• Login
  • Create your own VisualCV!

VisualCV


  • Contact

  • Share

  • Forward

  • Print

  • Save
VisualCV URL: http://www.visualcv.com/jepstein
Photo for jepstein

jepstein

Contact Information

Jeremy Epstein
Mobile:
(703) 989-8907

Work History

Self

Fairfax, VA, United States
Jan 2001 - Present

Independent Consultant 
  • Assist VCs in due diligence process.
  • Commonwealth of Virginia: Advise legislature and State Board of Elections on technology risks and approaches for electronic voting.
  • Commonwealth of Kentucky: Advise Attorney General on voting security issues.
  • Cyber Defense Agency LLC: DARPA research on Mobile Ad hoc Networks security.
  • Technical advisory boards for Open Source Digital Voting Foundation, Savoir, Cap Epsilon, Visual CV, Kenai Systems (acquired by Forum Systems), Platform Logic (acquired by Symantec), Secure Software (acquired by Fortify Software).
  • National Science Foundation: Review and recommend funding for academic research proposals.
  • Brennan Center for Justice at New York University Law School: Expert reviewer for The Machinery Of Democracy: Protecting Elections In An Electronic World .
  • Schade vs. State of Maryland et al: Expert witness on security of electronic voting.
  • Co-founder, Virginia Verified Voting and Verifiable Voting Coalition of Virginia.

Software AG, Inc. (formerly webMethods)

Fairfax, VA, United States
Jan 2000 - Present

Senior Director, Product Security & Performance 
  • Advise executive team on security strategy, directions, M&A activities.
  • Supervise product security efforts; provide oversight for corporate IT security.
  • Supervise development of performance benchmarks for all webMethods products.
  • Establish & manage relationships with key security and performance technology partners, including @stake (now Symantec), Entrust, Fortify Software, Forum Systems, Layer 7, Hewlett-Packard, IBM, Mercury Interactive (now HP), Netegrity (now CA), Segue Software (now Borland), Sun, White Hat Security, & others.
  • Responsible for security aspects of all webMethods products, including requirements definition, architectural direction, vulnerability analysis, customer alerting processes, standards conformance, developer training, government criteria conformance, technology partnerships, and customer / field consulting.
  • Co-founder, Common Criteria Vendors Forum.
  • Program Chair, 16th & 17th Annual Computer Security Applications Conference.
  • Contributor to CLASP; participated in SAML & XKMS standards.

Network Associates Inc, Network Security Research Division

McLean, VA, United States
Dec 1997 - Dec 1999

Manager, Security Integration Group 

Led development and integration of security technologies for use on the DARPA Information Assurance program. Technologies include CORBA-based guards, firewalls, VPNs, switched workstations, and other products to allow safe interconnection of networks from TS/SCI to Unclassified. Inventions led to issuance of patents 6,584,508 and 6,684,329.

Security Clearances

Current Clearance
Updated Jan 2008
Counter Intelligence Polygraph

Issued

Highest Clearance Ever Held
Held Jan 2008 - Jan 2008
Counter Intelligence Polygraph

Issued

Summary

  • Security architect/engineer with over 20 years experience in product development, academic research, standards development, requirements analysis.
  • Skilled communicator, with a strong aptitude for writing.
  • Internationally recognized expert in software security and voting systems with numerous public presentations and over 20 publications in peer-reviewed conferences.

Education

George Mason University

Sep 1990 - Jun 1995
Fairfax, VA, United States
Completed coursework for PhD, Information Security

Purdue University - School of Science

Jan 1981 - Dec 1981
West Lafayette, IN, United States
M.S., Computer Sciences

New Mexico Institute of Mining & Technology

Sep 1976 - Aug 1980
Socorro, NM, United States
B.S., Computer Science

Interests

  • Software security
  • Electronic voting security 

Recent Publications and Presentations

Recent presentations and publications

  1. What Measures do Vendors Use for Software Assurance?, Making the Business Case for Software Assurance Workshop, Carnegie Mellon University Software Engineering Institute, September 2008.

