Michael Mather - Principal Information System Security Engineer at Central Intelligence Agency

Disclaimer: This information was obtained from publicly available sources online and is believed to be accurate at the time of publication. Valimates collects this information with proprietary technology and cannot guarantee the accuracy or completeness of the data. The purpose of the data is to inform the reader about the expertise of the individual and should not be used for any other purpose. Valimates does not have any affiliation with the individual.

Michael Mather Principal Information System Security Engineer at Central Intelligence Agency

Claim Profile Update Profile Delete Profile

Michael Mather is a Principal Information System Security Engineer with an impressive track record of over 30 years of IT experience. They have a vast knowledge base and expertise in various cybersecurity areas, including FISMA/NIST Series, DOD RMF, DIACAP/DITSCAP/DIARMF, and DHS security directives. They have demonstrated exceptional competency as an SME in engineering secure communication, system integration technologies, and methodologies.

In their previous roles, Michael has led and managed successful IT integration and IT security programs, ensuring compliance with organizational policies and reducing information security risks to acceptable levels. They have developed and executed plans for information security, conducted security awareness training, and performed vulnerability and compliance testing evaluations. Additionally, Michael has served in leadership positions at esteemed organizations such as the Central Intelligence Agency, Office of the Director of National Intelligence, U.S. Customs and Border Protection, National Reconnaissance Office, and National Geo-Spatial Intelligence Agency.

With a Bachelor's degree in Computer/Information Technology Administration and Program Management, along with a background in Applied Mathematics, Michael possesses a strong educational foundation to support their extensive experience and expertise in the field of cybersecurity.

More about this expert

Full name: Michael Mather
Location: Washington DC-Baltimore Area
Title: Principal Information System Security Engineer
Company: Central Intelligence Agency (since 2021)
Industry: International Affairs
LinkedIn profile: https://www.linkedin.com/in/michael-mather-25336252/
LinkedIn Connections: 12351
Summary: Principal Information System Security Engineer providing Cybersecurity information system support to contract officers and engineer subject matter experts in information technology integration both enterprise and into the cloud. Subject Matter Expert with over 30+ years of IT experience. Extensive encyclopedic base of knowledge consisting of the entire FISMA/NIST Series, DOD RMF, DCID 6/3-ICD 503, DIACAP/DITSCAP/DIARMF, DHS security directives, procedures, processes, policies, directives, regulations, instructions pertaining to Cybersecurity globally, nationally, and the enterprise level. 30+ years of experience as a Program Manager leading and engineering effective IT integration and IT security programs: Expertise with secure communication, system integration technologies and methodologies as an experienced SME with demonstrated competency in engineering related functional and cross functional security areas (e.g., Security system engineering, IT operations security design, Cybersecurity). An Authority with knowledge and experience in the systems engineering and SDLC, security engineering principles and requirements analysis has led to a marked improvement with agency program systems integrating into the enterprise and moving into the cloud; Expertise in policies and procedures based on risk assessments, reducing information security risks to acceptable levels, ensuring information security throughout the life cycle of each organizational information system; Developing and executing plans providing information security for networks, facilities, and information systems; Expertise in Security awareness training to inform personnel of the risks with their activities and their responsibilities in complying with organizational policies and procedures designed to reduce these risks; Expertise in vulnerability and compliance testing evaluation of effectiveness of information security policies, procedures, practices, and security controls performed with a frequency depending on risk.
Skills: Security Computer Security

Education

DeVry University: Bachelor of Science (BS)
Attended in 2002 - 2004
Field of study: Computer/Information Technology Administration and Program Management
Montana State University-Bozeman: Bachelor's Degree
Attended in 1982 - 1985
Field of study: Applied Mathematics

Positions

Central Intelligence Agency McLean, VA: Principal Information System Security Engineer
Jan 2021 - Jul 2022

Principal ISSE for a directorate of application developers/operators of an IDIQ contract supporting the Intelligence Community.
Office of the Director of National Intelligence McClean, Virginia: Lead Senior Information System Security Manager
Mar 2020 - Jan 2021

