Bob Lockhart
Manager of cybersecurity programs at Utilities Telecom Council
Bob has six years of experience in electricity grid cybersecurity, with 24 years of total experience working in information security. He was previously Navigant’s research director of transmission, distribution, smart metering, demand response, home energy, software, telecommunications, data analytics and cybersecurity. His personal research areas of experience include industrial control systems security, smart meter security, meter data management, distribution automation, energy storage and cloud computing. Before becoming a market researcher, Bob worked at Electronic Data Systems for 31 years.
Vince Aragon
Senior physical security specialist
As a senior physical security specialist, Vince leads and provides experienced counsel in all areas of physical security for public and private sector organizations (industrial, critical infrastructure, and Department of Defense). An ASIS board Certified Protection Professional® (CPP) and Physical Security Professional® (PSP), Vince develops all-encompassing security strategies for clients inclusive of developing policy, processes, procedures, security awareness programs and security teams, all customized toward the business and regulatory needs of client industries.
John Biasi
Senior cybersecurity specialist
John has notable success directing a broad range of IT and cybersecurity initiatives while planning, analyzing and implementing solutions that support business objectives. As a staff technical leader with cybersecurity, he has hands-on experience developing solutions for a broad range of regulations and security frameworks, including HIPAA, ISO 27001, NEI 08-09, NERC CIP, NIST, PCI-DSS and SOX.
Joe Bonventre
Senior cyber and physical security specialist
Joe is an ASIS Board Certified Protection Professional (CPP), as well as a Six Sigma Green Belt with over 10 years in physical & cyber security. Joe is an adept professional with notable success managing and executing both physical and cyber security projects in the Energy sector. He has a deep expertise in strategic plans for regulatory compliance objectives, including all aspects of federally regulated compliance programs related to the company’s critical infrastructure, FERC, NERC, MTSA and other critical security programs mandated by the federal government. He conducts both physical and cyber security risk and vulnerability assessments, as well as coordinates and implements comprehensive security system solutions designed for the protection of people and assets.
Benjamin Church
Senior project manager
Ben brings in-depth and hands-on experience in regulatory compliance program management, development and auditing to our team. With more than 25 years of experience, Ben leverages his wide range of knowledge in the global power sector and practical experience in Lean Six Sigma and risk management to help organizations drive change, transform complex problems into new opportunities, and maintain compliance across an ever-shifting regulatory landscape.
Alan Farmer
Senior technical project manager
Alan brings many critical asset power plants, control centers, wind farms and substations into NERC CIP compliance on various control systems. He’s led a large investor-owned utility through FRCC, TRE, NPCC, SERC audits, spot checks, and mitigation plans with minimal potential violations to successful conclusion. He provides infrastructure overviews to executive vice presidents and to the FRCC and TRE audit teams, as well as representing technical feasibility exceptions.
Jerome Farquharson
Practice manager, compliance and critical infrastructure protection
Jerome leads the Compliance and Critical Infrastructure Protection program at Burns & McDonnell. A security network engineer with 17 years of IT experience, his background includes cyber and physical security, information systems and business advisory consulting. Jerome has spent the past seven years as a policy and procedural development specialist for both medium- and large-sized utility environments. He has presented educational papers at industry conferences and forums addressing transmission and generation operational compliance issues. And he’s performed compliance audits for large investor-owned utilities to determine the level of regulatory exposure and define mitigation strategies to minimize penalty.
Ryan Friesema
Cyber and physical security specialist
Ryan is a cybersecurity and physical security specialist with 10 years of experience in designing, estimating and managing physical security projects. He’s worked on projects servicing both public and private sector organizations (industrial, critical infrastructure, and Department of Defense agencies). Ryan has a working knowledge of the state-of-art technologies of video surveillance, access control, and intrusion detections systems and their application, and in-depth experience in developing both conceptual and final designs of those systems.
