Summary
Overview
Work History
Education
Skills
Timeline
SoftwareEngineer
Brad Neal

Brad Neal

Business Technology Lead
Edgewater,Florida

Summary

Over the past 25 years, I have managed the NASA Kennedy Space Center (KSC) Application Portfolio, lead in the modernization of KSC Application and Platform Architecture, and monitored and/or lead both civil servant and contractor application related KSC projects. I have implemented and enforced system security plans for the NASA KSC IT Computational Division as an Information System Security Officer (ISSO) including Operational Technology and Network System Security Plans. I have a working knowledge of the Federal Information Security Management Act (FISMA) and the National Institute of Standards and Technology (NIST) standards and guidelines specified in the Federal Information Processing Standards (FIPS) and Special Publication 800 series. My primary responsibilities at the KSC are implementing and assessing security controls, maintaining and monitoring systems, and presenting information systems security plans for annual authorization to operate (ATO) under the Risk Management Framework (RMF) mandated by the Office of Management and Budget (OMB) for categorizing, selecting, implementing, assessing, authorizing, and monitoring all information and information systems collected or maintained by or on behalf of the KSC IT Computational Sciences Branch and the KSC IT Project Management Office. I have also been part of teams performing security assessments on NASA systems and source evaluation boards for NASA contractor selections. I work with NASA Network to maintain Zero Trust while assure Application resource availability to and from external cloud providers, including AWS GovCloud and GCP commercial cloud. Over the years, I have providing data to KSC IT Security for monthly metrics and reporting as part of continuous monitoring. From this, I understand the definition of good metrics and the value of reporting, as well as the importance of prompt compliance. I have extensive experience with the Plan of Action and Mitigation (POA&M) and Risk Based Decision (RBD) process as a result of Security Assessment Reports (SAR). I understand the gravity of risk-based decision making and I always weigh them out based on the fundamentals of the CIA triad for the systems I am responsible for.

Overview

26
26
years of professional experience

Work History

Application Architect/Application Portfolio Mgr, Technical Monitor

NASA Kennedy Application Services, The Kennedy
03.2020 - Current
  • As Kennedy Application Architect, I help shape application and platform related architecture for the Agency Application and Platform Services Office, including performing lead functions for the Mission Program Enabling Applications Office
  • These functions include:
  • Establishing and implementing the policies, processes, requirements, and standards that will affect and govern planning, architecture, acquisition, design, development, management, security, utilization, and measurement of IT systems
  • Determining the use and limitations of different software development frameworks to evaluate requirements and provide recommendations or demonstrate available capabilities
  • Evaluating and recommending cloud and low/no code environments and managing applications in cloud and low/no code environments
  • Discussing requirements from Agency customers looking to develop new or migrate existing software applications to KSC
  • Evaluating changes to existing environments, assessing potential impacts and benefits
  • Monitoring software development projects by NASA and contractor employees to ensure compliance with technical standards guidance
  • Providing technical direction on current and new software standards and maintaining and developing current and new software standards
  • Serving as an IT Project Manager responsible for managing the development, integration, delivery, implementation, and maintenance of numerous Web-based software applications and Web sites supporting NASA, NASA contractors, and the general public
  • Serving as the Applications Portfolio Manager for KSC and keeping the KSC Software Applications Portfolio accurate
  • Working with the Agency and KSC stakeholders on rationalizing the KSC and Agency applications portfolio
  • Ensuring all products delivered have addressed all IT Security requirements and are properly documented and dispositioned
  • Development and Continuous Monitoring of IT and OT System Security Plans in accordance to NPR 2810 and NIST 800-53 Rev 5
  • Evaluating new products to ensure they can satisfy IT Security requirements
  • Working with NASA customers and IT support contractors to ensure customer requirements are met given available budget and time constraints
  • Serving as a technical expert integrating technical and operational requirements
  • Guiding implementation of IT Security Plans for the KSC Application Services Division
  • Development of Request for Proposals (RDP) of Agency Enterprise Platforms
  • Guiding the establishment of Agency Enterprise Center of Excellence (CoE).

