Consultant, Kevin Kennedy Associates Inc.
Providing expertise in software development, data analysis, electronic discovery, information security, litigation support, expert testimony, and related expertise to a wide variety of clients.
Independent Consultant, Sterling, VA
Software development, project management, software analysis, analysis of software development and project management processes, analysis of large amounts of structured data (e.g., databases), data recovery, data analysis for litigation, software security, electronic discovery, proactive e-discovery readiness, computer forensics, litigation consulting, expert testimony. Served as testifying technical (software) expert, in case involving allegations of improper software development and project management procedures.
Senior Managing Consultant, Electronic Discovery Practice, Data Acquisition, Management And Analysis Group, LECG, LLC Washington, DC
Performed trial testimony, data analysis, electronic discovery and computer forensics litigation consulting supporting Fortune 500 and US Government clients. Testified in court at jury trials about software, software development and project management. Managed full life-cycle development of large software applications. Created, analyzed, and administered large databases for a number of cases. Performed document management and analysis of large volumes of documents. Advised corporate and legal customers on electronic discovery matters, e-discovery readiness. Analyzed software for intellectual property disputes. Developed custom software tools for document review and data processing. Acquired, imaged and analyzed electronic data for computer forensic investigations. Acquired and analyzed data from Internet sites and live databases.
Senior Software Security Consultant, Software Security Group, Cigital, Inc., Dulles, VA
Provided risk analysis services to clients, generated reports describing findings and recommendations, presented results to the client's key management and security personnel. Provided project management of software security reviews and process enhancement efforts, security analysis of financial systems: enterprise-wide, transaction processing, protocol analysis, cryptography, non-technical controls analysis etc. Also provided security analysis of gaming systems: online gaming, gaming terminals, fairness of the game, random number generator (RNG) analysis, security of RNG driver implementations. Security analysis of litigation support systems: finding a balance between the security of the system and legal environment restrictions. Regulatory compliance: HIPPA, California Privacy Act, Sarbanes-Oxley, NIST standards. Process improvement: helped clients improve system development process to adequately address security. Project management and technical leadership of consultant teams. Peer reviews of publications and client reports.
Senior Technical Consultant, Implementation Group, Catuity, Inc., Arlington, VA
Provided a gateway between the clients, Sales and Marketing team and Implementation Group itself on one side and software development group (in Sydney, Australia) on the other. Was in charge of the IPOS (Internet Point of Sale) effort as part of the sRV (smart Visa Rewards) project for VISA and Target as well as a number of smaller projects for different clients. Responsibilities included: Management of full life-cycle development of large software projects with strong security requirements (payment processing applications), Direct communications with the clients on technical and project management issues. Management of ad-hoc development and support efforts, Software system architecture (smartcards or magnetic cards, Physical Points of Sale (POS) terminals, Internet Point of sales (IPOS), database, distributed multi-user multi-tier architecture: card-terminal-host), Development of function specification documentation, Development and maintenance of the security-related product features (security in architecture, encryption, authentication mechanisms, cryptographic integrity checking mechanisms, security of the communication protocols against known attacks), Development of software prototypes, Taking a leading technical part in the large scale development efforts, System test and UAT support (training, troubleshooting the environment, debugging), Representation of the development team during internal and external security reviews.
Senior Software Developer, Information Solutions Department, Enterprise Application Integration Group, Concert Management Services (Joint Venture of AT&T and BT), Reston, VA
Served as a technical team lead in full life-cycle development from architectural design to system integration testing of the system. Maintained and developed Java and JavaScript applications used to provide the "non-intrusive" SOAP (XML) interface integration of several separately developed systems within Concert (AT&T and BT).
Software Development Team Lead, Workflow Solutions Group, Enterprise Systems Department, Concert Management Services (Joint Venture of AT&T and BT), Reston, VA
Managed maintenance and development of five different web applications. Responsible for the full project development cycle including architecture, system analysis and development and managing a group of up to six software developers. Used Active Server Pages and ISAPI extensions written on C++ on IIS 5.0, PWS for testing purposes; connecting to the Oracle 7.x and 8.x database servers via ODBC, interfaces with a centralized security system via server-side objects. These projects involved Oracle 8.x database, ASP, JavaScript for client-side validation and ISAPI extensions written in C++. Projects: Two different Global Broadcasting Systems - ways to keep track of the messages describing the current problems in system, Contact Details and Escalations application - a software that automatically assigns an escalation chain for every possible problem that can occur within the organization, Web Location project - a central depository for all the location-related data for the organization (international with all the country-specific details), One application that handled the security requests for the organization.
Senior Software Developer, AT&T, Herndon, VA
Served as a member of the change control board managing technical aspects of the web-based Sales-To-Order (STO) application. Was responsible for the full project development life-cycle including requirements gathering, time and cost assessments, project prioritization, development of project architecture, design and technical specifications, system analysis, development, testing and post-implementation support. The STO application used Java servlets and Active Server Pages (ASP) running on Microsoft Internet Information Server connected to the Oracle 7.x or 8.x database servers via ODBC or JDBC; it also interfaced with Tuxedo server via back-end objects written in C++ and had client-side validation using JavaScript.
Senior Software Developer, Image Machines Corporation, Herndon, VA
Development of multiple hardware device drivers (mostly SCSI, some - parallel) for large format scanners and printers using C, later - C++ and manufacturer API as well as libraries developed inside the company, Development of an graphical editor for different file formats using C++ (with MFC) and libraries previously written in C, Development of Internet Server Extension using ISAPI (C++) and libraries previously written in C, Development of Data Base Connectivity for the company product line, maintaining company data bases and testing data bases for a large variety of products including web connectivity and security applications (C, C++, SQL, ASP). SQL 6.5, later - SQL 7.0 servers, Development and maintenance of Web applications (including ODBC and SQL) using C++, ASP and Java applets, Development and maintenance of software and hardware security applications (C, C++), Design and development of custom projects for clients using existing libraries (C, C++, ASP, SQL), Maintenance and correction of code written by other people in close connection with technical support (C, C++, Java, VB etc.).
