Thomas H. Roback II
Manassas,VA
Summary
Cybersecurity leader with extensive experience in compliance and risk management at the Research and Development Support Activity. Achieved 100% ATO compliance in record time through effective security policy development and team leadership. Expertise in NIST compliance and strategic planning, enhancing security posture through collaboration across diverse teams.
Overview
16
16
years of professional experience
1
1
Certification
Work History
Chief, Cybersecurity Branch
Research and Development Support Activity (RDSA)
Arlington, VA
08.2022 - Current
- Directed cybersecurity operations for RDSA enterprise information systems, addressing technical issues related to INFOSEC and CND.
- Manages 5 ISSO and 11 Computer Network Defense (CND) personnel to ensure cybersecurity policies and procedures are followed.
- Primary advisor to the Chief of IT Security regarding oversight, compliance and technical matters for day-to-day cybersecurity operations.
- Developed and implemented a continuous monitoring program for RDSA enterprise systems, actively monitoring for cybersecurity incidents, deviations, and attacks.
- Led the Security Assessment Team for internal assessments and coordinated external joint assessments.
- Developed and maintained Risk Management Framework (RMF) system documentation and authorization packages, collaborating with IC and DoD cybersecurity professionals to ensure compliance with Federal policies, standards, and directives.
- Codified 10 new RMF security boundaries, logically grouping systems and services to align with customer needs, enabling AGILE and modular A&A activities, achieving 100% ATO compliance in half the required time.
- Orchestrated rewrite of all 20 security control families within first year of implementing NIST 800-53 rev 5.
- Successfully led the program’s first outside agency cyber-assessment in 10 years.
- Acted as the ISSM for the RDSA CIO, implementing and enforcing required security controls across the RDSA enterprise at 130 world-wide locations.
Senior Manager, Cybersecurity Branch
Defense Information Services Agency
Warrenton, VA
02.2021 - 08.2022
- Led cybersecurity for the Distributed Integrated Continuity Network Top Secret Enterprise Services (DCIN-TS ES), collaborating with the Cybersecurity Branch Chief and Engineering Team while managing a team of Cybersecurity Engineers and Compliance Specialists to enhance cybersecurity initiatives for 72 Government Agencies across over 480 operational locations globally.
- Managed planning, execution, maintenance, and reporting of cybersecurity disciplines for seven JSIG RMF accreditation enterprise boundaries and Cross-Domain Systems, ensuring comprehensive service for local NCR and global customers.
- Ensured DCIN-TS ES retained National Command and Control (NC2) certifications through rigorous compliance measures.
- Executed program’s first deep-dive self-assessment across all JSIG RMF security controls, identifying critical strengths and actionable areas for improvement.
- Coordinated inspection actions across multi-organizational operational work centers coalescing reports into a succinct Executive-level pre-assessment brief.
- Expertly prepared the PMO and ensured the Accreditation & Authorization assessment had all necessary Body of Evidence documents ready for inspection.
- Revamped 1,000-page test plan to align with DIA Security Control Assessor’s directives, improving clarity and focus.
- Performed as Cybersecurity subject matter expert advising the Government customer on sound security practices in a myriad of cross-functional disciplines.
- Advised, guided, and edited the DCIN-TS ES security classification guide for the PMO Program Security Office.
- Managed all contractor personnel performing cybersecurity functions and ensured they received appropriate training and certification according to DoD 8570.01-M standards for the type and level of work.
CESO SAP Security Project Manager
Compartmented Enterprise Services Office
Rosslyn, VA
08.2020 - 01.2021
- Expertly performed as the CESO SAP Security PM and Cyber Security SME across the CESO organization.
- Managed multi-agency special access programs (SAPs) for Department of Defense (DoD) agencies, including HQ Air Force and Office of the Secretary of Defense (OSD), enhancing inter-agency collaboration.
- Managed nine simultaneous enclave projects and four special initiative projects across multiple organizations, coordinating inspections from local to higher headquarters and establishing test plans for independent security assessments.
- Transitioned CESO from On-Premises enclaves into SAP secure Cloud environments.
- Directed RMF authorizations across five on-premises enclaves, streamlining security processes and ensuring regulatory compliance.
- Supported program design, development, deployment, and sustainment related to execution of office processes under DoD Overprint to NISPOMSUP, DoD SAP Manual, and JSIG.
- Managed 11 personnel from both Personnel Security and Cybersecurity disciplines.
CESO SAP Information System Security Manager
Compartmented Enterprise Services Office
Rosslyn, VA
01.2020 - 08.2020
- Expertly performed as the CESO Cyber Security Operations Division ISSM and Cyber Security SME across the CESO organization.
- Managed multi-Agency Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartment efforts.
