Bio

Frederic Stonesifer (ric at stonesifer.org)

Network and Computer Security Subject Matter Expert with over 21 years experience in networks, computer forensics and criminal investigative experience. Specialized experience pertaining to the acquisition and examination of computer data related to computer forensic investigations, electronic data discovery, data quality control, and analysis of other technical data. Experienced in vulnerability assessments, malware analysis and exploit penetration testing.

Work Experience

US Army, Computer Crime Investigative Unit (2010 - Present) - Forensic Team, Quantico, VA

Special Agent conducting criminal computer forensic investigations for the Commanding General, US Army Criminal Investigation Command (USACIDC).  Analyzing seized digital evidence on a routine bases on forensic examinations to include hard drive duplications and imaging. Practice and trained sound computer forensic techniques to prevent tampering and cross contamination. Teaching and mentoring fellow forensic examiners.

Booz Allen Hamilton (2009 - 2010), Digital Forensics and Incident Response Lead, McLean VA

Lead digital forensics and incident response activities for civil agency, commercial, and military investigations. Managed seven senior digital forensic specialists in report writing, training, contract specification and moral on four separate contracts. Worked closely with client Operations and Engineering organizations to develop incident response plans reference NIST SP 800-51 /61 / 63, National Strategy to Secure Cyberspace and Federal Information Security Management Act (FISMA) of 2002. Conduct examinations of computers and media generated by computers to develop evidence in support of internal and external investigations in the specialty area of forensic computer science. Identified and recommend methods and procedures for preservation, evidence recovery, and the presentation of computer evidence. Collected, received and maintained the integrity of evidence in accordance with Department of Justice standards. Prepared formal written reports suitable for client and legal presentation which stated results of the investigations, interpretations of the factual evidence discovered to include professional opinion and conclusions.

Guidance Software (2001 - Present), Part-Time Lead Instructor, Dulles VA

EnCE part-time instructor for Guidance Software instructing Computer Forensic I and II, Enterprise I and II, Field Intelligence Model, Advance Computer Forensics, Advance Internet Examination and Network Intrusion Investigations. Co-authored course material in the Network Intrusion and Linux/Unix Computer Forensic Examinations Courses. Instructed over 50 courses; and half of them as Lead; students consisted of law enforcement officers, corporate examiners and legal advisers.

US Army, Field Investigative Unit(2005 - 2009), Operations Officer, Alexandria VA

Supervised, planned, and directed nine criminal investigators and one civilian in investigations of classified and/or highly sensitive issues of interest to the US Army. Expert security officer in classified, sensitive compartmentalized information management and certified in Special Access Programs. Major Case Manager for the highly publicized CPL Patrick TILLMAN death investigation. Recognized the necessity and importance of obtaining volatile data especially as it applies to computer network intrusions and developed the Volatile Data Collection (VDC) script to seize live computer RAM, process memory, volatile system information, system processes and logs as evidence.  Conducted computer forensics on classified investigations.

US Army, Computer Crime Investigative Unit (2003 - 2005) Special Agent in Charge, Fort Huachuca AZ

Responsible for forensic investigative support in the Theater Network Operations and Security Center (TNOSC), Network Technology Command (NETCOM), and the Regional Computer Emergency Response Teams (RCERT) both Pacific and Korea. Conducted vulnerability assessments in concert with the US Army Chief Information Office (CIO) / G6 to ensure Information Assurance compliance. Managed and developed the electronic crime vulnerability assessment program, an integral component of the US Army CIO/G6 Information Assurance Vulnerability Assessment (IAVA) program which identified and mitigated in excess of 50 million in vulnerability cost avoidance across the US Army global networks.

US Army, Computer Crime Investigative Unit (2000 - 2003) - Forensic Team Chief, Fort Belvoir VA

Supervisory Special Agent that supervised four special agents under the Technical Team Chief Forensic Department in a nominative assignment with the approval of the Commanding General, US Army Criminal Investigation Command (USACIDC), to CCIU. Analyzed seized digital evidence on a routine bases on forensic examinations to include hard drive duplications and imaging. Practice and trained sound computer forensic techniques to prevent tampering and cross contamination. Developed the IAVA compact disc report system for commanders and technicians to quickly assess their network and combat weaknesses which aided in the Army goals of environmental friendliness.

US Army, Fort Knox USACIDC Resident Agency (1997 - 2000) – Drug Team Chief, Fort Knox Kentucky

Supervisory Special Agent that supervised three military policemen as the Drug Suppression Team Chief in the eradication of controlled substances on Fort Knox and surrounding counties as they involved military personnel.  Additional duties included acting Computer Crime Coordinator (CCC) wherein investigations involving computers, cell phones or electronic storage media where investigated by the CCC and forensic examination reports prepared for same criminal cases.  Those investigations included inappropriate usage examination into tracking user internet and file history.  Additional investigations included deaths involving recovering suicide notes, email and file traffic

EDUCATION

Bachelors of Science in Computer Science, 2005, University of Maryland

CERTIFICATIONS

EnCase Certified Examiner (EnCE)
Seized Computer Evidence REcovery Specialist (SCERS)
DoD Certified Computer Investigator
Microsoft Certified Systems Engineer (NT4.0)