David J. Woods
Redondo Beach,USA
Summary
Accomplished Enterprise COMSEC Lead with extensive experience managing high-stakes security operations for DoD, SAP, and SCI environments. Proven track record of leading cross-functional teams, ensuring robust compliance with NISPOM and ICD directives, and driving critical infrastructure security through strategic leadership and technical expertise.
Overview
18
18
years of professional experience
1
1
Certification
Work History
Enterprise COMSEC Lead
Northrop Grumman
Redondo Beach
07.2024 - Current
- Oversee the management of 112 COMSEC accounts, leading and mentoring 100+ employees across the Northrop Grumman enterprise.
- Support a variety of environments including DoD, SAP, and SCI.
- Exemplify customer-focused leadership and possess strong communication skills that effectively drive cross-functional teams within a matrixed organization.
- Establish a program organization that adeptly addresses customer requirements while integrating necessary internal and external sub-organizations.
- Lead cross-functional Integrated Program Teams (IPTs) to ensure program objectives related to cost, schedule, and technical performance are met.
- Measure and report on program performance metrics to executive management and key stakeholders.
- Participate in the negotiation of contracts, modifications, specifications, operating budgets, scheduling milestones, and critical terms and conditions.
- Identify, distribute, track, and fulfill program requirements while establishing and managing program and subordinate baselines.
- Allocate and manage program resources, including workforce planning, and oversee government/customer supplied property or information (GFE, CFE, etc.).
- Manage suppliers to ensure alignment with program objectives while adhering to all internal processes, policies, and applicable industry standards.
- Stay informed on industry trends and best practices to continually enhance the organization's security posture.
- Collaborate with IT and Cybersecurity teams to integrate COMSEC practices into overarching security strategies and initiatives.
- Monitor and report on COMSEC compliance metrics to track progress and identify areas of improvement.
- Serve as a subject matter expert on COMSEC issues, providing guidance and support to team members as needed.
- Ensure robust and compliant COMSEC practices, safeguarding sensitive information and maintaining the security of networks.
Staff Network Communications
Northrop Grumman
Redondo Beach
06.2022 - 07.2024
- Collaborate directly with government clients, serving as the primary program representative.
- Oversee the comprehensive management of all procurement, deployment, and sustainment of cryptographic and keying materials, as well as devices that support multiple programs.
- Track, control, and fulfill inventory requirements for all Government Furnished Equipment (GFE) and company-owned assets.
- Perform crucial Cryptographic Network Management (CryptoNet) functions, which encompass the management of COMSEC keys, equipment configurations, distribution, and overall planning for secure networks.
- Hold exclusive authority to direct the Central Office of Record (COR) in the release of COMSEC keys and Controlled Cryptographic Item (CCI) equipment for the secure network, irrespective of location.
- Monitor the health and performance of secure networks to ensure they operate with the latest keying materials.
- Manage remote network operations, including HAIPE to HAIPE transfers, and oversee 23 networks, validating cryptographic network requirements, node specifications, accreditations, and physical security measures.
- Create and maintain a Key Management Plan (KMP) while driving CryptoNet sustainment and expansion initiatives, engineering keying infrastructure and topology, and ensuring compliance with all NSA and COR policies.
- Possess expert knowledge of essential policies and guidelines, including the National Industrial Security Program (NISPOM), Joint SP Implementation Guide (JSIG), Intelligence Community Directive (ICD) 503 and 705, and the DCSA Assessment & Authorization Process Manual (DAAPM).
- Serve as the Aeronautics Sector COMSEC subject matter expert, engaging with all COMSEC account managers across the Northrop Grumman enterprise to provide guidance and expertise, ensuring all Aeronautics Sector mission requirements are met.
- Responsible for establishing an enterprise-level COMSEC compliance framework and standardization.
- Conduct independent review team (IRT) internal audits of COMSEC accounts throughout the Northrop Grumman enterprise to guarantee 100% accountability of all COMSEC materials and items in preparation for external government audits.
