Cyber Security Solutions Architect
Resume:
Ted Gibson
Solutions Architect
**********@*****.***
Summary
Ted is a highly skilled Solutions Architect with 25 years of proven experience in the public, utility, network, and telecommunications industries. Solutioning, strategic planning, design, deliverables proof of concept testing and benchmarking, pilot, UAT and deployment of complex projects merging data from multiple applications ensure compliance with NIST 800.171, NIST 800.53r5, IEC 62433 NERCcip, TSA ad other industry regulatory requirements and founder of NERCCIPv5.com.
Project Management Subject Mater Expertise:
Procurement Documentation: RFPs, RFQs, GSA and MSA
Contract Management & Negotiations
Project Management and Documents: Business Case, Charter, Project Plan, WBS, CPI, SPI reporting, Controls, Schedule, Scope, Budget
Project Recovery, Schedule Budget, Scope, Resources
Solution Architect Subject Matter Expertise
Business requirements
Gap Analysis, discovery as-is analyzation and to-be architecture and diagraming.
RFP, RFQ, GSA and MSA technical requirements
RFP, RFQ, GSA and MSA milestones and progress payments
Pre-Bids Conferences and Q&A responses
RFP, RFQ, GSA and MSA vendor evaluation, scoring, and negotiation
Scalability for hardware, OS, and application requirements
Documentation, business case, charters, project plan, deliverables, work resources, risk plan, RACI, schedule milestones, budgets,
Deliverable, as-is, to-be, and as-build and turn over to O&M
Cyber Security Subject Matter Expertise
Risk Analysis
Cyber Security Compliance (NERCcip, SOC 2)
OT and ICS Cyber Security Architecture, (NIST CSF 2.0, 800.53, 800.82, 800.39, ISO 270001 and ISO/IEC 62433)
Network Cyber Security Standards (NIST CSF 2, NIST 800.39, NIST 800.53, NIST 800.82. NIST 800.FIPS 140, Purdue Model, ISO/IEC 62433, ISO/IEC 61850, and ISO/IEC 62351)
Cloud Cyber Security Standards (FedRamp, NIST 800.171 (aka DFARS-171), NIST 800.53)
RF licensed and unlicensed Engineering (MAS, Microwave, Satellite, Cellular, Wi-Fi)
Network Architect (MPLS/VPN/VLAN Purdue Model, Micro-segmentation)
SCADA Subject Matter Expertise:
Pulling data from multiple applications
DNP3, Modbus, EtherNet/IP, IEC 61850, IEC 60870
ICCP, OPC and MQTT
PLC and RTU requirements
GIS and workorder integration
SCADA/DCS as-is analyzation and to-be design, POC and deployment.
SCADA Hardware, OS, and applications requirements
RFP requirements
Design and testing and deliverable documentation
Data Center construction
Cloud Cybersecurity
Certifications:
Certified Department of Energy IT Cybersecurity Trainer
ISA/IEC – 62433 Risk Assessment Specialist
NIST CSF Cyber Security Framework 2.0 Lead Implementer
ASIS - American Society for Industrial Security Professional
PMI - Project Management Institute
Education:
Computer Science, American River College, Sacramento, CA
Law, Sacramento School of Law,
Cybersecurity, California Coast University (Q4/2024)
Experience
Sempra IT/OT Cybersecurity Infrastructure Solutions Architect January 2024-November 2024 ISO.IEC 62443 Gap Analysis and Recommendations for 2025 projects
Electric and LNG OT Network Segmentation gap analysis and recommendations
Electric and LNG OT Zero Trust Network access gap analysis and recommendations
Electric and LNG Firewall gap analysis and recommendations
Electric and LNG Firewall ISO/IEC 62443 gap analysis and recommendations
Electric and LNG Secure remote access SRA gap analysis and recommendations
Electric and LNG P2P Microwave and Wi-Fi gap analysis and recommendations
CenterPoint Energy OT Architect June 2023/December 2023 (part-time) plan, design, and proof of concept for the deployment of
A ConsoleWorks TDI secure remote access system, an OT active directory for remote access to the traditional and renewable power generation plants, Substations, and gas plants throughout nine states
Replacement of Cisco ASA and Palo Alto Firewalls with Fortinet FortiGate firewalls and Airwall Data diodes.
The integration of Tripwire IP360 endpoint protection, Palo Alto QRadar SIEMs and CygNET with Spunk in several dozen power generation power.
Deploy Nozomi Guardian Sensors and Centers of Command, network span, tabs ports and data diodes to passive monitor the IP in several hundred NERC cip medium and low substations.
Deploy Nozomi Guardian Sensors and Centers of Command, network span and tabs ports to passive monitor the IP in several dozen power generation plants.
