SUMMARY

• 10 years in overall IT and 6 years in Cyber Security served with several government agencies, medical industries, and public sector performing incident handling/response, malware detection, intelligence analysis, network analysis, vulnerability scanning, engineering, and system administration, some of which while maintaining a leadership role.

TECHNICAL SKILLS

Security Tools: ArcSight ESM 5.2 SP2, ArcSight Logger, Splunk, DShell, SourceFire, IDS, IPS, ProofPoint, IronPort, NetScout, Nitro, HBSS, Silk, Cuckoo Sandbox, Anubis Sandbox, Snort, Dragon, Mandiant MIR, BigFix, Iron Port, Sentry, Blue Coat, Symantec IPS/AV, McAfee ePO, Out - of-Band VM, FireEye, Wireshark, Putty, WinSCP, Network Miner, Trip Wire, Malzilla, File Insight, Regshot, PDFID.py, TrueCrypt, BackTrack Kali Linux, metasploit

Software Experience: ACAS, SecurityCenter 5.0, ArcSight Logger 5.0, VM-Ware, Symantec Ghost, FoxIT Reader, Adobe Acrobat, Microsoft Office Suite 2003/2007, SQL Navigator, Cisco Connect (PKI)

Hardware Experience: Cisco Switches (2950C Series), ASA Routers, HP DeskJet Printers, Lenovo Printers, HP/Lenovo/Toshiba/Dell Laptops & Tablets, PKI (SecurID), Cisco Connect (PKI)

Databases: SQL, Sharepoint

Operating Systems: Windows 2000 Pro, Windows 2003, XP, Vista, Windows 7, MAC OSX, Fedora, RedHat, CentOS, Ubuntu, MAC

Call Center and Help Desk: Remedy(web based and software based), Track-It

Office Productivity Tools: Microsoft Office Suite 2003/2007/2010 - Heavy use on Power Point and Excel, Adobe Acrobat, Corda Builder

AREAS OF EXPERTISE

Responsibilities:

Excellent Network Intrusion Analysis experience to include pcap analysis with various tools, large-scale netflow analysis, log analysis, intermediate bash scripting, data ingestion, ArcSight ESM/Logger, Splunk Experience with public speaking achieved through presentations to 20-60 individuals and collaborative meetings with multiple government organization groups Able to produce technical writing as it applies to Advanced Persistent Threat (APT) groups Strong ability to work independently as well as with others Good eye for detail; ability to maintain focus during extended and in-depth analysis Effective researching and troubleshooting skills

PROFESSIONAL EXPERIENCE

Confidential, Alexandria, VA

Sr. Cyber Security Analyst

Responsibilities:

Perform analysis entailing pcaps, netflow, DNS, Proofpoint (email), SourceFire, Firewall logs, Nitro, BlueCoat, McAfee ePO, HBSS. Responsible for incident response and all cyber related investigations for the Coast Guard. Work closely with confidential.

Confidential, Washington D.C.

Sr. Cyber Security Analyst / Vulnerability Tester

Responsibilities:

Performed network wide vulnerability assessment utilizing Kali Linux, Foundstone, Nessus / SecurityCenter 5.0. Responsible for configuring SecurityCenter and strategic deployment of Kali Linux & Nessus scanners across enterprise. Provided executive presentations to CISO & CIO weekly on state of network vulnerabilities / patch efforts. Worked closely with patch management team. Incident response duties entailed use of SourceFire, FireEye, Fidelis, Splunk, and raw logs from varieties of sources to include web servers, DC’s, and databases.

Confidential, Washington D.C.

Sr. Cyber Security Analyst

Responsibilities:

Responsibilities include Incident response on network intrusions utilizing confidential and Linux syslog containing various sources of logs. Performed “deep dive” analysis; monitored hundreds of public facing assets; coordinated discovery/mitigation efforts with off-site entities within the organization for internal incidents. Monitored for spear phishing, web attacks, intrusions, insider threats, and performed intermediate vulnerability assessments.

Confidential, Linthicum, MD

Technical Cyber Intel Lead

Responsibilities:

As a DC3 contractor, I participated in weekly leadership meetings with team leads, government leads, and managers; Also attended “meet and greets” with various organizations to share capabilities and pursue future/ongoing collaboration. Day to day consists of network analysis of netflow, raw pcap, and other sources of data; maintained bash/python scripts to easily process data; compiled multiple sources of information to create analysis production; maintained up to date APT information. Demonstrated collaboration with multiple government community partners/individuals

Confidential, Washington D.C.

Cyber Intrusion Analyst

Responsibilities:

Served as lead for the Classified and Unclassified networks in a 24/7 SOC (Security Operations Center) environment. Network Analysis consists of traffic deriving from approximately 50,000 users, reviewing logs from various security systems. Duties included analyzing traffic, discovering anomalous behavior, confirmed infections, spear phishing, and suspicious external activity. Other duties include Incident Handling with various types of spills, leaks, infections, etc. Extensive use of ArcSight Console 5.2 SP2; used many resources within the ESM to include building dashboards/data monitors, rules, filters, active/session lists. Selected for ArcSight content development project; created dashboards to show escalation in privileges, anomalous use of protocols, and proxy log trends; created rules/filters off of raw data and intelligence. Also developed and edited SourceFire rules.

Confidential, Springfield, VA

IT Security Analyst

Responsibilities:

24x7x365 Security Analyst Support provided to confidential. Performed extensive malware analysis, via out of band, separate DSL line. Used various tools to analyze many types of files, analyze the behavior of malware, the callbacks malware made, the actions malware performed. Analyzed malware for a baseline of infection, discovering whether the malware is deleting, changing, adding, or looking for specific vulnerabilities. Provided support in updating/maintaining documentation such as SOP’s for the SOC.

Confidential, Chesapeake, VA

IT Specialist

Responsibilities:

Provide daily support to all Coast Guard financial systems users. Completed job tasks utilizing financial web-based application tools, user administration privileged accounts, SQL Navigator 5.5. Involved in weekly team meetings to discuss ongoing and future projects, and upcoming policies for the Coast Guard, set forth by DHS.

Confidential, Chesapeake, VA

IT Help Desk Support

Responsibilities:

Provide direct support to sales persons in pharmaceutical companies, utilizing issued equipment including: tablets, printers, Linksys routers, docking stations, PKI tokens (SecurID). Provide support with software issues, Microsoft Office 2007, hardware, blackberry, network connectivity, home router configurations, email (POP3/SMTP), VPN Client, and also PKI token.

Confidential, Newport News, VA

IT Help Desk Analyst

Responsibilities:

Support provided in call center environment, working with multi tiered IT team, which included having weekly meetings with IT Manager for collaboration on existing and upcoming projects Performed research, testing, and documentation projects for senior IT staff members. Developed technical knowledge base articles for training purposes. Desktop security related support to include installation, configuration and optimization of Anti-Virus software, spyware removal tools, security patch maintenance, TCP/IP filtering, and spam filter plug-ins.

Confidential, Hampton, VA

Information Technology - Internship

Responsibilities:

Support for multiple users, working remotely, assisting with issues to include, email, MS office products, Adobe, client AV, network connectivity. Also installed patches & upgrades for Windows 2003 servers.