- Collaborated with external vendors like ACHRON to implement Commercial Solutions for Classified (CSfC) at Space Park in Redondo Beach, CA as a test bed.
- Developed appropriate solutions, created cost estimates, and managed design and architecture, including NSA Registration and Registration Management, with an estimated budget of $1.7 million.
- Presented this solution to Aeronautics Sector leadership, who ultimately decided against pursuing the investment.
Industrial Security Manager II
Northrop Grumman
Roy, UT
06.2021 - 06.2022
- Assigned as the Facility Security Officer (FSO) responsible for supporting three facilities in their daily security needs, including Distinguished Visitors at the General Officer level.
- Able to make analytical decisions whenever a security issue arises at our facility and communicate that challenge to security team members on how to overcome that obstacle.
- Able to adapt to everyday challenges that come up at our facility, multi-task, and decipher what task or issue at hand takes precedence over the other.
- Able to delegate some of those tasks to fellow team members to complete daily tasks.
- Lead a team of Security Professionals that help support both DoD and Government client base.
- Primary COMSEC Account Manager on SAP account supporting VTC network, which includes submitting IT Network Request (ITNR) to the customer.
- Work with Project Team Leads in assisting with program projects that help improve capabilities of the program, including Network Infrastructure, Advance Program Projects, and Facility Consolidation efforts.
- Experienced with DD254; my facility is the Prime on the contract supporting 23 subcontracts.
- Program Security Manager for one of our programs, including Contract Program Security Officer (CPSO) for our SAP program.
- Responsible for daily security operations and Intelligence Community Directives (ICDs) and NISP/NISPOM compliance for our facility.
- Work with our DCSA Rep and customer PSO to ensure our programs and facilities stay within current security policies and standards.
- Lead a team of security personnel in the coordination of the Self Inspection checklist in preparation for our SAP site inspection.
- Work with on-site and off-site customers offering them security support to the program, including Boeing, Lockheed Martin, General Dynamics, Textron, and ManTech.
- Assigned as the Top-Secret Control Official (TSCO), designated to receive, transmit, maintain, access, and accountability records for Top Secret information.
- Managed a security budget within the established target.
Sr. Principal Network Communications | AFSO
Northrop Grumman
Roy, UT
01.2021 - 06.2021
- Able to make analytical decisions whenever a security issue arises at our facility and communicate that challenge to security team members on how to overcome that obstacle.
- Able to adapt to everyday challenges that come up at our facility, multi-task, and decipher what task or issue at hand takes precedence over the other.
- Able to delegate some of those tasks to fellow team members to complete daily tasks.
- Dependability, reliability, and trustworthiness are key for being a positive role model to your team, which builds a cohesive and healthy working relationship with team members, allowing tasks and projects to be completed with ease.
- Able to communicate concerns and issues with senior leadership on security-related topics.
- Administer and execute a robust security program in compliance with the National Industrial Security Program Operating Manual (NISPOM) and DoD policy.
- Execute liaison with Enterprise Security Shared Services (ESSS) for personnel security concerns that affect our cage code.
Operations Security (OPSEC) Program Manager
United States Marine Corps
09.2015 - 12.2020
- Implemented OPSEC Program for inclusion in the station Installation Protection Working Group where I briefed the stations Executive Officer, Naval Criminal Investigative Service (NCIS) Physical Security Personnel, and several other entities on Operations Security concerns, threats, vulnerabilities, and ways to immediate these threats with courses of action.
- Wrote MCASO 3070.1B, Operations Security Program and worked with all Departments, and Special Staff to build out the Critical Information List (CIIL) for MCAS Iwakuni, Japan.
- Worked with tenant unit intelligence offices to conduct threat assessments of the installation along with working with off base trash and recycling centers to ensure no critical information was leaving the air base.