Benjamin Jamar, MSE
Senior reliability compliance specialist
Ben is a senior NERC reliability compliance specialist at Burns & McDonnell focused on the planning and operations standards with extensive power system background, including engineering High Voltage (HV) and Extra High Voltage (EHV) power systems, substations and protection and controls. Ben is an experienced leader and subject matter expert auditing and investigating generation and transmission entities for facilities, operations and planning within the Electric Reliability Council of Texas (ERCOT) region using North American Electric Reliability Corporation (NERC) Reliability Standards and Rules of Procedure (RoP) to ensure the reliability of the Bulk Electric System (BES).
Michael C. Johnson
Associate reliability compliance specialist
Michael has directed directing a broad range of IT and cybersecurity initiatives while participating in the planning, analysis and implementation of solutions in support of business objectives. He has more than 35 years of hands-on experience developing solutions for a broad range of regulations and security frameworks, including ISO 27001, NERC CIP and NIST. His security compliance experience includes IT, security and NERC CIP compliance services for multiple electrical sector entities.
Robert J. “R.J.” Hope, CPP, ABCP
Manager, Security Consulting
Mr. Hope is the Department Manager of Security Services at Burns & McDonnell. He and his team develop all-encompassing security strategies for clients inclusive of threat and risk identification and evaluation, consequence assessment, security design, developing policy, processes, procedures, training programs, and security teams, all customized and tailored towards the business and regulatory needs of our clients. Mr. Hope and his team are actively involved in the CIP-014 environment conducting assessments, security designs, and supporting implementation efforts. His team consists of security consultants directly from the fields of critical infrastructure, education, banking, critical manufacturing, law enforcement, military operations. His team also includes team members specializing in assessment, security system design, implementation support, and commissioning. Mr. Hope is directly responsible for the Burns & McDonnell personal safety and foreign travel security program and is a veteran of the United States Marine Corps.
Linda Lynch
Senior reliability compliance specialist
Linda evaluates, coaches, leads and implements effective internal compliance programs at NERC Registered Entities (REs). As a NERC-certified auditor at a regional reliability organization (RRO), she has a comprehensive understanding for application of the operations and planning and critical infrastructure protection (CIP) NERC reliability standards. She has exceptional knowledge of internal controls and has presented at conferences on the subject.
Kevin Madis
Senior reliability compliance specialist
Kevin is a NERC CIP consultant with more than 16 years of experience in the IT industry, including nine dedicated to the energy sector. He focuses on electronic access controls, incident response, change management and compliance programs. Kevin is a certified information systems security professional (CISSP), as well as a Cisco Certified Network Associate (CCNA). He works with clients to define needs and/or opportunities, and analyzes data to advise on recommended solutions focusing on IT security and regulatory compliance.
Michael Welch
Senior control system cybersecurity specialist
Michael has more than 16 years of experience managing corporate networks, developing procedures based on regulatory requirements and performing security architecture reviews. He also handles compliance management, business risk assessments (gap analysis), business process audits, internal technology audits, attack and penetration tests, network and host assessments, and firewall reviews. With an increased focus during the past five years on NERC CIP compliance for generation sites, he has led or participated in numerous FAT/IFAT with DCS vendors such as Emerson, GE and Toshiba.
Victor Elazequi
Physical security specialist
Mr. Elazegui has extensive, first-hand experience in physical security operations and management within both public and private industries. Mr. Elazegui specializes in the diverse matters of security management including the development and implementation of security standard operating procedures (SOPs), security planning & design, corporate and regulatory compliance, and security threat & vulnerability assessments. Through his experiences, Mr. Elazegui has gained a thorough understanding of physical security technologies to include video surveillance, access control, and intrusion detection systems, and the effectiveness of those technologies in ‘real-world’ applications. Mr. Elazegui’s ability to analyze and interpret regulations impacting physical security combined with his tenure in security operations allows him to properly and accurately assess his client’s needs from both efficiency and cost-benefit standpoints.