SUMMARY:

• Principal SOC Security Intrusion Analyst for Enterprise Level Network with proficiencies in Incident Response, ISSO/ISSM functions, Cyber Threat Intelligence, Cloud Migration, Trusted Internet Connection (TIC), Software Development Life Cycles, Cloud Monitoring and A&A
• Nine - year veteran of the Confidential, including seven years spent as a Cryptological Technician Networks (CTN) Non-Commissioned Officer. Possessed a combination of technical, managerial, and leadership skills across disciplines of Computer Network Operations (CNO)
• Cyber Security / Signals / Digital Network Exploitation Analyst with experience in real-time analysis across Information Assurance (IA) and Signals Intelligence (SIGINT). Demonstrated knowledge of TCP/IP fundamentals, OSI model, ICMP, NetBIOS and various routing protocols
• Qualified Confidential and SIGINT Instructor for the Joint Cyber Analysis Course (JCAC). Completed, vetted and taught the curriculum in a relative manner while working with other course modules: Networking, Active Exploitation and Computer Network Defense (CND)
• Targeting Analyst capable of building, developing and ushering Combatant Command Confidential and Strike Packages and the advanced development of deliberate and time-sensitive targeting efforts

SKILLS AND PROFICIENCIES:

TASKORDS, OPORDS, CONPLANS & USSIDS

IAVA, NSANET/JWICS, Executive-Level Briefs

MACAFEE Sensors, NETBIOS

WINDOW OS, WIRESHARK

DIGITAL GUARDIAN, CISCO IRONPORT

FIREEYE, FIREPOWER/SOURCEFIRE

HP SERVICE MANAGER, RSA

MITRE ATT&CK, OWASP

LINUX, CISCO and HUAWEI APPLIANCES

ARCSIGHT, SPLUNK, BLUECOAT

RIVERBED, NETVIZ / VIZIO

TREASUREMAP, PALANTIR

MIDB, CPE, ARCHER

STEALTHWATCH, F5

EXPERIENCE:

Confidential, Clarksburg, WV

Principal SOC Security Analyst

Responsibilities:

• Provides Cyber Threat Intelligence expertise in support of FBI Cyber, to include the quality control of threat intelligence, the deciphering of analytics into consumable intelligence and making sure the products adhere to the scope of FBI, while ensuring a data flow to the Intelligence Community
• Leads eight SOC Analysts in day-to-day 24/7 operations, SIEM management, TCP/IP, Incident Response, All-Source Intrusion Analysis, NetFlow and PCAP analysis, reporting and content development. Including training in SOC methodology and U.S. Government exercises
• Participates daily in AGILE functions and Assessment and Authorization (A&A) for the accreditation of systems and business functions of Windows, Linux and Cloud-based applications
• Integrates with Incident Responders and SIEM / IDS / monitoring content developers at FBI, DOJ, DHS US-CERT and DoD Components, to include chairing Analyst to Analyst exchanges weekly
• Instructed various SIGINT, Targeting and CND techniques in a high-paced, high-volume setting to multiple DoD students, while also providing an overview of the intelligence community and all counterparts and their roles pertaining to SIGINT
• Supervised the management and execution of intelligence, operations, targeting efforts, and the planning and preparation. as well as successful execution, of exercises of Cyber Combat Mission Forces in support of USCYBERCOM and USSOUTHCOM
• Stood up and was directly responsible for Cyber Combat Mission Team during which oversaw the validation and then conducted successful exercises and operations
• Demonstrated strong visual and oratory briefing skills while directing analysts and operators in accomplishing the objectives and mission and the global force
• Managed and accounted for all facets of operation and planning for the military components of a multi-service/multi-agency effort for Confidential exploitation and Confidential development while performing analysis of SIGINT to include traffic, network topologies and OSINT
• Collaborated with multiple NSA Confidential Offices of Primary Interest (TOPI) to create and clearly present day-to-day operations to the command’s senior leadership on the utilization of assets to fulfill prescribed national and presidential requirements
• Used enterprise and commercial tools proficiently to conduct network exploitation and Confidential development, while providing refinement on mission focus for Confidential organizations

Principal Security and Intrusion Analyst

Confidential

Responsibilities:

• Prepared trend and threat related briefs for DOJ and FBI entities nationwide, while integrating SOC analysis with the Cyber Division Intelligence group
• Receives and analyzes data from COTS IDS/IPS and firewalls while working with SIEM content developers on signature and detection effectiveness

Confidential

Instructor

Responsibilities:

• Covered the following topics: National Intelligence Effort, Intelligence Process, Joint Military Forces Unified Command Structure, Information Operations, National Security Agency, SIGINT Requirements Process/Development, Open Source Research, System Architecture, Encoding Methods, File Recognition, Recovering Files, and Reporting
• Performed the analysis of SIGINT, including traffic and networks, utilizing all aspects of DNI and DRN tradecraft including SIGINT Development, Collection Management, the building of Confidential Templates, and moving respective units from Title 50 to Title 10 Authorities, while consistently exhibiting SME ability in SIGINT, Human Intelligence (HUMINT), Open Source Intelligence (OSINT) and Imagery Intelligence (IMINT) analysis
• Compiled Executive level briefings and intelligence products utilizing OSINT and NSA Tools.
• Presenting a tactical and strategic message from which executive level decisions were made
• Fused intelligence from multiple disciplines, ASIA, Targeting Analysts, Collection Management, as well as industrial security professionals.
• Experience targeting networks or individuals within networks and identifying vulnerabilities for exploitation
• Facilitated targeting from Basic to Advanced stages while taking into account all necessary targeting tools and methodologies. Introduced a hybrid model and successfully bridged both the conventional targeting kinetic / non-kinetic Targeteers use, with extensive background knowledge and experience on DNI and DNR subsets

Confidential

Cyber Operations Watch / Cyber Threat Analyst

Responsibilities:

• Was responsible for analyzing threats by using various technologies including but not limited to: Intrusion Detection System (IDS) / Intrusion Prevention System (IPS) logs, firewall logs, antivirus logs, Security Incident and Event Management (SIEM)
• Coordinated Intelligence Domain situational awareness across Military and Intelligence commands. Responsible for creating and delivering Four-Star General / Flag Officer level briefings pertaining to cyber and provided an analytical assessment based upon the Intelligence Directorate’s recommendation and associated terminology
• Baseline school on network-centric operations and the training and skills to detect, protect, react and respond to threats against Navy networks while defending against external and internal threats through in-depth technical and non-technical methods

Basic Digital Network Analyst

Confidential

Responsibilities:

• Upper Level Course on: monitoring, identifying, collecting and analyzing information, providing computer network risk mitigation, vulnerability assessments and incident response/reconstruction, and conducting computer network operations in support of Navy and DoD
• Digital Network Intelligence classroom instruction and workshop on an overview of the modern Confidential exploitation, providing an understanding of the entire process and associated terminology