  2. How Can Researchers and Election Officials Better Work Together? (panelist), USENIX EVT '08 Workshop, July 2008.
  3. Security Lessons Learned from Société Générale, IEEE Security and Privacy magazine, May 2008.
  4. Towards Trustworthy e-Voting: An Open Source Approach? (panelist), Computers Freedom and Privacy 2008, May 2008
  5. Information Assurance Technology Forecast 2008, IEEE Security and Privacy magazine, January/February 2008.
  6. Interview on Voice of the Voters, February 2008 on Virginia legislation and voting system security.
  7. Interview on The New Dominion Show, January 2008 on Virginia legislation and voting system security.
  8. Interview on The Kenny Rahmeyer Show, WLBJ (Austin TX), January 2008 on voting system security.
  9. Electronic Voting 2008: What Are The Technical Issues?, Pew Charitable Trusts ElectionLine.org Forum, December 2007.
  10. Electronic Voting Options (panel chair), 23rd Annual Computer Security Applications Conference, December 2007.
  11. Electronic Voting 2007: What’s New in the US, University of Virginia, April 2007; Illinois Institute of Technology, October 2007; Olin College of Engineering, November 2007; Worcester Polytechnic Institute, November 2007.
  12. How Things Work: Electronic Voting, IEEE Computer, August 2007.
  13. Is SOA Governance a 10 Letter Word for Access Controls?, 2007 Web Services Security Conference and Exposition, May 2007.
  14. Electronic voting 2007 – what works, what doesn’t, and how can technologists affect the future, RSA Conference, February 2007.
  15. Fifteen Years after TX: A Look Back at High Assurance Multi-Level Secure Windowing (Invited Paper), Proceedings of the 22nd Annual Computer Security Applications Conference, December 2006.
  16. Challenges for Web Services Security (panel), 22nd Annual Computer Security Applications Conference, December 2006.
  17. Brief appearance on CNN Lou Dobbs (recounts for electronic voting), November 2006.
  18. Architecting Secure webMethods Solutions, Integration World 2006, November 2006.
  19. Alternate Assurance Methodologies for Increasing Product Security, 7th International Common Criteria Conference, September 2006.
  20. “Good Enough” Metrics, Metricon 1.0 workshop at USENIX Security, August 2006.
  21. Why Applying Standards to Web Services Is Not Enough, IEEE Security and Privacy magazine, August 2006.
Full list available on request

Professional Affiliations

Senior Member, Association for Computing Machinery (ACM)

Senior Member, Institute of Electrical and Electronic Engineers (IEEE)

Member, USENIX Association

Member, US Public Policy Committee of ACM (USACM)

Senior Fellow, Applied Computer Security Associates

Recent Articles

Icon_pdf_16 IEEE S&P Societe Generale article

Jeremy Epstein, Security Lessons Learned from Société Générale, IEEE Security & Privacy, May 2008.

Icon_pdf_16 IEEE S&P Security - Security Roundtable

Sami Saydjari (moderator), Steven Bellovin, Terry Benzel, Bob Blakley, Dorothy Denning, Whitfield Diffie, Jeremy Epstein, Paulo Verissimo, Information Assurance Technology Forecast 2008, IEEE Security & Privacy, Jan/Feb 2008

Icon_pdf_16 IEEE Computer Voting Machines article

Jeremy Epstein, How Things Work: Electronic Voting, IEEE Computer, August 2007.

 

Icon_pdf_16 ACSAC classic paper

Jeremy Epstein, Fifteen Years After TX: A Look Back at High
Assurance Multi-Level Secure Windowing, 22nd Annual Computer Security Applications Conference, 2006 (invited paper).

Hobbies

Turkey Run

Turkey Run

Colonial Reenactor at Claude Moore Colonial Farm, McLean VA. (www.1771.org)  Demonstrate life of pre-Revolutionary War tenant farmers at the only privately operated park in the National Park Service.

UNATL

UNATL

What's this?  Ask me!

Icon_pdf_32 This VisualCV is available as a printable .pdf file

Copyright © 2007 - 2008 VisualCV, Inc. All rights reserved.