Ian Lee

Cyber Security Professional, Open Source Evangelist, Martial Artist, Aspiring Rock Climber

Professional Summary

Director of Advanced Computing Solutions with 16 years of cybersecurity experience, including 9 years securing large-scale High-Performance Computing (HPC) environments supporting national mission systems. Proven builder of security practices, standards, and cross-agency technical communities, with deep expertise spanning HPC, cloud, DevSecOps, Zero Trust, and operational security analytics. Former HPC Security Architect at Lawrence Livermore National Laboratory and co-author of the NIST SP 800-234 HPC Security Overlay. Trusted technical leader for complex federal programs, capture efforts, and delivery at scale.

Strong developer background on both internal and open-source projects allows for custom code development for new features or fixing existing applications. Proven examples both creating new applications to support government initiatives such as Scraper for the Federal Source Code Policy initiative (OMB M-16-21) and contributing to government open-source efforts such as Pshtt in support of the HTTPS-Only Standard (OMB M-15-13).

I am the founder and chair of the HPC Security Technical Exchange (STX), a government-wide collaboration advancing the security of next-generation computing platforms. I’m also an active open-source contributor, published author, and advocate for mentoring the next generation of cybersecurity professionals.

My work bridges deep technical expertise and practical leadership, guided by a simple WHY: “To leave things better than I found them, so that those around me believe they can make a difference.”

Why

To leave things better than I found them, so that those around me believe they can make a difference.

Employment

ShorePoint, Inc. (April 2025 - Present)

↪ Director of Advanced Computing Solutions (April 2025 – Present)

Practice Leadership & Strategy

  • Founded and lead ShorePoint’s High-Performance Computing (HPC) Security practice, establishing service offerings aligned to federal mission environments across DOE, DoD, and civilian agencies.
  • Established initial HPC security service offerings and reference architectures aligned to federal mission environments.
  • Independently sourced and developed a qualified pipeline of prospective customers and led early-stage capture and solution development.
  • Host and organizer of HPC Security Technical Exchange (STX), with the fourth event drawing ~ 80 senior practitioners across government and national laboratories.
  • Invited speaker at SC25 Secure HPC (S-HPC) session, presenting outcomes from HPC STX and participating in panels on HPC security control overlays; co-organized Zero Trust Birds-of-a-Feather session.

Capture & Growth Support

  • Served as senior technical SME supporting new business capture and proposal development.
  • Contributed as author and reviewer across ~5 competitive federal proposals within first 6 months.
  • Partnered with executive leadership and business development to shape technical strategy, solution positioning, and bid readiness for HPC security pursuits.

Internal Research & Development

  • Founding member of ShorePoint’s IRAD AI Tiger Team, evaluating secure internal AI adoption and developing concepts for customer-facing AI security tooling.

↪ as Deputy Technical Lead on CDM Data Services contract (April 2025 – February 2026)

  • Deputy Technical Lead for CDM Data Services pipeline, overseeing daily technical execution of a ~25 engineer team, including delivering mission-critical federal data services.
  • Designed and implemented development best practices including image build and release processes for Python-based microservices across local and multiple AWS environments.
  • Led development of Elastic-based monitoring and analytics dashboards supporting multi-agency deployments using ES QL, KQL, and Lens.
  • Established streamlined pull-request review and approval processes in both Bitbucket and GitHub to improve code quality and delivery velocity.
  • Leveraged AWS services including EC2, Secrets Manager, Inspector, and SSM to support secure deployment and operations of production microservices.
  • Applied Docker-based containerization for Python microservices, leveraging Taskfile and uv for build automation and environment management.

Lawrence Livermore National Laboratory (June 2010 - April 2025)

↪ HPC Security Architect & Security Operations Team Lead

Livermore Computing, September 2021 - April 2025

  • Led and influenced direction of a diverse team of 5 engineers focused on continuous monitoring of HPC environment, including monitoring of system health and performance, security monitoring for malicious or undesirable activity, detection and response to issues that arise.
  • Identified gaps and areas for improvement in the overall security posture of Livermore Computing (LC) High Performance Computing (HPC) center.
  • Set direction and vision of center wide improvements to automation, including modernizing developer workflows around secure DevOps practices.
  • Responsible for defining, performing, and coordinating cyber assessment activities on all Livermore Computing (LC) production, infrastructure, and testbed systems.
  • Authored new DISA Security Technical Implementation Guide (STIG) for LLNL-developed “TOSS” HPC operating system.

