I have been a project manager in the venture capital funded private sector, and
I have won several small business innovation research contracts.
I spent 20 years in the United States Airforce both in the political science and
engineering fields.
I wrote software, particularly simulation software, in both fields.
I have been involved in requirements and
design phases of large government contracts.
So in essence, I've seen large software development from both the government and
the contractor sides.
And in case you're interested, I wrote my first program
in IBM 1401 assembly language when I was 15 years old.
I think it added some numbers together.
This specialization is as significant as it is amorphous.
In many software development shops,
designing security into the software is of huge importance.
Nevertheless the boundaries of what constitutes secure design are unclear.
Is it a matter of implementing a checklist of secure measures?
Does it extend a threat analysis and mitigation?