Full Name
Mr. Roger Greenwell
Job Title
Director, Enterprise Integration Innovation Center
Company
Defense Information Systems Agency (DISA)
Speaker Bio
Roger S. Greenwell is the Defense Information Systems Agency Enterprise Integration and Innovation Center director and Chief Information Officer.
He is responsible for making authorization decisions that balance mission and business requirements with the security in place. The scope of which encompasses hundreds of systems, applications, networks and satellite communications provided by DISA. Greenwell reviews and approves all plans of action to reduce risk, authorizes DISA's connections to the network, and validates all agency requirements for cross domain solutions and internet facing applications. He is also the Department of Defense authority for issuing cloud computing provisional authorizations.
Greenwell leads agency efforts in operating and assuring a reliable, available, secure and protected enterprise. His responsibilities include driving agency compliance with the DOD Cybersecurity Scorecard reporting requirements. He leads DISA’s efforts in developing DOD-wide security guidance and products including Security Requirements Guides, Security Technical Implementation Guides, and other content used by standards-based tools for automating compliance assessment against DOD standards. Greenwell is also charged with leading other key cybersecurity related initiatives including incident response and media analysis and conducting penetration testing/architecture analysis to critical systems. Until his appointment as the agency authorizing official, he served as the single information assurance certification authority within DISA and supported accreditation and authorization decisions for all DISA systems and networks.
Prior assignments include Risk Management director and technical director of DISA’s Field Security Operations where he directed the activities of 300-plus personnel supporting information assurance activities around the world. He provided oversight to numerous initiatives including a comprehensive vulnerability/risk assessment of Defense Enterprise Email, along with leading the DISA team supporting the first operational assessment of a coalition network – the Combined Enterprise Regional Information Exchange System - International Security Assistance Force. He served as the DOD certification authority for the general services component of the Computer Network Defense Service Provider program and validated processes and procedures used by service providers that provide protect, detect, respond, sustain services across DOD.
Greenwell previously served as the Field Security Operations chief of the Capabilities Implementation Division and chief of the IA Standards and Training Division. In these roles, he led efforts to develop operational procedures that supported the deployment of enterprise capabilities using tools such as the Host Based Security System and the Vulnerability Management Systems; and enabled the transformation of the STIGs/SRGs in adopting the standards-based Security Content Automation Protocol.
Prior to joining the government in 2009, Greenwell worked for Hewlett Packard/Electronic Data Systems where he provided security consulting and contract management for multiple customers including DISA, Army, and the National Guard. His diverse background and experience includes vulnerability management, computer network defense, standards and policy development, tool development and integration, training, disaster recovery, and emerging technology capabilities. He co-authored the first DOD technical security guide in 1994 supporting the mainframe environment which led to the creation of the SRG and STIG program that exists today.
Greenwell has a bachelor's degree in computer internetworking and is a graduate of the Federal Executive Institute. He holds multiple industry security certifications including CISSP, CISA and CISM.
He is responsible for making authorization decisions that balance mission and business requirements with the security in place. The scope of which encompasses hundreds of systems, applications, networks and satellite communications provided by DISA. Greenwell reviews and approves all plans of action to reduce risk, authorizes DISA's connections to the network, and validates all agency requirements for cross domain solutions and internet facing applications. He is also the Department of Defense authority for issuing cloud computing provisional authorizations.
Greenwell leads agency efforts in operating and assuring a reliable, available, secure and protected enterprise. His responsibilities include driving agency compliance with the DOD Cybersecurity Scorecard reporting requirements. He leads DISA’s efforts in developing DOD-wide security guidance and products including Security Requirements Guides, Security Technical Implementation Guides, and other content used by standards-based tools for automating compliance assessment against DOD standards. Greenwell is also charged with leading other key cybersecurity related initiatives including incident response and media analysis and conducting penetration testing/architecture analysis to critical systems. Until his appointment as the agency authorizing official, he served as the single information assurance certification authority within DISA and supported accreditation and authorization decisions for all DISA systems and networks.
Prior assignments include Risk Management director and technical director of DISA’s Field Security Operations where he directed the activities of 300-plus personnel supporting information assurance activities around the world. He provided oversight to numerous initiatives including a comprehensive vulnerability/risk assessment of Defense Enterprise Email, along with leading the DISA team supporting the first operational assessment of a coalition network – the Combined Enterprise Regional Information Exchange System - International Security Assistance Force. He served as the DOD certification authority for the general services component of the Computer Network Defense Service Provider program and validated processes and procedures used by service providers that provide protect, detect, respond, sustain services across DOD.
Greenwell previously served as the Field Security Operations chief of the Capabilities Implementation Division and chief of the IA Standards and Training Division. In these roles, he led efforts to develop operational procedures that supported the deployment of enterprise capabilities using tools such as the Host Based Security System and the Vulnerability Management Systems; and enabled the transformation of the STIGs/SRGs in adopting the standards-based Security Content Automation Protocol.
Prior to joining the government in 2009, Greenwell worked for Hewlett Packard/Electronic Data Systems where he provided security consulting and contract management for multiple customers including DISA, Army, and the National Guard. His diverse background and experience includes vulnerability management, computer network defense, standards and policy development, tool development and integration, training, disaster recovery, and emerging technology capabilities. He co-authored the first DOD technical security guide in 1994 supporting the mainframe environment which led to the creation of the SRG and STIG program that exists today.
Greenwell has a bachelor's degree in computer internetworking and is a graduate of the Federal Executive Institute. He holds multiple industry security certifications including CISSP, CISA and CISM.
Speaking At
