SUMMARY:

Experienced IT professional looking to progress his career within the private and government service sector. I have over 18 years of professional I.T and 23 years military experience. I am detail oriented, motivated, able to multi - task, problem solve, and work in a team environment under stress.

PROFESSIONAL EXPERIENCE:

Confidential, Augusta, GA

Cyber Security Analyst

Responsibilities:

• Monitor SIEM/security tools in order to identify anomalies. Lead and assist rule development activities to need to increase detection efficiencies and help in the prevention of malicious attacks
• Provide high quality security device management and support services to Managed Security Service customers. This includes: Firewall, IDS/IPD, VPN Concentrator, VM/Scanning Systems in either a leveraged or dedicated delivery team model.
• Work on incidents based on standard service measures, responded to device alerts through in - house proactive alerting system. Communicated with vendors to support customer devices and environments.
• Experience working with packet captures/TCP dumps. Knowledge of different security platforms available with the following: Checkpoint firewall, Juniper Net screen/SRX firewall, CISCO PIX/ASA firewall, Bluecoat Proxy, F5 load balancer.
• Proficient in SIEM, IPS/IDS and VPN Technologies and Authentication Software, Microsoft and Citrix servers, ITSM/ ticketing systems, Crowd Strike, and LogRhythm. Apply knowledge of a client's security policies and procedures to detect, analyses and prevent both internal and external security breaches using SIEM and other security event monitoring tools

Confidential, Seattle, WA

Senior Security Engineer

Responsibilities:

• Daily operations included identification of potential exfiltration, vulnerabilities, exploitable traffic anomalies, device outages, and whitelisting of known entities. Tracked real time events utilizing proprietary ticket system to include on call rotation with 24/7-hour support to ensure no customer impact was present.
• Developed comparison matrix for forensic toolsets deployment. Determined the forensic solutions based off computing environment needs, frugality of implementation, and the ability uniformly investigate Joint investigation between different forensics teams within Confidential .
• Ran and reviewed vulnerability assessment reports. Worked with developers in multiple software and hardware groups to maintain 95% patching rate for the JIHM environment.
• Conducted collection of Threat Intelligence reports and interfaced with the AWS Information Security team to create IOC sharing and reporting of activity.
• Tools for incident investigation included correlation of log data using Kibana, Cloud Watch, Air Watch, Crowd Strike, and Proprietary SEIM tools.

Confidential, Smyrna, GA

Senior Incident Response Analyst

Responsibilities:

• Highly engaged in the daily operations of the Cyber Incident Response Team, coordinates activities with the Confidential to address tasking, schedules, training, and overall management of the Security Operations Center activities on a 24x7x365 basis.
• Responsible for daily event processing and reporting to ensure comprehensive situational awareness of network and IT infrastructure security status.
• Leads, trains, and mentor’s Cyber personnel through individual and group instruction, as well as the establishment, direction, and evaluation of Standard Operating Procedures and Job Qualification Standards.
• Tools utilized include Net Witness, FireEye, Symantec DLP, ArcSight, McAfee Endpoint Protection, Host-Based Security System ( Confidential ), LogRhythm, and others.

Confidential, Adelphi, MD

Cyber Operation Technician

Responsibilities:

• Performs as the Subject Matter Expert and advisor to the Commander and staff regarding the employment of offensive and defensive cyber operations.
• Directs, plans, administers, manages, integrates, and assesses cyberspace operations.
• Protects the Department of Defense Information Network against foreign and domestic threat vectors to maintain network integrity and functionality.
• Leads, trains, and mentor’s Cyber personnel through individual and group instruction, as well as the establishment, direction, and evaluation of Standard Operating Procedures and Job Qualification Standards.

Confidential, Fort Meade, MD

Cyber Intelligence Analyst

Responsibilities:

• Develop and maintain the authoritative ACL configuration file; interface with configuration file management tools and develop and maintain TTPs and processes for ACL development.
• Assist in troubleshooting anomalous network activity, Collaborated with Countermeasures Engineer to determine appropriate countermeasures.
• Analyze intelligence reports and strategic boundary hardening initiatives and make recommendations to leadership based on Internet Access Point (IAP) router tool capabilities.
• Collaborate with other team members and Confidential Centers (DNC) to define, document and strengthen boundary defensive posture.
• Coordinate with Whitelist and Ports, Protocols, and Services Management (PPSM) managing organizations for configuration file updates.

