SUMMARY:

• I am a highly skilled cyber security analyst with more than 16 years of combined experience in, computer forensics, cyber security and intelligence, information security and management, malware analyst, incident response and network engineering. My experience includes 16 years of law enforcement, investigations and intelligence positions. As well as being a very collaborative team member that smiles a lot, with a strong passion for technology.
• DOD Clearance - Top Secret Certified Information Security Systems Professional (CISSP) Incident Response Malware Analysis Computer and Network investigations and Forensics Law Enforcement GIAC Certified Incident Handler (GCIH) in progress.

TECHNICAL SKILLS:

Networking: TCP/IP LAN WAN NOC Wireless 802.11a/b/g Frame Relay DHCP PGP x.509v3 TACACS+ SSL PROXY RADIUS DES WINS DNS Internet Intranet VPN

Software/Databases: Encase Encase Enterprise Forensic Tool Kit PRTK FTK Imager

Winhex X: Ways Forensics F-Response Helix REMnux SANS Investigative Forensic Toolkit (SIFT) Volatility ArcSight (ESM) SEIM and Logger Carbon Black Wireshark Network Miner NetWitness RSA Security Analytics NetFlow Metasploit Rapid 7 Nmap KALI Splunk ArcSight HP Open View HP Service Desk SQL MySQL

Scripting: Python and Bash

Operating Systems: MS Windows Servers 2000/2003 Windows 7/Vista/XP Linux

PROFESSIONAL EXPERIENCE:

Confidential, Beltsville, MD

Senior Incident Response Analyst

Responsibilities:

• Lead and mentor team member in incident triage and investigations, to include determining urgency, and potential impact; identifying the specific vulnerability; and making recommendations that enable expeditious remediation.
• Receive and analyze network alerts from various sources within the enterprise and investigate possible causes of such alerts, and track and document computer network defense (CND) incidents from initial detection through final resolution. Perform "deep dive" analysis and correlation of log data from multiple sources.
• Serve as liaison to CIRT, IRM Enterprise Engineers and DoS watch-officers..

Confidential, Alpharetta, GA

Senior Cyber Security Analyst

Responsibilities:

• Assisted in the development and growth of the E*Trade Security Operations Team. Supporting the creation, documentation, and implementation of security events policies, procedures and practices.
• Provided an assessment of current network security risks, network monitoring applications and tools. Submitted written evaluations and recommendations.
• Performed senior-level data analytics by seeking, identifying and confirming cyber threats, email phishing campaigns, risks and vulnerabilities to the network environment. Implemented remediation when possible and worked with other Network teams. Analyzed packet captures (pcap), IDS/IPS alerts, various network logs, ArcSight (SIEM) events, email headers (raw source), malicious files, scripts and netflow and recommend remediation steps.
• Team Lead; managing tasks and projects, supporting and mentoring analysts on career paths, network security events analysis, new techniques and information sources.

Confidential, Beltsville, MD

Senior Cyber Security Analyst

Responsibilities:

• Conducted reverse, static and dynamic malware analysis. Respond to network and computer incidents, email phishing campaigns, network and host based events; conducted in-depth analysis of packet captures (pcap), IDS/IPS alerts, various network logs, email headers (raw source), malicious files and scripts and netflow.
• Identified and research new cyber security technologies, created test-beds in a replicated environment, document findings, metrics and conclusions.
• Provided detailed documentation of findings, conclusions and recommend remediation steps.
• Identified and recommended process creation and improvements.
• Supported and Mentored analysts on career paths, new techniques and information sources.
• Supported ongoing incidents from non-CIRT organizations related to computer security when requested.
• Identify advanced techniques and coordinate to improve analysis capability.

