1. 306 E Hickory Grove RD Timothy D. Lewis Mobile: 719-244-6462
Hartford City IN, 47348 Home: 765-347-8388
www.linkedin.com/in/timlewis2/ Email: brolou63@yahoo.com
Summary of Qualifications
More than 24 years successfully leading and mentoring military professionals in Communications Security,
Information Assurance,and military emergency management exercises. Network +, Security +, and ITIL V3 2011
certified. Top Secret security clearance since December 1986. Versatility includes military experience, Alaska
Labor Union Grants Administration, Senior Test Engineer, and Information Assurance Security Analyst for existing
computer projects and new hardware and software platforms designed specifically to meet the National Security
Agency’s national defense agenda. Projects include extensive support to customers of the US Air Force and US
Army for over 30 years.
Summary of Accomplishments
Gained valuable experience as an IA Analyst using the Assured Compliance Assessment Solution (ACAS).
Performed weekly scans,filtered vulnerability data, and collaborated with teams to mitigate vulnerabilities.
Maintained solution to track and report high risk Information Assurance Vulnerability Alerts (IAVA). Authored
the weekly report to military leadership regarding current status ofeach high risk IAVA. Provided summary
status and barriers to mitigation with planned mitigation dates.
Developed test strategies for three Department of Defense projects involving spiral development, adhering to
process and procedures throughout the scope ofeach project.
Managed five grants for the AK laborers union training schoolwith grant moneys totaling in excess of $5M.
Conducted Information Assurance (IA) risk and vulnerability assessments
Processed Certification & Accreditation packages before new systems were added to the domain.
Established an F-22 platform specific EKMS COMSEC account for the Air Force. Enabled the deployment of
advanced fighter aircraft to the Pacific Rim.
Air Force TEMPEST/EMSEC manager for three bases spanning more than 10 years’ experience.
Education
BSM - University of Phoenix Mar 2015
AA in Information Technology - Community College of the Air Force Nov 2004
Professional Accomplishments
Information Assurance Security Analyst – (STG Inc.) Jun 2014 – Nov 2015
Security Auditing, Certification and Accreditation
Evaluated Information Systems for compliance in accordance with DoD 8500.2 Controls and Special Directives.
Prepared artifacts associated with the audit to ensure a repository for all systemDIACAP and Certification &
Accreditation (C&A) documentation was kept current.
Used automated security scanning tools (ACAS) to identify potential vulnerabilities. Analyzed and reported
findings to technical teams and leadership for appropriate tracking and mitigation.
Assisted in the identification, tracking and remediation of security risks discovered on information systems.
Prepared and delivered detailed written reports and oral presentations to the Security Manger, Information
Assurance Managerand other senior leaders within the 2RCC-WH.
Coordinated with both internal and external entities to improve established processes and procedures; ensured
efficient execution of all analysis, tracking, and mitigation and reporting requirements.
Created, edited, and reviewed organization and team level documentation for clarity and accuracy. Assisted with
development of security related TTPs, SOPs, processes,plans,and diagrams.
Senior Test Engineer – (Ultra Electronics, Prologic, Inc.) Sept 2011 – Feb 2013
Key team member on the design, configuration management and strategic future implementation of an entirely
new hardware/software device for the National Security Agency (NSA)
Utilized two automated systems (PACE and MANTIS) for this system-level test strategy
Authored two final test reports for customers with analysis on hardware and software solutions for the USAF.
Developed test plans, scenarios and expectation of system-level devices
Completed two contracts with the USAF: Virtual Machine Analysis to replace existing Local Management
Device for the Electronic Key Management System, and the Data Management Device software upgrade
Performed regression testing on the Data Management Device project using an USAF operational code which
resulted in a new software version correcting all the deficient code from the prior company
2. Traveled to customer site for a hands-on demonstration and to conduct Formal Qualification Training
Grants Administrator – (Alaska Laborers Training School) Sept 2010 – Sept 2011
Enrolled more than 375 students each schoolyear and applied Grant monies to qualifying members
Managed all computer systems,audio, and visual systems for the training school
Presented grant administration policies to each class,presented a formal introduction of training materials
Coordinated extensively with the Alaska Department of Labor to secure additional grant opportunities
Manager – Communications Security/Information Assurance/TEMPEST-EMSEC Apr 1986 – Aug 2010
(United States Air Force)
Worked as the Pilot Test Account manager for the Electronic Key Management System (EKMS); Data
Management Device (DMD) and Simple Key Loader (SKL)
EKMS is a DoD wide network systemused for distribution of Cryptographic keying materials; up to and
including Top Secret; primary network between National Security Agency and military bases (Tier 0 to
Tier 2 communications)
DMD is a networked computer systemto automated cryptographic keying of End Crypto Equipment
(ECU) (e.g. secure radios, network encryption devices and remote radar systems)
SKL is a hand-held computer device that enables manual keying of ECU
Provided guidance,assistance,training, and education to unit COMSEC Responsible Officers (CROs) and
Secure Telephone Unit III (STU-III)/Secure Telephone Equipment (STE) Responsible Officers (SROs), and
Fortezza Responsible Officers (FROs) on proper control, accountability, and destruction of COMSEC material.
Implemented, interpreted, and supplemented COMSEC policy and directives. Maintained documentation on user
accounts and ensured 100 percent accountability of tape-based and Electronic Key Management System keying
material. Conducted semiannual COMSEC audits and inventories on CRO/SRO/FRO accounts and reported
COMSEC incidents according to AF and DoD policy.
Performed as a security manager, supervising COMSEC accounts during transition from physicalmaterial to
EKMS
Ensured enterprise IA policies fully supported all legal and regulatory requirements and that IA policies were
applied with new and existing Information Technology infrastructure
Identified IA weaknesses and provided recommendations for improvement
Monitored network IA policy compliance and provided recommendations for effective implementation of IT
security controls
Conducted security analysis of automated processing equipment to ensure conformity for classified information
processing
Administered the full range of IA disciplines to include COMSEC, COMPUSEC, EMSEC, Network
Certification and Accreditation, Information Assurance Assessment and Telecommunications Monitoring and
Assessment Programs.