- Conducted OPSEC indoctrination briefings during the stations weekly Welcome Aboard Brief that consisted of Civil Service, contractors, and military members and their families.
- Established a working relationship with the Family Marine Development Team to establish their OPSEC training curriculum that was later adopted by Marine Corps Community Services and used to train their staff and military spouses.
- Being able to multitask, anticipate and alleviate friction points before they come a problem, I was able to be successful during the air stations Mission Assurance Assessment Team inspection. The inspection team recognized my OPSEC program as best practice and “best OPSEC program seen to date.”
- Once completed the Defense OPSEC Planners Course I was brought on with the F-35 project to help develop tactical measures to reduce risk with bringing the F-35 aircraft OCONUS to Japan for the first time.
- Provided leadership, mentoring, and oversight of team members.
- Assisted in developing, implementing, and training the Operations Security program.
- Identified vulnerabilities, threats, and risks to test, training, and operational activities.
- Provided day-to-day security support that included continuous assessment of procedures to identify shortfalls and provide appropriate recommendations for revising and improving security policies, procedures, and systems.
Security Manager
United States Marine Corps
FT. Worth, TX
05.2012 - 12.2020
- Facilitated personnel, information, industrial, and physical security inspections to DoD facilities throughout the region in accordance with the DOD, NISPOM, DISA, SECNAV, and MCO.
- Created and modified Visitor requests, both incoming and outgoing.
- Pulled personnel reports and validated access needs for the command.
- Initiated security clearances via NP2/e-QIP.
- Responsible and accounted for 800+ personnel in Personnel Security Management (PSM) Net and DISS.
- Conducted indoctrination in-briefs / out-briefs to all personnel joining or leaving the unit.
- Conducted Security Audits on facilities that are in my area of responsibility (AOR) that are spread out through the United States.
- Processed Foreign Travel Requests.
- Conducted Security training on all DoD, NISPOM, SECNAV, OPNAVIST, MCO and other policies to mitigate risk.
- Responsible for the destruction of classified material utilizing NSA/CSS guidelines.
- Ensured the courier program was being handled in accordance with all security guidelines.
- Utilized Personal Recovery Mission Software (PRMS) for submitting ISOPREPs for military members conducting Foreign Travel.
- Utilized Enterprise Protection Risk Management (EPRM) for conducting risk management analysis.
- Conducted exploration of any loss, compromise, or suspected compromise of classified and/or sensitive information, including conducting preliminary inquiries and generating damage assessments resulting from the loss of classified information.
COMSEC Program Manager
United States Marine Corps
FT. Worth, TX
09.2008 - 12.2020
- Functioned as COMSEC Manager, senior advisor to Commanding Officer (O-6 Level), and Subject Matter Expert (SME) in all issues pertaining to the handling, employment, accountability, storage, transfer, receipt, disposition, destruction, and proper shipping of COMSEC material.
- Executed comprehensive analysis of COMSEC Keying Material (KEYMAT) and equipment capabilities to identify techniques to improve secure communication.
- Acquired and redistributed new equipment as it was received to enhance the organizations’ ability to facilitate secure communications.
- Identified and disposed of obsolete COMSEC equipment using approved destruction methods in accordance with established COMSEC and National Security Agency (NSA) guidelines.
- Utilized Key Management Infrastructure (KMI) to maintain accurate records pertaining to all COMSEC transactions for 6,000+ pieces valued over $7M.
- Conducted and facilitated monthly training sessions via written or verbal, for groups of up to 30 and one-on-one training in accordance with established COMSEC and NSA policies and procedures to ensure all COMSEC material management personnel and designated handlers are familiar with proper methods used for safeguarding information, property, personnel, operations, and materials to include the security and control, inventory and safeguarding of all COMSEC materials.
- Installed all IAVA patches and updated software on network devices to mitigate risk or compromise.
- Conducted Security audits on all Tactical Local Area Network Encryptors (TACLANE).