Confidential, Linthicum, MD

Sr. Cyber Forensic Analyst

Responsibilities:

• Development of advanced computer, network forensic, incident response, malware analysis and software challenges for the Confidential Challenge 2012 and 2013, which is a worldwide forensic contest.
• Created, managed and developed the highly acclaimed Cyber Crime Case Challenge (C4) a six phase hands-on and interactive cybercrime case investigation challenge. ***See a review of the Confidential Cyber Crime Case Challenge (C4) at the 1st Annual Maryland Digital Forensics Investigation Conference and Challenge

Confidential, Arlington, VA

Senior Incident Cyber Forensic Consultant

Responsibilities:

• Conducted incident response and computer forensics on computers, laptops, servers and mobile devises
• Triaged and behavioral (static and dynamic) analysis of malware and malicious code extracted from compromised computers, servers, laptops, email attachments, PCAP data or downloaded from malicious websites. Worked and collaborated with CIRT teams of all branches of the armed forces.
• Provided incident response Tier III services to the Pentagon and US Army networks; served as tier one( I ) provider to Marines, Air Force and Navy networks.
• Documented malware and incident analysis of findings, conclusions and recommendations to mitigate risks
• Authored and refined e-Discovery, computer forensic and incident response standard operating procedures and processes. Provided Cyber/Technology Security solutions, development, implementation and analysis, and mentored junior level forensic and IT security analysts.
• Worked with The Office of the Army General Counsel to develop and refine Freedom of Information Act (FOIA) data request. Collaborated with JAGS in planning strategic procedures in differing e-Discovery data collections.
• Conducted forensically sound e-Discovery collections.

Confidential, Linthicum, MD

Computer Incident Responder Instructor

Responsibilities:

• I provided instruction to students on conducting forensically sound computer and network incident response and investigations. Designed and developed Computer and Network Incident Response Course (CIRC) curriculum and programs, both on - site and on-line, for counterintelligence and law enforcement agents and analysts.
• Researched and developed technical and user manuals to support . Worked with technical subject matter experts, computer incident response agents and analysts to ensure that material is accurate and reflects current best practices.

Confidential

Senior Computer Forensic and Media Exploitation Analyst

Responsibilities:

• Followed ARMY DOMEX SOPs as minimum guidelines for computer forensics investigations.Identified loose media files and digital media files of interest that has intelligence value for local brigades. Upload files into National Harmony database.

Confidential, New York, NY

Assistant Director, Data Collection and Forensics

Responsibilities:

• Managed a team of five (5) computer forensic technicians and incident responders. Managed the day to day forensic and incident assignments, computer incident response calls and daily forensic investigation tasks. Peer reviewed investigative findings and reports, directed investigations and computer incident responses.
• Supervised forensic and network intrusions analysis and tests. Led large, multi-phased engagements that included oversight of both internal and external team members. Created, policies and Standard Operating Procedures (SOP) documentation.
• Collaborated with attorneys, principles and clients to strategically model the forensic focus and goals. Analyzed clients’ issues and develop distinctive successful solutions.
• Efficiently allocated personnel tasks and resources to effectively reduce overtime by 65%, saving approximately $67K annually.
• Implemented Standard Operating Procedures that increased productivity by 35%.

Confidential

Sr. Forensic Technician

Responsibilities:

• Ensured evidence collection methods were conducted, managed, and archived properly to maintain preservation and protection of data and evidence.
• Maintained active communication with clients to manage expectations, ensure satisfaction, make sure deadlines were met, and led change efforts effectively.

Confidential, New York, NY

Forensic Consultant

Responsibilities:

• Performed thorough forensically sound examinations of emails, file meta data, allocated and unallocated disk space, INFO2 records, link files and internet history. Recovered deleted files and graphics while following proper evidence custody and control procedures.

Confidential, New York, NY

Network Engineer Consultant

Responsibilities:

• Contracted by Confidential to fulfill a contract with Young and Rubicam, a global advertising firm.
• Wintel Global Network Operation Center group; provided level III support to network and systems administrators throughout the world.

Confidential, New York, NY

Network Engineer Consultant

Responsibilities:

• Assigned temporarily to Banco Popular Dominicano to manage and implement Symantec LiveStart Recovery and LiveState Patch Management.

Confidential, New York, NY

Network Engineer Consultant

Responsibilities:

• Contracted by Confidential to complete a 2 month assignment at Pfizer’s Global Network Services. Provided support to senior engineers investigating and resolving issues with global WAN routers and switches.

Confidential, New York, NY

LAN Administrator Consultant

Responsibilities:

• Sub-Contracted to an open ended consultancy position at Tyco Internationals' New York executive office. Managed and administrated all network and communication device International corporate headquarters.