THOMAS W. CLARK
Huntsville,AL
Summary
Dynamic and results-driven retired Air Force Senior Non-Commissioned Officer with over 30 years of comprehensive experience in program management, strategic planning, and operational execution. Proven expertise in leading diverse teams and managing complex projects within military and government environments, leveraging extensive training and leadership skills to drive mission success. Recognized for exceptional organizational abilities and a strong commitment to fostering collaboration and efficiency. Eager to apply a wealth of knowledge in program oversight to contribute effectively in a new role.
Overview
10
10
years of professional experience
Work History
Senior Consultant, Security Operations / Cybersecurity Services Staff
Mind Point Group, a Tyto Athene company
04.2024 - Current
- Serve as a technical expert in the development and implementation of Cyber Supply Chain Risk Management (C-SCRM) program for the Department of Justice (DOJ).
- Conduct analysis of the latest adversarial tools, techniques, and procedures (TTP) while identifying Common Vulnerabilities and Exposures (CVEs) to which a system may be susceptible. Analyze complex supply chain issues, identify gaps and make expert recommendations to mitigate those gaps.
- Provide technical support to Department of Justice, Justice Management Division (JMD) in supply chain risk assessments and analysis, process improvement, system acquisition management as well as system integration. Provide SCRM expertise to 40+ separate component organizations across the DOJ.
- Primary SCRM analyst for the U.S. Department of Housing and Urban Development (HUD) across its 10 regionally organized offices and numerous sub-units.
- Assist in the development of technical approaches and methodologies that are required to render successful project results.
- 40+ hours/week
Supply Chain Risk Management Analyst (SCRM)
Boeing Intelligence and Analytics
11.2023 - 04.2024
- Performed reviews of Program Protection Plans (PPP) and Program Protection Implementation Plans (PPIP) to include identifying Critical Components (CC) and Critical Program Information (CPI) to ensure an effective Supply Chain Risk Management program for Missile Defense Agency Ground-based Midcourse Defense program.
- Assisted Missile Defense Agency new Next Generation Interceptor program with continuously maintaining/evaluating criticality model through prioritizing programs, systems, and components based on their importance to program requirements utilizing federal and DoD Supply Chain Risk Management policies and best practices.
- Facilitated, coordinated, and provided technical support for criticality analysis IPTs consisting of program managers, system engineers and subject matter experts in order to identify/assign criticality based on National Institute of Standards and Technology (NIST) guidance.
- Facilitated the early identification of CCs and CPI per DoD guidance in order to implement protection requirements and countermeasures that may be applied as program CPI is modified over the program lifecycle.
- 40+ hours/week
Team Lead, Cyber Supply Chain Risk Management (C-SCRM)
COLSA Corporation
12.2022 - 06.2023
- Team/Task Lead for 18 FTE effort to enable Army Materiel Command (AMC) to implement and deploy best practices and plug security gaps within its cyber supply chain through a C-SCRM Focal Team while maintaining compliance with Federal C-SCRM policies.
- Provided program management oversight to task of establishing an AMC C-SCRM Program Office which describes the roles, responsibilities, charter, milestones, and timelines to support and maintain C-SCRM awareness, framework, and best practices within AMC through determining the governance flow of AMC C-SCRM requirements.
- Aligned personnel and skillsets in best format for developing an AMC C-SCRM Program Execution Plan while establishing Mandatory C-SCRM Awareness Training which integrates Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) and System of Trust (SoT) Frameworks into AMC C-SCRM System Development Life Cycle (SDLC).
- 40+ hours/week
Cyber Supply Chain Risk Management
DESE Research Inc.
01.2020 - 12.2022
- Served as a technical expert/lead in the development and implementation of Cyber Supply Chain Risk Management program. Initiated, developed, implemented, and led a new 4 FTE proof of concept contract effort to provide Cyber Intelligence support to the Army PEO STRI Threat Systems Management Office (TSMO) utilizing an all-source information-based approach. Utilize both classified and unclassified information to produce and provide complete and robust intelligence assessments utilized for test & evaluation and training efforts focusing on various levels of cyber-attacks.
- Conducted analysis of the latest adversarial tools, techniques, and procedures (TTP) while identifying Common Vulnerabilities and Exposures (CVEs) to which a system may be susceptible. Analyze complex supply chain issues, identify gaps and make expert recommendations to mitigate those gaps.
- Provided technical support to TSMO in supply chain risk assessments and analysis, process improvement, system acquisition management as well as system integration.
- Presented system decompositions utilizing state-of-the-art link analysis techniques.
- Assisted in the development of technical approaches and methodologies that are required to render successful project results.
