SUMMARY:

• Challenge - seeking professional welcoming the constant evolution of the cybersecurity, networking, and electronic data security industry.
• Intimate understanding of the intelligence lifecycle coupled with strengths in research and analysis, documentation/recordkeeping, and intelligence analysis. Motivational leader of and mentor to up 15 people consistently exhibiting an approachable demeanor while seamlessly briefing top officials. Skilled in Microsoft Word, PowerPoint, SNORT, Splunk, CarbonBlack, Proofpoint, Symantec DLP, Windows SysInternals, Wireshark, and VMWare Workstation. Fluent in Spanish. Dually certified as a Target Digital Net Analyst proficient in discovery/malware analysis skill sets.

PROFESSIONAL EXPERIENCE:

Confidential - Owings Mills, MD

Cyber Security Analyst (Incident Response)

• Reviewed events generated by various security systems and investigated as needed.
• Stayed abreast of new threats, risks, and vulnerabilities
• Analyzed suspicious files, email, and suspected malware
• Identified and responded to cyber-security incidents in accordance with the Incident Response process
• Documented lessons learned and made recommendations on any additional controls which are needed to prevent the incident from recurring
• Built new mitigating controls and developed signatures for existing controls
• Proactively applied threat intelligence and hunt ideology for threats in the environment
• Assessed the latest security technologies and made recommendations based on their potential to enhance the security of the enterprise.
• Collaborated with various security and infrastructure teams to investigate/mitigate incidents.

Confidential - Annapolis, MD

Information Security Analyst

• Provided operational and monitoring support for information security systems at Judicial Information Systems.
• Collaborated with internal Judicial Information Systems stakeholders and external parties as applicable.
• Researched and analyzed security incidents for Judicial Information Systems. The incumbent uses vulnerability intelligence services for identifying possible threats to and vulnerabilities of the Judiciary and participate in the enterprise remediation effort.
• Administered network and computing devices/systems/services that enforce security policies and audit controls across the multi-platform JIS environment. This includes, but is not limited to: monitoring controls, auditing controls, analysis of events through security tools (manual or automated) and applies to all platforms (i.e., firewalls, IDS/IPS, database, Windows, UNIX, Active Directory, etc.).
• Collaborated with Security Engineers on the functional requirements and testing of security tools. Reviews requests for exceptions to the Security policy.
• Collaborated with the internal/external parties on security advisories.
• Participated in periodic vulnerability assessments and reviews the findings to gauge overall risks, severity and appropriate corrective measures.
• Developed risk mitigation and remediation plans in support of applicable legislative, State and Federal regulatory requirements.
• Monitored, investigated and documented operational and key information about critical security systems.
• Ensured timely documentation is developed for all production configurations and this documentation is kept up-to-date.
• Participated in security compliance efforts and assist in responses to external and internal audits, as required.
• Participated in security operations support including off-hours on-call support.
• Participated in JIS Change Management representing Security.
• Participant of the Incident Management Team for all security-related incidents.
• Ensured appropriate and timely communication to all internal and external incident team members.
• Ensured the incident is fully documented including any follow-on risk mitigation and lessons learned.
• Maintained knowledge of current & emerging Information Security vulnerabilities, technologies and trends by attending industry forums, trade associations, training, conferences, webinars and regularly reviewing trade journals and literature.

Confidential, Maryland

Target Digital Network Analyst

• Evaluated complex intelligence data to identify data for relay to the intelligence community.
• Broadened collection capabilities and gained new accesses to hard targets through network analysis.
• Averted security leaks through in-depth review of documents for classification content, additionally confirming the effective sanitization and safeguarding of unclassified information.
• Executed up to 8 projects concurrently.
• Exhibited strong interest in and participated in the training and professional growth of assigned team members.

Security Operations Center Analyst

Confidential

• Uncovered cyber threats through global-level computer network operations forensics in support of national level requirements. Categorized collected data by priority to heighten awareness of malicious activity to international government and military networks.
• Pinpointed and proposed mitigation methods to address the access of unauthorized users on U.S. and allied networks.
• Helped attribute malevolent network activity, populating national data repositories.
• Dissected malicious files and provided countermeasures to net defenders. Protected critical Department of Defense networks.
• Conducted an audit of queries, advancing 100% work center compliance and ensuring 4th Amendment protections.
• Identified government and military net intrusion events, diagnosing new enemy threats and techniques.
• Automated web service research, characterizing enemy TTPs/changes. Wrote mitigation reports for national organizations.
• Crafted six scenarios and drafted eight reports in support of the annual USPACOM exercise. Facilitated training for 600+ analysts.
• Identified and tasked targets for collection systems, inputting 100% of selectors for MSN. Shielded DoD nets.
• Produced reports and fielded information requests as part of national level training exercise.
• Estimated malware analysis and reporting procedures, directly supporting analysts and crafting reports to national intelligence community. Resulted in a 90% product release time.

Network Operations Center Analyst

Confidential, Texas

• Develop and conduct on-going research to support development of CNO (Computer Network Operations) planning.
• Investigate and track Information Operation (IO) and CNO development in the DoD.
• Develop, document, and implement plans and procedures for handling CNO technology requirements and enhance coordination with external partners.
• Ensure policies authorities providing development and exercise of CNO capabilities.
• Develop briefing materials, administrative, and logistical support