Deploy Nozomi Guardian Sensors and Centers of Command, network span and tabs ports to passive monitor the IP in over dozen nature gas plants.
Liberty Utility –OT Infrastructure Solutions Architect and Project Manager January 2023/June 2023 Design and implementation of new wind and solar renewable generation plants and substations control and security systems throughout the USA and Canada
New Remote-Control Center in Canada and backup in the USA
Kepware OPC servers in all new and existing wind, solar and hydro power generation plants, and substations
SCADA/HMI systems in the power in all new and existing power generation plants and substations
RTAC control systems
A new ADMS system
Deployment of new network infrastructure to several hundred wind turbines and tuning
Migration from MPLS/VPN to SDWAN for all power generation substations
New Next Gen Palo Alto Firewalls
Cisco Switches and Routers
MS Defender endpoint protection
Dominion Energy- Richmond Virginia Cyber Security Technical Project Manager – March 2021/January 2023
Led project management for discovery, planning, and implementation of Palo Alto end point, and VM and bear metal Server hardening protection 100+ renewable and traditional power generation assets and 100,000 cyber assets to meet Dominion and NERC CIP requirements.
Oversaw assessment, design, and deployment of SCADA Control and network system hardware and software for 50+ renewable power generation plants nationwide to ensure cyber security compliance.
Duke Energy – Camp Lejeune (Marine Base) Technical Deployment Project Manager and Infrastructure Solutions Architect Sept 2020/March 2021
Managed design and replacement of hundreds of wastewater lift stations, water pumps, treatment plants, and control centers.
Built new SCADA wireless infrastructure for dozens of water tanks and hundreds of water & wastewater stations.
Designed and upgraded multiple solar plants at Camp Lejeune damaged by a hurricane.
Eversource Energy – Berlin CT Gas SCADA Technical Project Manager and Compliance Solutions Architect May 2019/May 2020
Mitigate security vulnerabilities identified in previous audit.
Develop project requirements, plan, design, testing cases, and implementation strategy.
Write RFPs and SOWs for new OT domain and Microsoft Active Directory domain forest.
Upgrade SCADA systems to ClearSCADA 2017r3.
Enhance ClearSCADA database, screens, faceplates, and alarm systems.
Establish new Gas distribution domain.
Ensure compliance with API 1165, CRM, and 192.631 regulations.
Integrate Electronic Logbook and Alarm Management systems.
Replace Frame Relay WAN with new MPLS WAN
Upgrade Emerson's ObjectServer, Controlwave Designer, and Netview BSAP to the new Emerson OpenEnterprise system.
Integrate ClearSCADA with OSIsoft Process Information (PI)
Implement Tripwire SIEMs, IP360, FIM, and Palo Alto firewalls and other security measures.
Replace Cisco switches and Palo Alto firewalls.
Cal Water Service Company Infrastructure Solutions Architect and Technical Project Manager – San Jose Ca May 2017/May 2019 -
Managed replacement of 19 Cal Water district SCADA systems.
Expanded project scope to replace 20 SCADA HMI systems, 750 PLCs, 38 MDS master Radios, and seven hundred SD9 radios.
Established new OT SCADA domain and changed SCADA protocol to DNP SA over IP with encryption.
Integrated OSI Pi for SCADA historian and HMI screens.
Developed project charter, plan, schedule, scope, and budget.
Led teams comprising four internal and seven external teams, totaling over 170 employees.
Managed resources totaling 57,000 hours over 18 months, achieving an 8% under-budget estimate.
Created RFPs for procurement of Schneider PLCs, ClearSCADA software, and GE MDS radios.
Deployment of Cisco UCS, Palo Alto firewalls.
Oversaw design, testing, documentation, and piloting of new SCADA and radio system, meeting deadlines and budget constraints.
San Antonio Water Systems SCADA Consultant and Technical Project Manager – San Antonio TX – Jan 2015/May 2017
Developed SAWS SCADA Master Plan and 10-year roadmap for replacement of TransDyn TransNets and Schneider ClearSCADA.
Oversaw monitoring and control systems for eight hundred water stations and two hundred wastewater lift stations.
Managed integration of Rockwell PlantPAx, GE Unity, GE iFIX, and Emerson's Ovation DCS systems.
Engineered RFQ for pioneering AMI system deployment across 500,000 meters.
Department of Energy, Western Area Power Authority Program Manager – Folsom Ca – May 2014/September 2014 -
Interviewed WAPA's power marketing, settlements contract, and IT staff.
Developed a strategic roadmap for process reengineering and application enhancements.
Utilized Six Sigma's DMAIC methodology to eliminate or reduce over two dozen duplicate processes.
