Douglas Lemott Jr. Draws on Decades of Military Leadership to Protect the Critical Systems the U.S. Depends On

Douglas Lemott Jr. oversees cybersecurity at the Analysis and Resilience Center for Systemic Risk, also known as ARC. As Chief Information Security Officer, he’s responsible for protecting the systems that enable major companies to collaborate when the national infrastructure is at risk.

These companies operate in essential sectors like power, finance, and communications. If something goes wrong, ARC members must be able to communicate and act quickly to resolve the issue.

Lemott’s role is to make that possible. He creates secure digital systems that allow members to share threat intelligence, coordinate response efforts, and guard against potential disruptions. Although his work occurs behind the scenes, it supports the services that millions of people rely on every day.

From building secure platforms to preparing for cyber threats, his job is to ensure that ARC’s systems hold up when they’re most needed. At ARC, the goal isn’t to react after a crisis starts, but to be fully prepared before it begins, and Lemott is at the forefront of making that happen.

How a Single Article Led to a Career in Cybersecurity

Becoming a cybersecurity executive wasn’t part of Lemott’s original plan. The idea first came to him from a short article in a local newspaper. At the time, he was serving in the U.S. Marine Corps, and the article explained that active-duty members could apply to the U.S. Naval Academy—an option he was not aware of. He didn’t have a computer or anyone to help him through the process, but he decided to apply anyway.

That application set off a series of life changes, starting with his acceptance into the Naval Academy Preparatory School. From there, he was admitted into the Naval Academy itself, where he chose to study computer science. His education continued with a master’s degree in computer science from the Naval Postgraduate School and later, a second graduate degree in national security strategy from the National War College.

Lemott described reading that newspaper article as one of the most defining moments of his life, one that opened doors he would have never known about.

“That one decision dramatically changed the trajectory of my life,” he reflected. “I was forced to operate outside of my comfort zone, take on challenging assignments, and learn to be comfortable being uncomfortable.”

The Naval Academy left him with a deep sense of pride and gave him tools he still draws on today—critical thinking, sound leadership, and the ability to face uncertainty with confidence.

The lessons he gained have not only positively impacted his career but also his personal life.

Running One of the Military’s Most Complex Networks

Over his 27 years of service, Douglas Lemott Jr. took on roles that became increasingly technical and strategic. One of his highest-profile positions was as Commander of the Marine Corps Cyberspace Operations Group, where he oversaw the Marine Corps Enterprise Network (MCEN).

With over 300,000 users worldwide, the network required 24/7 oversight, with Lemott directing both its daily operations and the cybersecurity teams responsible for defending it.

He later served as Branch Head for C4 in the office of the Deputy Commandant for Information. In that role, he acted as both the Chief Information Officer and Chief Information Security Officer for Marine Corps headquarters. Lemott also helped lead the security authorization process, working closely with the Marine Corps Authorizing Official to make sure systems met strict security standards before going live.

Success in these positions called for more than just technical knowledge. Lemott had to lead teams, manage risk, and make quick decisions under pressure, often in high-stakes environments where even minor errors could have serious consequences.

“I thrive on challenging and high-pressure moments,” he said. “True character is revealed when someone is under pressure.”

That ability to stay focused in challenging situations became a defining part of his leadership style. Even with decades of training and experience behind him, he credits his composure to his faith, which gave him the confidence to face whatever came next.

“I know that God doesn’t put me in situations that He has not equipped me to handle,” he said. “My motto is, if not me, then who?”

By the time he retired from the military, Lemott had earned a reputation as someone who could lead effectively in uncertain situations. This made his transition into civilian cybersecurity a natural next step.

From Service to the Private Sector

After retiring from the military, Lemott continued his work in cybersecurity by transitioning to the private sector. He began his career at VMware, where he supported public-sector clients, including federal agencies, hospitals, and universities—organizations that manage highly sensitive data and provide essential services to the public. His work helped them meet federal cybersecurity standards, including FedRAMP, HIPAA, and FIPS.

Later, he joined SAP National Security Services, also known as SAP NS2, where he served as Vice President of Security Operations and Deputy Chief Information Security Officer. His responsibilities included leading secure cloud engineering and building out security protocols for the company’s platforms. He was also responsible for overseeing large-scale operations across multiple teams, ensuring that service delivery remained reliable, even under pressure.

Today, Lemott’s experience across the military, government, and private sector helps guide his work at ARC, where reliable systems are essential to keeping the country safe.

Rethinking Cyber Risk From the Top Down

In Lemott’s view, cybersecurity has shifted from a technical concern to a strategic leadership responsibility, intersecting with AI, geopolitics, and digital trust.

“The next 10 years will require a blend of technical depth, strategic thinking, and policy fluency,” he pointed out.

That means executives, board members, and senior managers all need to understand how cybersecurity affects operations, safety, and long-term trust. He also sees artificial intelligence playing a larger role in how organizations defend themselves.

AI tools can now detect unusual patterns in real-time—such as an employee logging in from an unexpected location or a device behaving abnormally—and flag them before any damage is done. These systems also help with identity protection by verifying whether login behavior matches past activity and taking automatic action if it doesn’t.

That might mean locking the account, requesting additional verification, or alerting the cybersecurity team. In fast-paced environments like ARCs—where national resilience depends on digital readiness—response speed can determine whether a threat spreads or is contained.

A Shift Toward Home Life

After years of deployments, meetings, and nonstop responsibilities, Douglas Lemott Jr. decided that after he retired, he’d make a conscious effort to be more present at home. During his active-duty years, work often came first, and he missed out on important moments with his family.

Now, in this next phase of life, he prioritizes showing up for them, not just occasionally, but consistently. He finds meaning in the ordinary moments, such as driving his sons to their sports practices, celebrating them when they excel in school, or discussing their plans with his wife.

“I am committed to being present for this phase of life,” he shared. “It could be the simple things…I just enjoy being present.”

Staying physically active is also important to him, and he makes an effort to move for at least 30 minutes to an hour a day.

“Exercise gives me the boost of energy and motivation I need to get through the day,” he said.

For him, the combination of family and exercise gives him a much-needed reset. It clears his mind, helps him focus better, and brings him back to the things that matter most outside the walls of work.

Advice for the Next Generation of Cybersecurity Professionals

For those thinking about a career in cybersecurity, Lemott offers practical guidance. First, he emphasizes the value of real-world experience, noting that working with hands-on tools and actual systems builds skills that often go beyond what traditional classroom learning can offer.

He also recommends pursuing certifications, but only those that align with specific career goals. While internships and entry-level roles provide early exposure to the field, setting up a home lab or getting involved in open-source projects can be just as valuable for developing fundamental skills.

Lemott also encourages aspiring professionals to start building a professional network as soon as possible. Attending industry conferences, joining local cybersecurity meetups, and staying active on social media platforms like LinkedIn or Twitter can lead to new opportunities and insights.

He also emphasizes the importance of mentorship, noting that experienced advisors can offer valuable advice, share lessons from their own experiences, and connect rising professionals with opportunities they might not have discovered on their own.

For Douglas Lemott Jr., cybersecurity is a way to serve others. By protecting the systems people depend on and leading with integrity even under pressure, his work helps organizations uphold the trust that keeps our digital world running.