- Management support for all aspects of the Cyber Security program design, development, deployment, and sustainment related to the execution of office processes under the DoD Overprint to the NISPOMSUP, the DoD SAP Manual, and the Joint Special Access Programs Implementation Guide (JSIG).
- Oversaw a team of five Information System Security Officers and five Information System Security Engineers to enhance security measures.
- Managed planning, execution, maintenance, and reporting of cyber security disciplines across seven JSIG RMF accreditation boundaries and systems, ensuring support for local NCR and global SAP customers.
- Orchestrated projects from creation to completion, achieving final accreditations that enhanced program credibility.
- Directed division preparations for SAP Community's first enterprise-wide cloud environment accreditation and authorization event, enhancing overall program readiness.
- Established Body of Evidence requirements, authored self-assessments, and directed cyber personnel towards achieving unified objectives for compliance.
- Created comprehensive schedules to communicate project status updates to Government customers.
- Constantly briefed senior Government leadership on shifting timelines, while providing Cyber guidance and progress on concurrent projects and initiatives.
- Adapted and adjusted the complete CESO Cyber Security battle rhythm due to the Global Covid-19 pandemic. Shifted project timelines. Adjusted customer expectations while keeping the focus on the team to meet the delayed A&A event.
Directorate Information System Security Manager
SMC/DCI
Kirtland AFB, New Mexico
04.2019 - 01.2020
- Directorate’s manager for the planning, execution and reporting of Information Assurance and Cyber Security disciplines for the ground, space and launch systems throughout the Innovation and Prototyping Directorate.
- Managed 42 Risk Management Framework (RMF) accreditation packages, ensuring compliance across ground systems, space vehicles, hosted payloads, and sensors at multiple security classification levels.
- Oversaw information assurance for Directorate IAM-III, ensuring compliance with security standards.
- Directed 31 cyber-workforce associates across four states to prepare, distribute, and maintain security plans, instructions, guidance, and standard operating procedures for network systems operations.
- Coordinated with HQ AFSPC A3/6 to secure RMF Authority to Operate (ATOs) and Interim Approval to Test (IATTs) for GSTR, CUE & Comm, ORS-5 SSat SV, XRDISNet, STPOPS, STPSat-6.
- Represented DCI as Cyber Subject Matter Expert (SME) during ORS-5 SensorSat Full Operations Capability (FOC) Cyber Vulnerability Assessment at Schriever AFB.
- Facilitated collaboration with USSTRACOM, enhancing the Cyber Assessment Team's capabilities for Defensive Cyber Operations at Schriever AFB MMSOC.
- Shaped/authored new RSC Cyber Task Orders for the new EDIS Bridge contract.
- Led SMC Professional Development Cybersecurity Training class, training 25 personnel across 3 operational locations.
Acquisition Program Manager/Information System Security Officer
SMC/AD
Kirtland AFB, New Mexico
08.2018 - 03.2019
- Lead application of cybersecurity engineering and Risk Management Framework best practices for RSC mission integration projects.
- Provided cybersecurity guidance for current and future projects, aligning competencies and streamlining certification processes to support mission objectives.
- Managed information assurance for Ops Branch, overseeing SMC missions and addressing personnel training gaps to enhance operational readiness.
- Performed program management duties supporting Space and Missile Systems Center (SMC) programs, ensuring alignment with strategic cybersecurity goals.
- Created detailed project schedules to track A&A efforts, delivering briefings and insights to organizational cyber professionals.
- Delivered insights regarding program interactions to support strategic alignment with the SMC mission. of how different programs interact within the Research, Development, Test & Evaluation Support Center (RSC) Multi-Mission Satellite Operations Center (MMSOC), and how those programs contribute to the overall SMC mission and National Cyber Strategy.
- Leveraged prior contractor quality evaluation experience; primary assessor for three MMSOC CLINs; provided outside-view monthly surveillance reports for Aug-Sep ‘18.
- Obtained CISSP DoD 8570.1-M certification within the first 31 duty days.
Superintendent, Technology and Integration Branch
Joint Base Pearl Harbor-Hickam
Hawaii
09.2012 - 06.2014
- Led team of 21 to design and field $12M of enterprise core services to 43K personnel.
- Directly supervised 3 & Div Supt for 37 personnel; led Command effort to modernize network from MAJCOM-centric to the AFNET.
- Coordinated theater network plan policy and warfighter integrations across three NAFs and 10 bases, enhancing operational support.
- Advised PACAF/A6 and communications staff on policies and lifecycle support of C4I systems, improving operational readiness.
- Additionally, provided Superintendent support for JTF-513 J6; Oversaw/coordinated core staff training; led communications requirements supporting C2 Headquarters.
- Provided critical insight for theater-wide network engineering efforts, ensuring implementation of cybersecurity measures to protect vital communications.
- Guided $410K command center upgrades, extending AOC services and enhancing combat operations picture for COMPACAF C2 capabilities.
