CHRIS CARPENTER

14206 Downdale Court

Laurel, MD 20707
Phone (443) 474-4137
Email: ccarp8@gmail.com
WORK
EXPERIENCE Director of Security Operations
Secretary of Defense Communications

September 2013 Present

Responsible for the logical and physical security of communications for the Secretary of Defense. Devises the
security architecture for the organization to allow for secure communications while still utilizing cutting edge
technology. Manages a team of contractors responsible for network defense, monitoring, security compliance and
physical SCIF accreditation. Provides research and mitigation strategies on security threats for senior leadership up
to and including the Secretary of Defense. Creates policies for managing enterprise security risks and manages a
multimillion dollar budge for implementing mitigations.
Chief Security Architect
Administrative Offices US Courts

February 2013 September 2013

Managed a mixed team of federal and contractor staff responsible for the secure design and implementation of the
United States Federal Court system security architecture. This included the networking infrastructure, security
components (IDS, IPS, Firewall and SIEM) and newly developed applications.
Chief Information Security Officer (CISO)
United States Mint

June 2011 February 2013

CISO responsible for securing all United States Mint information systems. Developed overall security strategy for
the enterprise. Managed incident response, network monitoring, system certification, risk management, penetration
testing and all cryptology devices. Reported information security status to Mint senior management, Treasury CISO
and also Department of Homeland Security (DHS). Managed a mixed staff of 20 contractors and Federal employees.
Penetration Tester
Mantech

November 2010 June 2011

Penetration tester and system architect for the Library of Congress (LOC). Developed and implemented a
penetration testing program for the LOC. Also provided hands on penetration testing of LOC systems, training on
testing techniques, remediation recommendations and detailed documentation of testing results
Network Security Engineer
Knowledge Consulting Group (KCG)

May 2006 November 2010

Subject Matter Expert (SME) for Federal Bureau of Investigation (FBI), Certification and Accreditation Security
Assessment Team. Responsible for evaluating system compliance with security requirements. Performed
vulnerability assessments and penetration tests using well known assessment tools. Testing was conducted based on
NIST 800-53 and DCID standards. As a team lead, managed testing engagements, scheduling and deliverables.
Worked closely with Engineering Team, Security Officers to test system functionality and accuracy.
Security Analyst
National Centers for Coastal Ocean Science (NCCOS)
Silver Spring, MD

December 2005 April 2006

Security analyst for NCCOS responsible for creating Certification and Accreditation (C&A) documentation and
configuring network equipment to meet security requirements. Developed C&A policy in accordance with NIST
800. Daily job duties include creation of AD GPO policies, development of secure computer configurations and
devising software deployment strategies using SMS and GPO.
Network Engineer
Unisys Contractor for the Executive Office of the President (EOP)

Washington DC

May 2004 December 2005

Network engineer for the Architecture and Engineering directorate of the EOP. Daily tasks included research of new
technologies, security analysis, project management, systems documentation and deployment of new technologies
throughout the EOP. Security analysis included Certification and Accreditation of new systems covering firewall
configuration, network architecture and vulnerability assessments. System documentation produced includes System
Requirements Documents, Concepts of Operations and detailed testing plans.
Chief Technologist
Prospect Technologies
Washington D.C

August 2000 May 2004

Primary job responsibilities included IT consulting, LAN/WAN network design, project management, server farm
management, disaster recovery planning, network security, and web site design. Responsible for procurement and
testing of new hardware and software systems. Also conducted extensive business development engagements and
budget management.
United States Air Force
Avionics Technician/Instructor

February 1989 August 2000

Worked as an avionics technician on C-17, C-141 and C-130 aircraft. Also served as a military training instructor.
EDUCATION Bachelor of Science Computer Information Technology, August 2008
University of Maryland University College
GIAC Web Application Penetration Tester (GWAPT), September 2012
Treasury Leadership Development School, March 2012
GIAC Certified Penetration Tester (GPEN), July 2010
Cisco Certified Network Associate Security (CCNAS), March 2010
Certified Ethical Hacker (CEH), November 2009
Certified Information Security Professional (CISSP), April 2009
Certified Incident Handler (GCIH), May 2008
Microsoft Certified Systems Engineer (MCSE), September 1999
TECHNICAL
SKILLS

Penetration Testing, Vulnerability Assessment, Intrusion Detection, Network Monitoring, Windows OS, Active
Directory, Unix, Cisco Network Devices, Microsoft SMS, Microsoft Exchange Server, Wireless Networks,
WAN/LAN Networking, VPN, Firewalls, Network Security Analysis