Matthew Stephan

Regional Information Assurance Manager (IAM)

Yokohama, Japan


Information Security Policy: CISSP

Security Management: CISM & PMP

IT Risk Management: CRISC

IT Governance: CGEIT


Information security management professional possessing a broad range of experience & expertise in risk based program management, policy creation & implementation, program auditing, and the certification & accreditation of systems under US & international frameworks that is currently living and working in Japan.


University of PIttsburgh

Anthropology , Anthropology

May 1998 - May 1998



Temple University , Tokyo, Japan

February 2010 - January 2012

Teach as an adjunct instructor with the Temple University, Tokyo Campus, continuing education program and have taught 10 week courses on: Introduction to Information Security, Information Security Management, Information Technology Management, Information Technology Governance, ISO 27001/27002, and 16 hour seminar on Information Technology Fundamentals.

Prepare and present for 10 week classes
Teach technical information to non-native English speakers
Tailor instruction to individual needs
Far East Regional IAM

US Navy: Civilian , Yokosuka, Japan

January 2010 - April 2012

Manage Information Assurance (IA) activities, projects, and personnel for Naval Computer and Telecommunications Station Far East (NCTS-FE) systems and networks, totaling over 17,000 seats and 22,000 users, to include ONE-Net networks in Japan, Korea, Guam, Diego Garcia, and Singapore. Apply information security governance, policy, standards, and program/project management expertise to the NCTS-FE information security program with successful results shown through system/network accreditation status, test & inspection results, and overall incidents on the networks.

Network Security Management
Configuration & Change Management
Risk Management

CSC: US Navy, ONE-Net Contract , Yokosuka, Japan

August 2008 - April 2010

Lead IA projects and activities for the CSC ONE-Net Far East Services Contract. Managed the CSC 24-7 incident response team for the Far East region. Managed Far East region Certification & Accreditation (C&A) projects for all ONE-Net Far East sites and gained full accreditation status for all 18 ONE-Net Far East networks and their 22 associated circuits.

IA Management
C&A Activities
Inspection Preparation
Senior Security Architect

KCG: TSA, Information Security Architecture Contract , Washington, DC

March 2008 - August 2008

Managed the Security Architecture (SA) team and overall program plan to ensure work products and deliverables met contractual obligations for the Transportation Security Administration (TSA) and the Department of Homeland Security (DHS). Aligned the TSA IT and service contracts and security architecture to ISO27001.

Security Architecture
Information Security Baseline Requirements
Information Security Policy
Information Assurance Manager (IAM)

SAIC: US Navy, TC2S Contract , Washington, DC

August 2006 - March 2008

Provided dual function support to the US Navy and PMA-281 IAM for the Washington Planning Center (WPC) and the IA project team leader for the Tomahawk Command and Control System (TC2S) program. Provided IA management, support, and analysis to the TC2S system development teams to ensure IA was designed, engineered, planned, and built into the systems while managing the installation and accreditation of systems worldwide for both the US and British Navies.

IA Program Management
IA Engineering and Requirements
Configuration and Change Control
Security Engineer

SAIC: NARA, Security Architecture Contract , College Park, MD

October 2004 - August 2006

Developed the National Archives and Records Administration (NARA) information security policy framework and assisted the Agency Chief Information Security Officer (CISO) in implementing the framework across the agency. As part of five-person information security architecture team, developed the first information security architecture framework for NARA. Audited all NARA agency systems and networks, analyzed risk for agency CISO, and worked with system owners until all were fully security tested, certified and accredited.

Information Security Policy
Information Security Architecture
Systems Certification
Program Analyst

Information Security Oversight Office (ISOO): Civilian , Washington, DC

December 2001 - October 2004

Oversaw the implementation of the President's National Security Program within the Executive Branch of the U.S. Government and conducted on-site inspections, evaluations, and analysis of agency regulations, policies, practices, and data to determine compliance with Executive Order 12958, "Classified National Security Information" and Executive Order 12829, "National Industrial Security Program," for all assigned agencies. Established and maintained liaison relationships with the Department of Commerce, Nuclear Regulatory Commission, Office of Personnel Management, Federal Communication Commission, and the Tennessee Valley Authority. Ensured that agencies established uniform procedures to ensure that automated information systems, including networks and telecommunications systems, that collect, create, communicate, compute, disseminate, process, or store classified information had controls to prevent access by unauthorized persons.

National Security Policy
Program Oversight
Compliance Verification & Auditing

Matsuyama Municipal Board of Education , Matsuyama, Japan

August 1998 - August 2001

Assisted in the continuing education of Japanese teachers of English, coordinated the efforts of Japanese and foreign teachers of English in area Junior High Schools, and taught English and foreign culture in local Junior High Schools.

Program Development
Program Review

Workplace personality


Company Size


Day Length


Team Size


Noise Level


Dress Code





Paid Vacation

Copyright © 2020 All rights reserved