- Piloted $500K SIPR token issuance; guided Command plan--Theater achieved DoD mandate of two factor authentication for system login.
- Developed strategic network plans to optimize resource allocation.: repurposed 18 network servers, scheduled deployments; saved $300K in new equipment costs.
Superintendent, Special Security Management Division
Joint Base Pearl Harbor-Hickam
Hawaii
09.2011 - 09.2012
- Identified negative security trends within SCI facilities; developed and delivered training to 68 SCIFs and 2.6K personnel, enhancing command security posture.
- Directly supervised 7 & advised 4 DAF personnel. Oversaw SCI security programs for HQ PACAF & 4 NAFs for 2.6K personnel at 68 secure facilities on SCI network oversight.
- Led preparation for Division HAF/A2 inspection, validating 593 checklist items, resulting in 7 commendable ratings and recognition in 2 AF benchmarks.
- Reshaped Command network vulnerability management process: scanned 1K systems & applied 5K software patches—reduced known threats by 90%.
- Automated JWICS network account request process; merged 3 forms and eliminated redundancies, reducing customer wait time by 75%.
- Formulated command policies for industrial, network, personnel, physical, and information assurance security disciplines to enhance overall security framework.
- Oversaw security engineering, policy compliance, and administration of C2 intelligence mission networks and applications, ensuring operational integrity.
- Facilitated the submission of VTC package requests, ensuring Senior Leader C2 Intel requirements were met within 24 hours.
- Expertly managed Division annual budget of $425K.
Flight Chief, Plans and Resources
Joint Base Pearl Harbor-Hickam
Hawaii
05.2010 - 09.2011
- Managed Group Information Assurance and Cyber Surety for 850 personnel across four multi-security level networks.
- Led 17 personnel in Information Technology planning and integration for $167M intelligence weapon system, enhancing operational effectiveness.
- Expertly managed fiscal planning and execution of annual $325K operations and management budget.
- Developed organization-wide project plans to strengthen cybersecurity posture, ensuring compliance and risk mitigation.
- Provided cyber training to 1.2K Intelligence personnel across three different service Central Commands.
- Managed model IA office; led Group to achieve 100% rating on Higher Headquarters Compliance Inspection, recognized as best Group IA office.
- Steered 23 network systems projects for $80M weapon system upgrade, securing systems accreditation and certification for Area of Responsibility's inaugural Global Hawk missions.
- Oversaw $550K NSANet upgrade; streamlined coordination to facilitate site’s inaugural multi-intelligence U-2 missions.
- Trained 1.2K JTF personnel on IA disciplines; EMSEC inspected/certified 36 secure locations—bolstered secure drawdown of US forces ISO Operation New Dawn.
Education
Distinguished Graduate -
Senior NCO Academy
Maxwell AFB, Al01.2010
Associates Degree - Information Systems Management
Community College of The Air Force
Maxwell Air Force Base In Montgomery, Alabama01.2009
Distinguished Graduate -
NCO Academy
Kapaun AB, Germany01.2005
Skills
- Cybersecurity governance
- Security policy development
- Incident response
- Compliance management
- NIST compliance
- CNSSI compliance
- Risk management framework
- Enterprise risk management
- Security operations
- Vulnerability mitigation
- Network security management
- JSIG expertise
- Information assurance
- Strategic planning
- Project management
- Team leadership
- Training and mentoring
- Stakeholder management
- Executive communication
- Stakeholder management
Certification
(ISC)² Certified Information Systems Security Professional, 05/2018
Security Clearances
- Current Top Secret
- Current SCI Indoctrination
- CAP/SAP Read-ins
- Current Counterintelligence Polygraph
Timeline
Chief, Cybersecurity Branch
Research and Development Support Activity (RDSA)
08.2022 - Current
Senior Manager, Cybersecurity Branch
Defense Information Services Agency
02.2021 - 08.2022
CESO SAP Security Project Manager
Compartmented Enterprise Services Office
08.2020 - 01.2021
CESO SAP Information System Security Manager
Compartmented Enterprise Services Office
01.2020 - 08.2020
Directorate Information System Security Manager
SMC/DCI
04.2019 - 01.2020
Acquisition Program Manager/Information System Security Officer
SMC/AD
08.2018 - 03.2019
Superintendent, Technology and Integration Branch
Joint Base Pearl Harbor-Hickam
09.2012 - 06.2014
Superintendent, Special Security Management Division
Joint Base Pearl Harbor-Hickam
09.2011 - 09.2012
Flight Chief, Plans and Resources
Joint Base Pearl Harbor-Hickam
05.2010 - 09.2011
Distinguished Graduate -
Senior NCO Academy
Associates Degree - Information Systems Management
Community College of The Air Force
Distinguished Graduate -
NCO Academy