Howdy, I am Alexander Stein. I go by A.J. because I am into the whole brevity thing.
I am an IT Cybersecurity Specialist in 773.02, the Security Components and Measurements Group, part of ITL CSD. Before that, I have worked in the commercial, defense, healthcare, higher education, and public (US government contracting) sectors. I am a proud 10x alum, so look into 10x and submit ideas if you're a federal employee! One of my 10x projects led me to work with OSCAL and work on it full-time at NIST.
I engage in several voluntary SDOs (Standards Development Organizations), and I really enjoy my contributions to the Internet Engineering Task Force. You can find more information about my past and present contributions at IETF by reviewing my profile page.
I am not one for titles. I have always enjoyed "security stuffs" and look for projects where I can explore it. More and more, I focus on the intersection of software development and different disciplines in security (application, infrastructure, information, network, et cetera) and risk management.
You need to book time with me about my work or potential future collaboration? That's great, book time with me by clicking this link.
You can see a redacted version of my calendar in the two different formats in the list below. If it is blue, I am booked. Do not try to schedule me, or do not expect an urgent response during those time.
My NIST email is the profile slug when you visit my account. You can also feel free open GitHub issues on any OSCAL or personal repo, and I will try to respond when I am able.
Most of what I currently do is around cyber-security data modeling. Looking for more detail? Check out my GitHub project and repo I use to track my day-to-day work across various projects.
- Measuring security practices in organizations across industry
- Increasing transparency with data sharing to help society trust data, software, and hardware safety and security claims
- Distributed ledger technologies
- Language and parser design
I am doing something new and learn in public. Feel free to look at notebook, my research repo to read and learn more. Hold me accountable, open issues there if things are unclear, confusing, or you have ideas for related topics worth learning. :-)
If you are using any of my projects (check my GitHub activity or public NIST profile) in your work, I want your help. Contact me via email, Gitter/Matrix, or Mastodon, in order of preference.
That's Darcy. We both have our moods, and like I say: together we represent the continuum of emotions one feels in security and software development, from elated to dejected.