Currently

I am a Lecturer at the Cheriton School of Computer Science at the University of Waterloo in Waterloo, Ontario, Canada.

Education

2016-18
University of North Carolina at Charlotte Computing and Information Systems PhD (supervisor: Heather Lipford). My thesis was titled Motivating Computer Science Students Beyond Classwork with Games and Gamification

2010-13
Columbus State University MSc Applied Computer Science

1998-99
Brock University BEd Intermediate-Senior English & History

1986-89
York University BA Economics

Academic Employment

2020-Present
University of Waterloo. Lecturer, Computer Science

• Courses Taught:
  • Introduction to Computer Science 1
  • Introduction to Computer Science 2
  • Designing Functional Programs
  • Elementary Algorithm Design and Data Abstraction
  • Software and Systems Security
• Course Coordinator:
  • Elementary Algorithm Design and Data Abstraction

2019-2020
Rochester Institute of Technology. Visiting Assistant Professor, Computing Security

• Courses Taught:
  • Principles of Computing
  • Introduction to Cybersecurity
  • Authentication and Access Control
  • Risk Management for Information Cybersecurity
  • Usable Security and Privacy
  • Disaster Recovery
  • Capstone in Computer Security

2018-2019
Nazareth College. Assistant Professor of Information Technology

• Courses Taught:
  • Introduction to Information Systems
  • Digital Game Design
  • Networking and Cyber Security
  • Interaction Systems Analysis and Design

2016-18
University of North Carolina at Charlotte. Lecturer, Software & Information Systems

• Courses Taught:
  • Introduction to Operating Systems and Networking
  • Software Engineering
  • Senior Projects

2013-14
State University of New York at Cobleskill. Assistant Professor of Information Technology

• Courses Taught:
  • Microcomputer Applications
  • Intro to Network Security
  • Linux Operating System

2000-12
Apex Learning. Online Advanced Placement English and Economics Instructor

Funded Projects

2021
Co-Principal Investigator/Senior Personnel, Managing Privacy and Environment for Used and End-of-Life Electronic Devices

2020
Co-Principal Investigator, NSA GenCyber summer cybersecurity camp for K-12 students

2016-2018
Senior Personnel/Co-Principal Investigator, Cyber-Physical Range for Network Security Testing

Publications & Presentations

Journal Articles

2018
Browne, A. F., Watson, S., & Williams, W. B. (2018). Development of an Architecture for a Cyber-physical Emulation Test Range for Network Security Testing. IEEE Access.

Conference Papers

2022

Manisha Kamarushi, Stacey Watson, Garreth W. Tigwell, Roshan Peiris. OneButtonPIN: A Single Button Authentication Method for Blind and Low Vision Users to Improve Accessibility and Prevent Eavesdropping. In Proc ACM Hum.-Comput. Interact. 6. MHCI, September 2022. [Best Paper]

Manisha Varma, Stacey Watson, Liwei Chan, Roshan Peiris. VibroAuth: Authentication with Haptics Based Non-visual, Rearranged Keypads to Mitigate Shoulder Surfing Attacks. In International Conference on Human-Computer Interaction, June 26-July 1 2022, Virtual.

2020
Garreth W. Tigwell, Stacey Watson, Roshan L. Peiris, Gerald M. Garavuso, and Heather Miller. Student and Teacher Perspectives of Learning ASL in an Online Setting. In The 22nd International ACM SIGACCESS Conference on Computers and Accessibility, October 26--28, 2020, Athens, Greece.

Sarah Andrew, Stacey Watson, Tae Oh, and Garreth W. Tigwell. "A Review of Literature on Accessibility and Authentication Techniques." In The 22nd International ACM SIGACCESS Conference on Computers and Accessibility, October 26--28, 2020, Athens, Greece.

Ramaprasad, H., Bahamón, J. C., Jones, R. H., & Watson, S. (2020, February). Using Forcing Functions to Improve Student Preparedness in an Operating Systems and Networking Class. In Proceedings of the 51st ACM Technical Symposium on Computer Science Education (pp. 1366-1366).

Ramaprasad, H., Bahamón, J. C., Jones, R. H., & Watson, S. (2020, February). Incorporating Embedded Systems Security Awareness into a Computer Science Course via Minimal Interventions. In Proceedings of the 51st ACM Technical Symposium on Computer Science Education (pp. 1365-1365).

2019
Stacey Watson and Heather Richter Lipford. 2019. Motivating Students Beyond Course Requirements with a Serious Game. In Proceedings of the 50th ACM Technical Symposium on Computer Science Education (SIGCSE ’19), February 27-March 2, 2019, Minneapolis, MN, USA. ACM, New York, NY, USA

2018
Robles, A., Norris, J., Watson, S., & Browne, A. F. (2018, April). Survey of Non-malicious User Actions that Introduce Network and System Vulnerabilities and Exploits. In SoutheastCon 2018 (pp. 1-5). IEEE.