Confidential, Pentagon, VA

Incident Response Analyst

Responsibilities:

• Coordinates resources during Enterprise Incident Response efforts, driving incidents to timely and complete resolution.
• Employs advanced forensic tools and techniques for attack reconstruction.
• Performs network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output as it pertains to the cyber security of communications networks.
• Reviews threat data from various sources and develops custom signatures for Open Source IDS or other custom detection capabilities.
• Correlates actionable security events from various sources including Signal Exploitation and Information Management (SEIM) data and develops unique correlation techniques. Utilizes understanding of attack signatures, tactics, techniques and procedures associated with advanced threats.

Confidential, Alexandria, VA

Information Assurance Specialist

Responsibilities:

• Monitors all vulnerability and remediation server’s health, uptime, and patched using VMware vSphere 5.5.
• Analyzes Confidential reported dashboard data and update all .DAT files and ensure weekly scan data is accurate.
• Responsible for the implementation of and adherence to DoD security policy for Army Information Technology Agency (ITA) systems.

Confidential, Mclean, VA

Information Assurance Specialist

Responsibilities:

• Conduct vulnerability assessments for supported contracts.
• Assess the weekly Information Assurance Vulnerability alerts (IAVA) and bulletins released from Cyber Command.
• Determine the applicability to the systems housed within contract enclaves.
• Research applicability of IAVM findings through Vulnerability Management System (VMS).
• Research and addresses findings from vulnerability scans. Aided with test/production sites for security issues and hardening of their systems
• Address findings found during the Field Security Operations (FSO) reviews. Perform Compliance review of Change Requests (CRs).
• Review and addresses findings released in Red Hat Security Advisory (RHSA) that are not addressed through vulnerability management .

Confidential, Fort Meade, MD

Network Management Technician

Responsibilities:

• Supervise automated information systems, and network management. Monitor and make recommendations on all technical communications and information operations.
• Plan and coordinates across multiple levels for information systems upgrade, replacement, elimination, and integration.
• Plan, integrates, deploy, and monitor information systems to monitor Assured Compliance Assessment Solution (ACAS), Host Based Security Solution ( Confidential ), Continuous Monitoring Risk Scoring (CMRS) and Risk Management Framework.
• Serve as the Senior Subject Matter Expert (SME) on Network Vulnerability Management and grant access to ACAS, Confidential, and Remedy systems.

Confidential. Quantico, VA

Cyber Information Assurance Analyst

Responsibilities:

• Create and manage exploit database for tracking of all vulnerabilities outside and inside the Common Vulnerabilities Exposures (CVE) database.
• Develop grading metrics for exploits and send out daily and monthly reporting for current environment threats. Monitor multiple antivirus and malware sites for proactive identification of cyber threats.
• Certified in Assured Compliance Assessment Solutions (ACAS) and assist Vulnerability team in the planning of this architecture deployment.
• Aided with E-eye Digital Retina scanning tool and worked with subordinate commands to achieve scans .

Confidential, Arlington, VA

Cyber Information Assurance Analyst

Responsibilities:

• Investigate Arc Sight tickets utilizing tools such as: Fidelis, Arc Sight Logger, Niksun, Web Sense, and the Wireless Intrusion Detection System (WIDS).
• Evaluate and run analysis on packets via Wire Shark identifying Malware and Malicious logic code, request IP address blocks via Intrusion Detection System (IDS) group.
• Identify Unauthorized Software, Person Identifiable Information (PII) activity, Cross Domain Violations (CDV), and Rogue Hosts.
• Coordinate hardware and software remediation efforts with Network Security teams.

Confidential, Crystal City, VA

IA Security Specialist

Responsibilities:

• Analyze Information Assurance Vulnerability Management (IAVM) unauthorized software and hardware scans and request removal via Information Management Officer (IMO).
• Investigate and monitor all Network Security Compliance incidents and prepare violation memorandums for Information Assurance Manager (IAM) signature.
• Prepare Standard of Operation (SOP), Policy and Procedures, Swim lanes, and Visio Diagrams for Confidential ’s department flow process.
• Monitor and track Confidential group performance via Crystal Reports, Remedy Ticket Database, and Microsoft Excel.