Lead ISSM for a team of 25 Information System Security Managers of an IDIQ contract supporting the Office of the Director of National Intelligence overseeing 17 IC agencies Infosec related work.
U.S. Customs and Border Protection Springfield, Virginia: Deputy Director of Cybersecurity Architecture/ Deputy Chief Security Architect
Mar 2018 - Mar 2020

Lead Supervisory Information Technology Specialist (INFOSEC) assigned as Deputy Chief Security Architect and Senior Information Security System Engineer for the Chief Security Architect of Department of Homeland Security (DHS)/Customs and Border Protection (CBP)/ Cybersecurity Directorate providing leadership, management, direction and advocacy for IT Security solutions.
National Reconnaissance Office (NRO) Chantilly, Virginia: Senior Designated Authorization Official Representative(DAOR)/Cyber Engineer
Jul 2017 - Mar 2018

Assigned as Authorization Division Team / Senior Designated Authorization Official Representative(DAOR) Lead to assist the National Reconnaissance Office(NRO) Authorization Division Chief/Senior Program Manager in executing priorities of work, and providing recommendations concerning division activities and priorities in addition to being an ICD-503 Risk Management Framework(RMF)/Assessments and Authorizations (A&A) subject matter expert.
Duties include, but are not limited to:
* Assist in determining work priorities are properly assigned and followed for over 65 personnel of a diverse staff of military, civilian, and contractor senior professionals.
* Provide recommendations to ensure Division activities, priorities, and strategic vision is accomplished.
* Perform tasks associated with safeguarding the NRO's information systems with focus on risk analysis, and Federal and IC/ODNI policy compliance by conducting Information Assurance (IA) security assessments, performing a risk assessment for each Information System and providing authorization recommendations for information systems including: operational authority to test (OATT), approval to proceed (ATP), authority to connect (ATC), & authority to operate (ATO). Duties include, but are not limited to:
* Provide guidance for securing Information Systems.
* Conduct and/or participate in information security posture assessments and develop risk mitigation strategies.
* Develop and assess IA metrics as they pertain to information security assessments.
* Review, maintain, and ensure all A&A documentation, including the customer's System Security Plan (SSP), is complete and ready for authorization.
* Ensure security testing and evaluations are completed and documented by OCIO/CSO/F&ISD personnel, program managers, and security control assessors/penetration testers.
* Ensure IA assessment and authorization task activities and solutions are collaborated with the necessary offices and agencies of the NRO.
National Geo-Spatial Intelligence Agency Springfield, VA: Deputy Lead Sr. Principal, Cyber Security System Engineer - Technical Architect
Jul 2015 - Jul 2017

Deputy Lead Sr. Principal, Cyber Security System Engineer - Technical Architect of the Security Engineering Team, Architecture and Engineering Division, National Geospatial-Intelligence Agency. Providing leadership to a team of SMEs. Utilizing system engineering skills to understand stakeholder needs; exploring opportunities; documenting requirements; and synthesizing, verifying, validating, and evolving solutions while considering the complete problem, from system concept exploration through system disposal. Conduct examinations and research for end to end project/program development during entire system development life cycle for nominated systems.
Assigned additionally as Senior Principal, Information System Security Engineer to a Special Project branch, Cloud Security Division, NGA Office of the Chief Information Officer utilizing AWS Security expertise. Provided expertise and support developing engineering security automation processes, which enabled immediate repeated successes meeting agency deadlines. By adapting the agency from Waterfall to Agile/DevOps program frameworks, engineering integration teams were successful in steps and processes during security accreditation for over 1270 program systems moving to the cloud enabling significant savings to the agency in both time, cost and personnel.
Lauded by CIO Senior leaders and CISO for knowledge and expert handling of coordination with System Owners embedding Assessors early in systems engineering design phase has enabled better understanding of program systems development and application of security controls, and security trade-offs led to quicker accreditation improving security posture for the agency. SME in System & DB Platforms both enterprise and cloud: Linux, Windows, UNIX, Oracle, DB/2, SQL, Amazon AWS, Microsoft Azure, IBM & Google Cloud. SME in IPSs, IDSs, and Firewalls. SME in DevOps tools: Splunk, Snort, Redmine, Jira, Docker, Jenkins, Ansible, Puppet, Chef and GIT, GIT Hub and GIT Lab.