IT Security Lead

NASA KSC IT Security
01.2018 - 03.2020
  • Oversight and enforcement of the follow IT/OT Security System Plans: the Transient Systems Lab (TSyL), the Telescience Lab (TISL), IT Application Services Lab (ITASL), TRaTs Unmanned Aircraft System (TUAS), and 3rd Party Software Security Plan (3PSS)
  • Special Assistance to IT Computational Division Chief with all security plans under IT-C.

Software Developer

SLS LAUNCH CONTROL SYSTEM
09.2015 - 01.2018
  • Ruby on Rails development of the IAS System Integration and Support Application
  • System design, implementation and testing of IAS
  • Quality witness of other Spaceport Command and Control Systems (SCCS) under development.

Information System Security Officer

NASA IT Security
09.2010 - 09.2016
  • Oversight and enforcement of three Information Technology Security System Plans: the Transient Systems Lab (TSyL), the Collaborative Engineering (CEE) System, and the Telescience Lab (TISL)
  • Property custodian for TSyL devices

Security Plan Developer and Implementer

NASA IT Security
09.2008 - 09.2016
  • Developed, implemented, and maintaining the moderate TSyL system security plan
  • Performing continuous monitoring, contingency plan testing, risk assessment reporting, resolution of POA&Ms, and preparation & processing of annual ATO for TSyL
  • User of three risk management and IT security tracking systems
  • Interfaced continually with the NASA-KSC-IT Security Division.

Software Developer and Network Engineer

NASA IT Computational Services
09.2012 - 09.2015
  • Developed components of the Distributed Observer Network (DON) and Spaceport KSC using Unity3D
  • Provided system administration and logistical support to the Simulation Exploration Experience (SEE)
  • Designed, configured, and maintained the Glasswall Network for the next generation Firing Room Prototype and the IT-C Linux Lab Network using Cisco and eXtreme hardware.

NASA Data Center, Kennedy Space Center
09.2007 - 09.2008
  • Of the NASA Agency wide Enterprise Data Center Source Board
  • Provided expertise in a yearlong effort to evaluate bids for the NASA Enterprise Data Center Contract and subsequent datacenter consolidation efforts including a comprehensive proposal matrix of all bidders to expedite the evaluation process.

Technical Lead, Senior Developer, and Project Manager

KSC IT Software Development
09.2002 - 09.2007
  • Was the initial Senior Developer then made the Technical Lead on the Safety Mission & Assurance Database Project
  • Was the Knowledge Kinetics Collaboration System Project Manager for three years
  • Knowledge Kinetics was used IT-C and IT-B projects as a collaboration tool and document repository
  • Developed functionality for the TechDoc Document Management System using Java Servlet Technology
  • One of the featured uses of TechDoc was when it was used by the CAIB as the official document management system for the development of the Columbia Accident Investigation Board Report
  • Designed and implemented the TechDoc Bulk Document Loader GUI Client and the TechDoc XML Document Ingest Service
  • Checkout

Software Developer

CLCS
01.1998 - 09.2002
  • Developed data analysis and presentation tools for CLCS, such as, the Advanced Data Analysis Tool, the Computer-To-Computer Data Analysis Application, the Animated Computer-to-Computer Data Analysis Application, and the Java Visual Editor
  • The client side of these applications were developed in Java and the server side in C++ connecting to the Historical Shuttle Data Center and Common Data Center
  • CHARITY WORK
  • I developed and maintain a LAMP solutions for live video streaming for churches which includes an automated church media library in the cloud, church management software for managing charitable contributions in the cloud, and an automated audio normalizer Java GUI application to convert wav files to mp3 files, back them up to Microsoft OneDrive, port them to a Synology Network Access Storage (NAS) System and Google Cloud Storage then update the online church library database for user consumption.

