SUMMARY:

• Currently serving as a Cyber Security Analyst Shift Lead for SAIC/CWS at the United States CENTRAL COMMAND, MacDill AFB in the proactive defense and incident management with the Department of Defense.
• Highly motivated and has a great, can do attitude with multiple industry certifications and 20+ years of Information Technology Experience; including Cyber Security, Network Security, Information Assurance, Digital Forensic/eDiscovery, SCADA Security Architect, Network Administrator, Systems Administrator, Help Desk Consultant, PC Technician, Virtualization and Cloud technologies.

TECHNICAL SKILLS:

Programming|Scripts: knowledge - C, C++, Java, Bash Shell, Python, JavaScript

Operating Systems: Windows, Linux, Unix, OSX IOS

Virtualization: VMware, Hyper-V, Citrix, Virtualbox

Security Mechanism: ArcSight, Bluecoat, HBSS, Palo Alto, Nessus, Retina, SCAP, STIGs, VMS, ACAS, Checkpoint,Cisco ASA, NMAP, Kali Linux, SAINT, Metasploit, Core Impact, Google Hack, enCASE, enCase eDiscovery, Internet Evidence Finder (IEF), ProofPoint Threat Intelligence

Networking: TCP/IP, VPN, LAN/WAN, Firewalls, Switches, Routers, Wifi

Backup Utilities: Backup Exec, Veritas, Windows Backup, Acronis, Symantec

PROFESSIONAL EXPERIENCE:

Confidential

Responsibilities:

• Lead Computer Network Defense Analysts.
• Conduct 24x7 real-time threat analysis for United States Central Command (US CENTCOM) Headquarters and AOR NETOPS through multiple situational awareness and management tools.
• Maintains IA-CND sensor grid situational awareness from Tier 0 to Tier 2; reports and responds to sensor grid outages and/or anomalies; directs network surveillance resources.
• Tracks and reports performance capability metrics.
• Provides event categorization by analyzing incoming data flow from security devices and searching data for indications of anomalous/malicious events.
• Leads/conducts theater collaboration for IA-CND trouble ticket management.
• Reviews IA-CND Current Operations trends to identify anomalies for further investigation.
• Reviews current intelligence for relevant threats and develops appropriate actions/response.
• Distributes current IA-CND intelligence information to the USCENTCOM Components.
• Integrates IA-CND current operations activities with IA-CND Intelligence activities in support of intelligence operations synchronization.
• Tracks IAVM/CTO/WARNORD compliance.
• Integrates IA-CND current operations activities with other USCENTCOM AOR NETOPS Centers.
• Reviews security threats and determines/implements effective countermeasures IAW established policies/regulations/directives.
• Analyzes network or system changes/reconfigurations for security impacts; performs risk analysis/assessment.
• Review and update Cyber Security tactics, techniques and procedures (TTPs) and Standard Operation Procedures (SOP).

Network Security Analyst

Responsibilities:

• Responsible for security monitoring and incident response activities for organization enterprise environment including users, computer systems, and medical devices.
• Regularly conduct proactive hunting for security incidents based on threat intelligence, current adversary and environmental baselining to identify potential compromised assets.
• Utilize ArcSight Security Incident Manager, ArcSight Logger, Proofpoint Threat Intelligence, Palo Alto Firewall, Bluecoat proxy, Virustotals, Wireshark, Riverbed to review, triage and correlated suspicious network activities and malware.
• Analyze network traffic to determine if security alerts are true positive or false positive and perform research on malware through best practices such as Proofpoint Threat Intelligent to track possible root and cause.
• Researched, procured and implemented various best of breed network security tools to ensure organization can defend itself against APTs, malware, phishing, threat against our intellectual property and PHI.
• Served as a key technical member of the Network Security and Digital Forensic Analyst team assisted in implementation and maintenance of Information Security and forensic related to activities required to safeguard the Company’s information and asset.
• Performed computer digital forensic examinations of electronic media containing potential evidence or other significant data, utilizing forensics best practices and industry standard and approved tools (Encase Enterprise, Encase Endpoint Investigator, Encase eDiscovery, Encase Toolkit and Internet Evidence Finder (IEF) to conduct data carving, file signature, hash analysis, system registry, internet history analysis, and keyword searches.
• Responded to investigative and eDiscovery requests from Human Resource (HR), Legal, and Compliance, related to insider threats that occur in an enterprise environment.
• Consulted and assisted in ongoing eDiscovery efforts in evidence collection and preservation for custodians placed on legal hold.
• Stood up digital forensics lab to perform data capture and data analysis, drafted and implemented standard operating procedures and digital forensics evidence handling best practices and procedures.
• Performed data capture, imaging hard disk drives, laptops and desktops, utilizing forensics best practices and procedures, capturing images of user shares and workgroup files and folders from the network, utilizing enCase Enterprise (v7), enCase Endpoint Investigator and Toolkit (Tableau Imager/Writeblocker).
• Created digital forensics training manuals, procedures and educating internal and external clients such as Human Resource, Compliance and Legal teams.