… as Cyber Assessment Coordinator, November 2016 - April 2025

  • Monitors relevant security vulnerability and threat intelligence feeds from vendors, LLNL Cyber Security Program (CSP), and other sources.
  • Defines LC best practices and processes based on industry accepted configuration standards.
  • Provides technical guidance on technologies and innovations that impact the security posture of LC systems.
  • Performs penetration testing against LC systems and provide feedback to staff and management on findings and remediation steps.

… as Alternate Organization Information System Security Officer (AOISSO), April 2018 - August 2022

  • Responsible for overall security of Livermore Computing (LC) High Performance Computing (HPC) center.
  • Ensures and tracks compliance of LC systems to LLNL, DOE, and Federal Cyber Security requirements.
  • Encourages and directs process improvement and automation of security efforts within Livermore Computing.

↪ Web Services Team

… as Senior Engineer, October 2015 - April 2025

  • Serves as lead engineer for deployments and automation; implemented improvements to bring service downtimes to (<10) minutes rather than hours.
  • Increased deployment rate from quarterly to monthly for web service releases.

… as Team Lead, November 2021 - June 2022

  • Leads team of engineers responsible for maintaining suite of web services supporting ~ 3,000 users, including Atlassian (Confluence, Jira, Crowd), GitLab, JupyterHub, Apache, and Nginx services.
  • Directs and oversees efforts to modernize web technology stack including investigations into continuous integration and containerization to support improved reliability and ease of maintenance of services.

↪ Open Source Evangelist

February 2015 - April 2025

↪ Computer Engineer

October 2012 - November 2016

  • Provided software development support and technical guidance to LLNL code teams; developed and supported Python packaging for developer integration with high performance computing resources and clusters.
  • Advocated for adoption of and trained fellow staff on modern software development technologies, including: Git, Stash/Bitbucket, Open Source development, and workflow management
  • Administered six Atlassian instances running across various networks, serving approximately 3,000 end users.

Consulting Work

November 2018 - Present

  • Provides high quality software engineering guidance and delivery, specializing in automation of complex tasks in high complexity environments.
  • Provides cyber security consulting services for businesses and individuals looking to get ahead of the next cyber threat.
  • Offers penetration testing and vulnerability assessments, analyzing networks for opportunities a hacker would use to gain access to important or sensitive data on your network.
  • Serves as a Subject Matter Expert in a variety of cybersecurity areas as a 1099 contractor, including: vulnerability assessments, internal penetration tests, and training course development & review.
    • SANS, November 2018 - Present
    • Black Hills Information Security, October 2020 - Present
    • InGuardians, June 2021 - Present

Publications

Security Technical Implementation Guides (STIG)