Education

M.S - Information Assurance and Cybersecurity

Florida Institute of Technology
August 2018

CYB5272 - Computer and Information Security - undefined

Enterprise Information Security CYB5280 - Host and - undefined

CYB5290 - undefined

CYB5660 - Secure Software Development CYB5665 - Secure Web Services CYB5675 - Data Mining for Cybersecurity CYB5677 - Biometric Authentication CYB5678 - Cryptography and Information Hiding CYB5998 - Capstone Information Assurance - undefined

B.S - Computer Science

University of Central Florida
August 2000

Skills

  • PROFESSIONAL SKILLS
  • Security:
  • DevSecOps CI/CD pipeline Architecture, ISSO tasks and responsibilities Development & management of SSPs Continues Monitoring and Security Assessments of SSPs Secure software design and development NIST SP 800-X and NIST Cybersecurity Framework
  • Management: Adaptive Project Framework, Agile and Waterfall Methodologies, Fundamentals of Project Management, ITIL v4 and SAFe
  • Networking: Configuration and Management of Private Networks Cisco Router Administration, Ubiquiti Router Command Line Configuration, Active Directory Administration, and Wireshark
  • Software: Splunk, RISCS, RMS, ITSC, BigFix, Windows Security Policy Manager, KACE, KATS, NESSUS, AppSpider, McAfee Vulnerability Manager, Weka, Atlassian Tool Suite (Jira, Confluence, BitBucket, Crucible, Bamboo), OneClick, , GitLab, Java, PHP, Ruby-on-Rails, C, C, C#, JavaScript, PostgreSQL, MySQL, Microsoft SQL, Apache, IIS, BASH Shell Script, Unity3d, Red5, VLC Server, NET, PowerShell, GIT, RAZOR, System Architect, Linux Administration, Windows Administration, XEN Administration, and VM Ware Administration
  • Cloud Services: AWS hosting, Kamatera Cloud VPS, and Google Cloud Storage and Api Development

Timeline

Application Architect/Application Portfolio Mgr, Technical Monitor

NASA Kennedy Application Services, The Kennedy
03.2020 - Current

IT Security Lead

NASA KSC IT Security
01.2018 - 03.2020

Software Developer

SLS LAUNCH CONTROL SYSTEM
09.2015 - 01.2018

Software Developer and Network Engineer

NASA IT Computational Services
09.2012 - 09.2015

Information System Security Officer

NASA IT Security
09.2010 - 09.2016

Security Plan Developer and Implementer

NASA IT Security
09.2008 - 09.2016

NASA Data Center, Kennedy Space Center
09.2007 - 09.2008

Technical Lead, Senior Developer, and Project Manager

KSC IT Software Development
09.2002 - 09.2007

Software Developer

CLCS
01.1998 - 09.2002

M.S - Information Assurance and Cybersecurity

Florida Institute of Technology

CYB5272 - Computer and Information Security - undefined

Enterprise Information Security CYB5280 - Host and - undefined

CYB5290 - undefined

CYB5660 - Secure Software Development CYB5665 - Secure Web Services CYB5675 - Data Mining for Cybersecurity CYB5677 - Biometric Authentication CYB5678 - Cryptography and Information Hiding CYB5998 - Capstone Information Assurance - undefined

B.S - Computer Science

University of Central Florida

Similar Profiles

  • Ashley Atwood

    Ashley AtwoodAshley Atwood

    Media Operations Logistics at NASA Kennedy Space CenterMedia Operations Logistics at NASA Kennedy Space Center

  • Rose Austin

    Rose AustinRose Austin

    Program Specialist - (NASA Internship and Fellowship [NIF] Interns Coordinator) at National Aeronautics and Space Administration (NASA) - John F. Kennedy Space CenterProgram Specialist - (NASA Internship and Fellowship [NIF] Interns Coordinator) at National Aeronautics and Space Administration (NASA) - John F. Kennedy Space Center

  • Thomas Dwyer

    Thomas DwyerThomas Dwyer

    NASA Safety & Health Program Manager at NASA Kennedy Space CenterNASA Safety & Health Program Manager at NASA Kennedy Space Center

  • Karen Wheeler

    Karen WheelerKaren Wheeler

    Middle School Science Teacher at Burns Science And Technology Charter SchoolMiddle School Science Teacher at Burns Science And Technology Charter School

  • Kenneth Graves

    Kenneth GravesKenneth Graves

    Project Manager /Construction Superintendent at D&G General Contracting Co.Project Manager /Construction Superintendent at D&G General Contracting Co.

CREATE PROFILE
Brad NealBusiness Technology Lead