Con Edison – Manhattan NY., NERC cip Consultant June 2014/September 2014
Conducted NERC CIP BES assessment for power generation plants and T&D substations in Manhattan.
Provided recommendations for facilities to achieve NERC CIP compliance.
Reclassified several facilities from "critical asset" to "low impact," saving Con Edison millions in compliance costs.
Utilligent - San Francisco, - NERC cip and GIS Consultant March 2014/June 2014
Assisted in NERC CIP and GIS RFP responses.
Nevada Energy – Physical Security infrastructure Solutions Architect Reno Nevada, January 2014 /March 2014
Onsite Physical Security Gap assessments at all data centers, operation control centers, power generation, T&D substations and warehouse facilities.
Made recommendations for enhanced physical security.
Implemented enhancements at NVE power generation plants and T&D substations.
West Monroe Partners Principal Architect, Multiple Channel Contact Center, and Utility Telecommunications Consultant San Francisco, CA March 2013/June 2013
Assisted in NERC CIP and contact center project proposals, RFP responses, and presentations.
Provided consulting services for various utility, private, and public companies through WMP.
Pacific Gas & Electric Strategic Planning Architecture Lead San Francisco, CA January 2009/March 2013 –
Life cycle of Cisco switches, Palo Alto Firewalls and MS Defender End point protection.
Created PG&E's Master Infrastructure Plan
Created PG&E’s 5-year Infrastructure Roadmap.
Led migration of TDM channel banks and analog lease WAN to MPLS/QoS and satellite.
Oversaw migration of PG&E SONET WAN to MPLS/QoS across 78,000 square miles.
Designed and deployed VSAT satellite IP network for 2,400 T&D substations.
Implemented cellular and satellite backhaul for 11.4 million electric and gas AMI meters.
Developed RFP and piloted mobile satellite network for PG&E vehicles.
Conducted pilots of fixed Inmarsat satellite for SCADA and CCTV in remote locations.
Ensured compliance with NERC CIP, NRC, and PG&E cybersecurity standards for new systems.
Pacific Gas & Electric Telecom Engineer San Francisco, CA – March 2007/ January 2008
Engineered and managed telecommunications projects for substations and power generation facilities.
Salesforce.com, Contact Center Architect & Technical Project Manager San Francisco, CA June 2006/March 2007
I evaluated, designed, tested and project managed the implementer of the migration of multiple Call Centers worldwide from an in-house Cisco IPCC to a hosted IVR service integrating the on-demand CRM customer relationship management system.
Google, Mountain View, CA –VoIP Technical Project Manager June 2004 /March 2006
I project managed the development of “Google Voice”, a new browser-based lite protocol for audio and video calling, conferencing for dialup, and broadband and mobile users.
CISCO, San Jose, CA - TelePresentence video Conferencing Project Technical Manager /June 2003/June 2004
Cisco, San Jose, CA
I was the project manager in the TSBU Telepresence Business Unit installation and testing over one hundred Telepresence systems and MCUs globally.
I co-authored the Telepresence installation and release into production testing.
KLA-Tencor Milpitas, CA - Global Telecommunication & Networks Manager June 2002/June 2003
Evaluated, designed, negotiated, and led project lifecycle for the deployment of a global MPLS for VoIP to over seventy-five locations worldwide supporting 4,600 users.
Increased the WAN bandwidth by over 300%, while reducing the cost from $16.5K per month to $3.4K/month per meg using PBR, CBWFQ, CAR and IPsec VPN protocols that provide policy-based load balancing and QoS.
Grant County Public Utility Dept. Ephrata, WA - Infrastructure Solutions Architect December 2001/June 2002
Designed and managed the GCPUDs, TDM PBXs, voice mail with a new VoIP Cisco Call Manager CTI and UMS systems. The project included Cisco, 1ONS 15454, 6509, and network equipment, Cisco Call Managers, Interactive Intelligence UMS and Microsoft Exchange.
Legato System Inc., Director of Global Networks & Telecommunications Mountain View, CA January 1998/December 2001
Designed the network and deployment MPLS network supporting global converged data and VoIP expanding the on-net WAN from nine to more than 75 US and International offices and reducing telecom costs by over 50%.
Architected and implemented the conversion of Lucent, Nortel and Siemens telephony and dozens of standalone voicemail systems to a globally distributed VoIP telephony and unified messaging system.
Architected and implemented the conversion of five single language call stand-alone centers to a globally distributed VoIP ACD/IVR call center.
Designed and deployed an in-house audio/video conferencing system reducing Legato’s annual cost for audio and web conferencing services by 90% (from $2.5M to under $300K).
Contact this candidate