Tabassum, M., Watson, S., Chu, B. and Lipford, H.R. (2018, February). Evaluating Two Methods for Integrating Secure Programming Education. In Proceedings of the 49th ACM Technical Symposium on Computer Science Education (pp. 390-395). ACM

S Watson, J Bahamon, H Ramaprasad & HR Lipford. Developing Soft Skills with a Classroom Behavior Management Game. 49th ACM Technical Symposium on Computer Science Education (Baltimore MD, USA).

Workshop Papers

2017
Watson, S. and Lipford, H.R. (2017, July). A Proposed Visualization for Vulnerability Scan Data. In Thirteenth Symposium on Usable Privacy and Security (SOUPS). USENIX Association

Tabassum, M., Watson, S. and Lipford, H.R. (2017, July). Comparing Educational Approaches to Secure programming: Tool vs. TA. In Thirteenth Symposium on Usable Privacy and Security (SOUPS). USENIX Association

Abstracts

2011
S Watson & R Chouchane. The Challenges of Implementing a STARS Leadership Corps Program at Columbus State University, ACM Mid-Southeast Conference (Gatlinburg, TN)

S Watson & L Ray. A Study on Learning Patterns of CS1 Students at Columbus State University, ACM Mid- Southeast Conference (Gatlinburg, TN).

Dissertation

2018
Watson, Stacey. (2018). Motivating Computer Science Students Beyond Classwork with Games and Gamification. Dissertation. The University of North Carolina at Charlotte. (Order No. 10843770). Available from Dissertations & Theses @ University of North Carolina Charlotte. (2100695486).

Outreach

2019
GenCyber Girl's Introductory Camp. Lead Instructor

Professional Employment

2023
OneTrust. Senior Manager, Product Security

• Developed and maintained the company's application security program, including policies, procedures, and standard
• Provided guidance to development teams on secure coding practices and review code for potential security vulnerabilities
• Collaborated with cross-functional teams to ensure that security was integrated into the application development process
• Monitored and tracked security vulnerabilities and worked with development teams to remediate identied issues
• Maintained relationships with external security vendors, consultants, and other stakeholders to stay current with emerging security threats and technologies
• Managed a team of application security professionals and provided coaching and guidance as needed
• Developed security standards and guidelines to ensure the secure design and development of applications
• Evaluated and implemented security controls for CICD pipelines
• Developed and maintained security documentation, including standards and procedures
• Collaborated with development teams to integrate security into the software development life cycle
• Led the design and implementation of secure container-based infrastructure

2015-16
InterContinental Hotels Group (IHG). Senior IT Security Engineer

• Designed, developed and implemented QualysGuard Enterprise Vulnerability Management Platform throughout the organization
• Designed, developed and implemented Python code to pull Vulnerability results from QualysGuard Enterprise, munge and parse the raw data and upload to a server for import into a cutting edge dashboard
• Performed day to day operations for QualysGuard Enterprise Vulnerability Management solution
• Designed, developed and implemented Rapid7 Metasploit Pro and Kali Linux penetration testing solution throughout the organization

2014-15
Hewlett Packard. Information Assurance Security Engineer

• Performed day to day operations for McAfee Anti-Virus and QualysGuard Enterprise Vulnerability Management solutions
• Developed Python and VBA scripts to perform analysis on vulnerability and anti-virus data to provide actionable reports and greater management visibility
• Communicated results from analysis to operations teams and to management
• Closed gaps and expanded coverage of QualysGuard Enterprise Vulnerability scans into other HP environments
  Incorporated vulnerability management operations into compliance and risk operations.

2012-14
Total Systems, Inc. (TSYS). Senior Information Security Analyst

• Designed and implemented modules in Lockpath Keylight using the GUI and SQL
• Developed and documented team processes and procedures
• Provided training and oversight for the team
• Provided timely and accurate status updates and briefings about project status to senior management
• Collaborated with operations teams to implement development, staging and production environments of the new release of the LockPath Keylight tool
• Provided ongoing support and education for Keylight users
• Performed daily health checks and maintenance tasks in SQL and in the Lockpath Keylight tool
• Streamlined repetitive tasks via macros written in Excel VBA
• Conducted regular network vulnerability assessments using QualysGuard Enterprise, Tenable Nessus, Rapid 7 and eEye Retina in a large global network environment.
• Provided timely and accurate status updates and briefings about vulnerabilities to senior management
• Collaborated with operations teams to develop metrics and reporting that would prioritize vulnerabilities with the highest risk to the organization.

Professional Training & Certifications

2015
Rapid 7. Certified Metasploit Professional

2013
Center for Systems Security and Information Assurance (CSSIA). Ethical Hacking Course

2013
SANS. Network Penetration Testing and Ethical Hacking Course

2013
Columbus State University. Graduate Certificate for Information Systems Security Professional

2013
Columbus State University. Graduate Certificate for Information Systems Security Officer

Technical skills

• Security analytics
• User access control
• Firewalls
• Intrusion Prevention & Detection Systems
• User Authentication
• Vulnerability Scanning
• Web Application Assessments
• Ethical Hacking
• Programming Languages: Python, Racket, Java, C/C++, Objective C, Ruby on Rails
• Version Control: Git, Subversion

Areas of expertise

• Cybersecurity
• Usable Security
• Computer Science Education

Links

• LinkedIn
• Google scholar