- Utilized DISA STIGS to ensure our NIPR and Secure Intranet Protocol Router (SIPR) Networks are in compliance.
- Experienced with supporting SATCOM operations, supported several training exercises in Cold Lake, Alberta, Canada.
- Coordinated with COMSEC Controlling Authorities such as JCMO and USSTRATCOM for ordering traditional keymat that normally is not held in our inventory for special operations.
- Experienced with working with NATO forces supporting Joint Operations.
- Experienced with the setup and employment of Secure Telephone Equipment (STE and vIPer).
- Experienced in the development of Standard Operating Procedures (SOP) and Emergency Action Plans and Emergency Destruction Plans (EAP/EDP) for COMSEC and classified materials.
- Conducted annual Emergency Action Drills and COOP exercises.
- Conducted exploration of any loss, compromise, or suspected compromise of classified and/or sensitive information, including conducting preliminary inquiries and generating damage assessments resulting from the loss of classified information.
- Ensured timely notification of pertinent security matters to program technical and management staff.
- Provided leadership, mentoring, and oversight of team members.
- Briefed all levels of personnel, both in the government and senior civilian services, on a variety of security-related topics.
- Assisted in providing contractor and subordinate facility assistance and oversight.
- Provided day-to-day security support that included continuous assessment of procedures to identify shortfalls and provide appropriate recommendations for revising and improving security policies, procedures, and systems.
- Maintained various daily logs for a variety of administrative functions associated with document control.
- Performed destruction of classified materials.
- Reviewed, tracked, and monitored security clearance processing activities with appropriate government personnel to achieve appropriate clearance actions.
- Conducted Defense Central Index of Investigations (DCII), Joint Personnel Access System (JPAS), and SAPNP reviews of candidates being submitted for SAP access.
- Provided support for the security awareness and education programs.
- Assisted with researching, processing, filing, and maintaining inbound and outbound visit notices.
- Assisted in the preparation of facility access control badges.
- Implemented Top Secret Control for accountable material and associated correspondence.
- Prepared, processed, and/or reviewed Program Access Requests (PARs) for accuracy and access eligibility.
- Monitored, reported, and tracked all corrective actions resulting from compliance reviews.
Education
Master of Science - MBA
Capella University
05-2026
Master of Science - Information Systems Security
Colorado Technical University
06-2021
Bachelor of Science - Business Management and Leadership
Capella University
Saint Paul, MN06-2019
Master Certificate Information Security Management - Government
Villanova University
01-2013
Skills
- Process Improvement
- Strategic Planning
- Compliance Audits
- Security Regulations
- COMSEC Management
- Personnel Management
- SAP 520507 Series
- CNSSI 4003, 4005, 4006, 4032, and 40041
- Initiative-taker
- Time Management
- Team Building & Collaboration
- Reliable
- ICD 705
- NISPOM
- NIST
- DoDM 5200 (series)
- JP 3-133
- DISA STIGs
- INFOSEC
- NISS
- JIRA
- DIAS
- KMI
- Microsoft Word
- Excel
- Outlook
Certification
- GSLC
- PMP
- Security + CE
- Security Fundamentals Professional Certification (SFPC)
Timeline
Enterprise COMSEC Lead
Northrop Grumman
07.2024 - Current
Staff Network Communications
Northrop Grumman
06.2022 - 07.2024
Industrial Security Manager II
Northrop Grumman
06.2021 - 06.2022
Sr. Principal Network Communications | AFSO
Northrop Grumman
01.2021 - 06.2021
Operations Security (OPSEC) Program Manager
United States Marine Corps
09.2015 - 12.2020
Security Manager
United States Marine Corps
05.2012 - 12.2020
COMSEC Program Manager
United States Marine Corps
09.2008 - 12.2020
Master of Science - MBA
Capella University
Master of Science - Information Systems Security
Colorado Technical University
Bachelor of Science - Business Management and Leadership
Capella University
Master Certificate Information Security Management - Government
Villanova University