Research and Archival Support:• Participated in ethnoresearch on web3/DAOs, provided relevant archival materials, and kept the research team apprised of any important day-to-day activities and significant upcoming events.Working Group Management: • Maintained detailed notes with contributor attribution for every working group, kept each working group abreast of the activities of the others, and mentored newcomers by providing organization-wide context and connecting them with… Show more Research and Archival Support:• Participated in ethnoresearch on web3/DAOs, provided relevant archival materials, and kept the research team apprised of any important day-to-day activities and significant upcoming events.Working Group Management: • Maintained detailed notes with contributor attribution for every working group, kept each working group abreast of the activities of the others, and mentored newcomers by providing organization-wide context and connecting them with relevant groups and contributors.Documentation and Process Management:• Led efforts to establish processes and documentation, created and maintained standardized templates for common documentation needs, and recorded meetings and transcribed the most important ones for archival purposes.Communication and Community Building:• Coordinated marketing and communication efforts with user communities, organized and ran town hall meetings, and fostered collaboration among working groups.Conflict Management:• Completed a conflict management course, which was particularly valuable in a flat organizational structure. Show less

Supply Chain Risk Management: • Developed risk assessment methodologies for the evaluation of relative security of different information and communication technology products, with respect to supply chain, to be used by a non-technical end user. The methodology was of interest to other departments and agencies, including the General Services Administration and the National Institute of Standards and Technology• Developed and performed pilot risk assessments on potential acquisitions… Show more Supply Chain Risk Management: • Developed risk assessment methodologies for the evaluation of relative security of different information and communication technology products, with respect to supply chain, to be used by a non-technical end user. The methodology was of interest to other departments and agencies, including the General Services Administration and the National Institute of Standards and Technology• Developed and performed pilot risk assessments on potential acquisitions. These were provided to our sponsor and other interested parties, as well as being used within the team to further develop the methodology• Created tools for internal team use, such as report templates, which allow for a consistent and uniform presentation of results for the customer while also reducing repetitive work by analysts• Onboarded new team members and acted as continuity from the previous team’s work as the most senior technical member of the team, having been on the project for 4+ years. The team had ranged from six members, to only me, back up to 20 people• Acted as sole cyber subject matter expert on the larger team• Traveled regularly to government/industry working groups and kept the SCRM team briefed on industry practices and concerns• Learned and applied diverse domains including government acquisition processes, hardware versus software supply chain security, corporate structures, NIST/ISO cybersecurity standards, risk management and risk communication Securing Critical Infrastructure:• Awarded $400k for a team on a $1.9m project that was spun off from the SCRM project• Served as team lead, main SME, and analyst on the team• Worked to assess relative vulnerability of all critical infrastructure sectors and subsectors to assist customer in deciding the best ROI regarding allocation of limited, essential cybersecurity resourcesOther:• Maintained and developed a data analysis and visualization C# tool used internally Show less

Developing tools to assist law enforcement in combating cyber-enabled crimes:• Authored a report explaining how anonymizing technologies like Tor work to a non-technical audience, starting with how the ordinary Internet works. This report was delivered to our sponsor and was also of particular interest to our law enforcement end users to make Tor accessible to their non-technical management• Worked with multiple internal stakeholders to develop new Lab policies regarding both use of… Show more Developing tools to assist law enforcement in combating cyber-enabled crimes:• Authored a report explaining how anonymizing technologies like Tor work to a non-technical audience, starting with how the ordinary Internet works. This report was delivered to our sponsor and was also of particular interest to our law enforcement end users to make Tor accessible to their non-technical management• Worked with multiple internal stakeholders to develop new Lab policies regarding both use of external cloud-based resources and use of the darknet • Set up and administered the Amazon Web Services servers used in the team's Bitcoin and Tor research• Ran a feasibility study evaluating then-academic deanonymization methods’ technology readiness levels and developed a roadmap for combining them into an ensemble tool, which law enforcement agencies could use to significantly assist their cyber investigationsAssessing and prioritizing countermeasures: • Assisted in development of methodology for quantifying difficulty of cyber attacks and corresponding mitigations of countermeasures • Developed sample attacks as cyber SME• Investigated historical cyber attacks and consequences of attacker actions Leadership: • Methodically assessed 400+ resumes from internship applicants, interviewed promising candidates, and hired five interns to work across four projects in summer 2016 under my mentorship • Participated in an Attraction & Retention study workshop, and recruited other millennial-generation Sandians to ensure that our age group was represented in the study • Participated in multiple Diversity & Inclusion workshops and strategic planning sessions• Set up cross-center intern collaborations to bring cybersecurity interns doing similar work together• Set up tours for interns of interesting projects in all centers to learn about the breadth of important and interesting work at the Labs. This was picked up by the Sandia Internship Program to become an official event series Show less

• Designed and ran human subject studies to gather biometric data and prototype/test various machine learning algorithms for novel identification and authentication methods• Developed experimental procedures to meet the aims of both the Principal Investigator and of the Human Studies Board• Wrote and maintained a C# GUI interface for recording data and Python scripts to extract features, record the relevant features into a Mongo database, and classify using various algorithms provided… Show more • Designed and ran human subject studies to gather biometric data and prototype/test various machine learning algorithms for novel identification and authentication methods• Developed experimental procedures to meet the aims of both the Principal Investigator and of the Human Studies Board• Wrote and maintained a C# GUI interface for recording data and Python scripts to extract features, record the relevant features into a Mongo database, and classify using various algorithms provided by the scikit-learn libraries.• One of the projects produced a poster at USENIX 2014 and a conference paper presented at 2014 International Carnahan Conference on Security Technology Show less

Interdisciplinary Research:• Explored intersections of anthropology and cybersecurity, with a focus on password complexity and patterns.Password Analysis:• Analyzed leaked password lists commonly used for research purposes to identify password complexity features and understand patterns for [pseudo]random passwords, with the intent to explore ways to help users create and remember complex, hard-to-crack passwords.Machine Learning Analysis:• Used python and scikit learn to… Show more Interdisciplinary Research:• Explored intersections of anthropology and cybersecurity, with a focus on password complexity and patterns.Password Analysis:• Analyzed leaked password lists commonly used for research purposes to identify password complexity features and understand patterns for [pseudo]random passwords, with the intent to explore ways to help users create and remember complex, hard-to-crack passwords.Machine Learning Analysis:• Used python and scikit learn to run machine learning analyses on a Sandia National Laboratories supercomputer.Literature Reviews and Conferences:• Conducted extensive literature reviews and attended conferences to connect with authors and presenters in the field. Show less

• Graded weekly homework assignments (both short answer and programming projects) in C, C++, Scheme and Prolog• Held office hours to tutor students and answer questions about the class topics • Heavily commented graded assignments to explain point deductions and solidify students' understanding of concepts• Gave frequent feedback about student performance and questions to instructors and TA, with the intent of evolving the course schedule, materials and emphases to better reflect my… Show more • Graded weekly homework assignments (both short answer and programming projects) in C, C++, Scheme and Prolog• Held office hours to tutor students and answer questions about the class topics • Heavily commented graded assignments to explain point deductions and solidify students' understanding of concepts• Gave frequent feedback about student performance and questions to instructors and TA, with the intent of evolving the course schedule, materials and emphases to better reflect my experience as a student, my perceptions of our students, and the relationship between 240 and upper-level CS courses Show less

• Created and programmed menu screens for a graphical user interface to be used to control and monitor a satellite• Taught myself to program in Perl from books and wrote code for the satellite to be able to send and receive messages to/from ground control computers• Debugged code, written by others, to be used by satellite