Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Staff Profile

Doug Gray

Key Responsibilities

Project manager at the CERT Division, the cybersecurity arm of the elite Software Engineering Institute, a federally funded research and development center at Carnegie Mellon University. Leads cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the DoD, federal civilian agencies, private sector organizations and their networked information systems. As a member of the Cyber Risk Management Team, leads the development of solutions (in the form of frameworks, models, tools, policies, practices, technical guidance, and training) that allow organizations to identify, analyze, and manage organizational, operational, and technical risks to mission-critical assets, processes, systems, and infrastructures. Leads applied research and performs assessments, diagnostics, and analysis techniques to better assess and mitigate risks to cyber environments and the organizational processes that depend on them. Activities include close work with customers from a variety of organizations, including DoD, government agencies, and commercial organizations.

Publications (recent or significant)

Intelligence Preparation for Operational Resilience (IPOR). Improving Federal Cybersecurity Governance Through Data-Driven Decision Making and Execution.


  • Lean Six Sigma Green Belt, Project Management Academy
  • Chief Information Security Officer, National Defense University
  • Certified Information Systems Security Professional (CISSP), #386370, (ISC)2

Contact Doug Gray