Sr. Cyber Security Analyst

Responsibilities:

• Certified that Code Reviews of custom developed applications using the current approved static code analysis and penetration test tools should be conducted to identify security vulnerabilities, coding, and design flaws within the applications and systems.
• Ensured that a penetration test and full application assessment must be performed that includes automated and manual assessment tools and techniques on Internet Facing and/or High Impact applications.
• Ensured Critical and High vulnerabilities mitigated or had a documented mitigation plan.
• Developed and updated Standard Operating Procedures (SOP) and related documentation for clients. Examples: System Security Plan (SSP), Operational Acceptance Plan (OAP), Accreditation Requirement Guide. Risk Assessment (RA) Business Impact Assessments (BIA), Computer Incident Response Team (CIRT) SOPs.
• Performed tests and assessments on system and/or telecommunications networks to ensure the security configuration and operation is as described in security policy plans.

Sr. Computer Systems Security Analyst

Responsibilities:

• Led team in the analysis of various Information Assurance Vulnerability Alerts (IAVA) notices and managed the process to meet the 21-day deadline for IAVAs at the Joint Staff.
• Analyzed the results from DISA-approved security tools and provided SME-recommendations based on vulnerability scan results. Considered the asset’s functional environment and business impacts it could have for Joint Staff J6-Pentagon and the warfighters.
• Conducted Security Risk Assessment on all new applications, IT Systems or changes to existing IT Systems and devices to verify if they satisfy established security baseline before adoption into Joint Staff J6 enterprise enclave.
• Performed Retina and Nessus Scans for all the Pentagon Joint Chiefs of Staff J6 enclaves.
• Helped establish secure baseline Windows 7 and Windows Server 2008 R2 images at the Joint Staff when there was no existing secure baseline images setup previously.
• Created efficient and repeatable software security testing process using VMware virtual lab environment and Retina Network Security Scanner
• Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) Expert, used the DoD Vulnerability Management System (VMS) to report compliance of systems and baseline images, and worked on transitioning the Joint Staff to using Assured Compliance Assessment Solution (ACAS) and Security Content Automation Protocol (SCAP)-NIST.
• Performed hands-on monitoring of network traffic for user violations of acceptable use policy and potential insider and outsider threats.
• Mentored junior, intermediate and senior members of the IA staff in the evaluation, assessment and understanding the security requirements of all associated DISA IA supported programs (i.e., POA&Ms, STIGs, and overall C&A processes).

Software Engineer

Responsibilities:

• Contractor for the Tactical Local Area Network (TACLAN), U.S. Special Operations Command (USSOCOM), Cooperative Engagement Capability (CEC), U.S Navy, Department of Defense (DOD), Government of Saudi Arabia Ministry Department (Project K), Purple and Enterprise Campaign proposals.
• Analyzed the results from DISA approved security tools and provided recommendations based on vulnerability assessment scan results.
• Performed vulnerability assessment and penetration tests on internal systems and external network with the use of popular penetration tools (Core Impact, Metasploit, Wireshark, Retina, NetCat, and NMAP).
• Provided SME input to programs IA process improvement, including construction of new process and policy documentation, creation of IA artifact definition and criteria, and assessment of IA requirements with regards to DIACAP compliance.
• Integrated TACLAN’s environment within a virtualized systems using VMware’s ESX Server and Virtual Center Client.
• Performed extensive software testing: Unit, Installation, Integration, Regression, Acceptance and vulnerability testing against classified and unclassified systems to ensure FISMA and DITSCAP compliance.
• Responsible conducting researches, documents, lecturing/presentation, cyber vulnerability assessments and Penetration Testing against SCADA systems.
• Performed datacenter critical infrastructure integration and hardening to ensure operational redundancy and security of HVAC/UPS systems, severs, network devices and other technology components.
• Part of the Raytheon NCS Enterprise Campaign team, whose goal was to combat advancing cyber threats against critical infrastructure/SCADA systems.
• Taught Raytheon Cyber STEMS program (ComptTia A+, Network+, and Security+ certifications) at Pinellas County Science Center.

Sr. Systems Administrator

Responsibilities:

• Setup, configured, and administered backup servers for daily and weekly backup of file and database servers including MS Exchange E-Mail and MS SQL database servers with Veritas.
• Created and deleted e-mail accounts, configured and administered e-mail servers, and performed Postmaster duties for message broadcast including priority and emergency message.
• Created, disabled, deleted, and administered user accounts in MS Windows server 2003 and Citrix environment, enforced access rights permission to all groups of users and password policies including audit of policies.
• Produced documentation for Standard Operating Procedures (SOPs) of systems and configurations, policy and procedures for hardware and software installation, E-mail, Disaster and Recovery Plans and Continuity of operation Plan.
• Performed installations, configurations, upgraded, and support for systems and users on Windows OS, Windows Servers, and Mac OS.
• Upgraded, troubleshoot and fixed Laptops, desktops, printers, faxes/copy machines, and wireless devices.
• Provided technical support of corporate LAN/WAN environment as well as escalated technical support issues.
• Monitored network and servers with SolarWinds and helped address any issues that arose.
• Set up and performed antivirus and malware scanning with McAfee and Norton software for end-users.