- One year effort resulted in new 4 year contract with team growth to 8 FTE.
- 40+ hours/week
Program Manager/Program Protection
System High Corporation
08.2016 - 01.2020
- Program Manager for 17 FTE contract across 5 geographically separated locations; managed annual budgets, performance evaluations, and HR issues. Responsible for the effective assessment and resolution of critical project issues. Supervised, coordinated, and exerted authority for planning, organizing, controlling, integrating and completing Program Projection projects inclusive of Supply Chain Risk Management and Industrial Security activities.
- Performed reviews of Program Protection Plans (PPP) and Program Protection Implementation Plans (PPIP) to include identifying Critical Components (CC) and Critical Program Information (CPI) to ensure an effective Supply Chain Risk Management program for Missile Defense Agency programs and systems.
- Assisted Missile Defense Agency programs with continuously maintaining/evaluating criticality model through prioritizing programs, systems, and components based on their importance to program requirements utilizing federal and DoD Supply Chain Risk Management policies and best practices.
- Facilitated, coordinated, and provided technical support for criticality analysis IPTs consisting of program managers, system engineers and subject matter experts in order to identify/assign criticality based on National Institute of Standards and Technology (NIST) guidance.
- Facilitated the early identification of CCs and CPI per DoD guidance in order to implement protection requirements and countermeasures that may be applied as program CPI is modified over the program lifecycle.
- 40+ hours/week
Information Safeguard / Classification Management
Pluribus International Corp.
08.2015 - 08.2016
- Assisted Missile Defense Agency Programs with developing and/or updating and implementing Security Classification Guides (SCGs). Reviewed and analyzed existing and/or new guides to identify substantiated and administrative issues and inconsistencies in the horizontal protection of information.
- Coordinated/staffed documents, assisted in securing approval, and disseminated final SCGs to Missile Defense Agency and DoD organizations based on policy.
- Conducted classification management training, which includes original classification, derivative classification, and security reviews for public release. Updated existing automated and non-automated training. Generated unique Classification Management Training Materials, including best practices.
- Performed Security Classification Reviews (SCRs) which must be based on SCGs, original classification authority, or other written derivative classification sources.
- Conducted reviews of existing and new policy and guidance to validate requirements and associated information are properly cited, applied, and utilized. Assessed results of draft policy reviews to identify and evaluate impacts to Missile Defense Agency, if implemented, and/or to validate and evaluate the proper implementation for current policy requirements. Developed draft policy for government review/approval.
- 40+ hours/week
Education
Bachelor of Science - Technical Management
Embry Riddle Aeronautical University
Daytona Beach, Florida12.2018
Associate of Applied Science - Meteorology
Community College of the Air Force
Maxwell AFB, Alabama01.2011
Skills
- COMPUTER SKILLS: IBM I2 Analyst’s Notebook; Windows NT Tools; Microsoft Office Suite: Microsoft Project Foundation and Intermediate; Excel, Outlook, PowerPoint, Access
- Strategic planning
- Software implementation
- Digital transformation
- Teamwork mindset
Timeline
Senior Consultant, Security Operations / Cybersecurity Services Staff
Mind Point Group, a Tyto Athene company
04.2024 - Current
Supply Chain Risk Management Analyst (SCRM)
Boeing Intelligence and Analytics
11.2023 - 04.2024
Team Lead, Cyber Supply Chain Risk Management (C-SCRM)
COLSA Corporation
12.2022 - 06.2023
Cyber Supply Chain Risk Management
DESE Research Inc.
01.2020 - 12.2022
Program Manager/Program Protection
System High Corporation
08.2016 - 01.2020
Information Safeguard / Classification Management
Pluribus International Corp.
08.2015 - 08.2016
Associate of Applied Science - Meteorology
Community College of the Air Force
Bachelor of Science - Technical Management
Embry Riddle Aeronautical University
Summary of Qualifications:
- Retired military veteran with current TS/SCI clearance (2007). Extensive supply chain risk management (SCRM) experience in the Missile Defense Agency (MDA), Program Executive Office Simulation, Training and Instrumentation's (PEO STRI) Threat Systems Management Office, Army Materiel Command’s Cyber Ops Division and Department of Justice's Justice Management Division (JMD)/U.S. Housing and Urban Development (HUD).
- Proven leadership skills combined with an exceptional ability to manage multiple large-scale, complex projects, tasks and priorities, to include vulnerability analysis and risk assessments, effectively and in a timely manner.
- Superior communicator; readily distills the most complex of materials into easily understood, compelling presentations.
- Multi-faceted, large-scale operations professional with 29 years of diverse government service.