Cyber engineering narrows the gap between current and acceptable security risks. Talented people, applying appropriate processes and technology, can make cost-balanced decisions that prioritize appropriate security activities, guided by systems engineering, metrics, and continuous process improvement.
David Eason applies these principles for a software development company, employing a shift-left approach that embeds security and metrics into each stage of a DevSecOps pipeline. The resulting deliverables and supporting tools are deployed as containers into IAC-provisioned cloud and air-gapped systems. Development of microservices, deployed as orchestrated containers in a service mesh, enables immutability, scalability, and redundancy. He's applied similar automation and process improvement principles in government, health insurance, geographic information system, internet services, and other verticals.
Author and international presenter of systems security engineering and middleware topics related to improving and connecting complex systems. Experienced in release and configuration management, build engineering, security operations, cyber hardening, statistics, technical project management, business process management, and process modeling. He currently leverages these skills from the DoD Cyber Workforce Framework: DevSecOps, security and cloud architecture, infrastructure support, secure software assessment, security development, and instruction.
Credentials: M.S.C.S., CISSP, and certified NSA/DHS-approved cybersecurity graduate