sensitive networks secure so the researchers at Battelle can get their work done.
“I keep the threats on the outside,” he says with pride.
In his off hours he helps with local 4H groups near his hometown of Westerville, OH. He’s becoming an instructor in one of the clubs, and also volunteers in the town government.
Deborah Abercrombie faces down threats at GeoEye
“I’m in a new position for GeoEye,” says Deborah Abercrombie, an information systems security admin (ISSA). “I prepare the company for changing threats and vulnerabilities, and focus on secure handling of data and the fulfillment of government regulations and contracts.”
GeoEye is a provider of satellite and aerial imagery found on Google maps
and in video games, and also used by people working in aviation and marine mapping, oil and gas planning, environmental monitoring, local, state and federal agencies,
and in national security and intelligence apps.
Abercrombie’s primary responsibility is making sure the security policies and procedures and daily information assurance practices used at GeoEye adequately protect the company’s data, networks and infrastructure, and its customers’ information.
She also coordinates site personnel who provide IT and physical security at company facilities. “I coordinate meetings at all sites, and the team develops standards, processes, procedures and training. It’s a collaborative effort,” she notes.
Abercrombie acquired her skills through courses at Learning Tree, Global Knowledge, Defense Security Services Academy, National Security Training Institute and others. She picked up software skills on the job, and began her career and in-depth IT training at the McLean, VA location of Northrop Grumman (Los Angeles, CA). She worked as a Unix systems admin until 2005 when she joined GeoEye, first as a systems admin, then as the ISSA.
GeoEye continues to provide her with training, and she’s currently working for her certified information systems security professional designation.
Abercrombie’s father was an MP and detective. Once she got into IT, security seemed a natural step, and she loves the challenge of sharpening security awareness at GeoEye.
“Our workforce must be highly educated and alert to protect our data. Integrating security into everything we do is the big challenge,” Abercrombie concludes.
DIVERSITY-MINDED AGENCIES & COMPANIES WORKING IN SECURITY AND INTELL
See websites for current openings
|Agency/company and location
|Battelle (Columbus, OH)
|R&D in lab management, national security,
energy tech, health and more
|Booz Allen (McLean, VA)
|Strategy and technology consulting
|Defense Logistics Agency
(Fort Belvoir, VA) www.dla.mil
|Logistics combat support
|Department of State (Washington, DC)
|Conducts U.S. foreign policy
GeoEye (Dulles, VA)
|Satellite and aerial imagery, location info
products and image processing
|IGT (Reno, NV)
|Network systems products and computerized gaming machines
|National Security Agency
(Washington, DC) www.nsa.gov
|Intelligence and information for U.S.
decision-makers and military leaders
|Navy Research Laboratory
(Washington, DC) www.nrl.navy.mil
|Research lab for Navy and Marine Corps
|U.S. Customs and Border Protection
(Washington, DC) www.cbp.gov
|Secures U.S. borders and ports of entry;
enforces immigration and trade regs
|U.S. Navy (Washington, DC)
|Maintains, trains and equips combat-ready
Back to Top