Presentations

  • HPC Security Technical Exchange 2024, Third International Workshop on Cyber Security in High Performance Computing (S-HPC 2024) at SuperComputing 2024, November 2024, Slides
  • DevOps in HPC, 4th NIST HPC Security Workshop, May 2024, Slides
  • Monitoring HPC Security at LLNL, 4th NIST HPC Security Workshop, May 2024, Slides
  • Pass On What You Have Learned: Deploying to Production, Elastic Public Sector Summit 2024, March 2024, Slides, Video
  • Building DevOps into HPC System Administration, NLIT / S3C, June 2023, Slides
  • Keeping It All Safe: LLNL HPC Security Architecture, 3rd NIST HPC Security Workshop, March 2023, Slides
  • Development of the TOSS 4 STIG, 3rd NIST HPC Security Workshop, March 2023, Slides
  • You Must Unlearn What You Have Learned, ElasticON Public Sector, February 2023, Slides, Video
  • Addressing Cybersecurity Standards / Policies in HPC Environments, Supercomputing 2021 Birds of a Feather, November 2021, Slides
  • Intro to Git for Security Professionals Workshop, Wild West Hackin Fest Way West, June 2021, Slides
  • Releasing Your First (Python) Open Source Project to the Masses!, Wild West Hackin Cast, January 2021, Slides, Video
  • Intro to Git for Security Professionals Workshop, Wild West Hackin Fest, September 2020, Slides, Video
  • Post Exploitation in Developer Environments, SANS Pen Test Hack Fest Summit, November 2018, Slides
  • At the heart of a Supercomputer, is Open Source Software, RedHat OPEN FIRST DC, September 2018
  • How Open Source Supports the Largest Computers on the Planet, DOE Exascale Computing Project Best Practices Webinar, July 2018, Slides, Video
  • How Open Source Collaboration Benefits Cyber Security, Department of Energy CyberCon, June 2018, Slides
  • Open Source in Service to National Security, Code for America / Code.gov Meetup, May 2018, Slides
  • Your Secrets are Showing! How to find if your developers are leaking secrets, BSidesSF 2018, April 2018, Slides, Video
  • 2018 State of Open Source, Software Improvement Networking Group, Lawrence Livermore National Laboratory, March 2018, Slides
  • Open Source Workflows at LLNL, Code.gov Bi-weekly Call, January 2018, Slides
  • U.S. Adoption of HTTPS, CyberFest 2017, Lawrence Livermore National Laboratory, October 2017, Slides
  • Developing Open Source in Service to National Security, Oak Ridge National Laboratory (Invited Talk), June 2017, Slides
  • Introduction to Git, Computation Summer Scholar Program, Lawrence Livermore National Laboratory, June 2017
  • Developing Open Source in Service to National Security, University of California - Santa Cruz (Invited Talk), February 2017
  • Developing Open Source in Service to National Security, GitHub Universe, September 2016, Slides, Video
  • Open Source Birds of a Feather, Software Improvement Networking Group, Lawrence Livermore National Laboratory, August 2016
  • pep8 vs PEP-8, Lightning Talk, PyCon 2016, Slides
  • Introduction to Git, Computation Summer Scholar Program, Lawrence Livermore National Laboratory, July 2016, Slides
  • Towards Open Source and Collaboration, Software Improvement Networking Group, Lawrence Livermore National Laboratory, February 2016, Slides
  • Stash Administration, Atlassian Administrators Meeting, Lawrence Livermore National Laboratory, August 2014
  • Git Tutorial: Managing Workflows, Software Improvement Networking Group, Lawrence Livermore National Laboratory, January 2014
  • Git Tutorial Series Part III: Merging & Workflows, Software Improvement Networking Group, Lawrence Livermore National Laboratory, November 2013
  • Git / Stash, Software Improvement Networking Group, Lawrence Livermore National Laboratory, August 2013

Guest Posts / Interviews

  • Spotlight Story: Interns and Open Source: A Productive Combination, Code.gov on Medium, June 2018, Blog Post
  • The case for open source software, 18F Blog, June 2018, Blog Post
  • Ambassadors of Code, S&TR Preview, January 2018, Interview Video
  • How one national lab is opening up code without compromising national security, FedScoop Post, September 2016, Article

Technical Reports

  • R. Cook, E. Dube, I. Lee, L. Nau, C. Sherada, and F. Wang, Survey of Novel Programming Models for Parallelizing Applications at Exascale, LLNL-TR-515971, Lawrence Livermore National Laboratory, November 2011, Report

Education

Masters of Science in Computer Engineering, October 2012

University of California - Santa Cruz, Santa Cruz, CA

Thesis: Dynamic Instruction Fusion

Bachelors of Science in Engineering in Computer Engineering, June 2009

University of Connecticut, Storrs, CT

Professional Activities / Technical Ability

Certifications

Awards

  • Eagle Eye Award, Lawrence Livermore National Laboratory, 2017
  • Director’s Institutional Award, Lawrence Livermore National Laboratory, 2017
  • Director’s Institutional Operational Excellence, Lawrence Livermore National Laboratory, 2015
  • Excellence in Teaching, University of California - Santa Cruz, 2012 - 2013

Open Source Project Contributions

Memberships / Organizations

  • SANS GIAC Advisory Board, 2017 - Present
  • Association for Computing Machinery (ACM), 2009 - Present
  • Institute for Electrical and Electronics Engineers (IEEE), 2008 - Present
  • ACT-IAC Climate Change Workgroup - HPC Project, 2023 - Present

Resume reviewed and released by LLNL as: LLNL-MI-767054