Qualifications and experience include:
- Foreign Language proficiency in Arabic, Chinese Japanese.
- 10 years experience Managing Security teams and Projects.
- 10 years professional services consulting in Information Security, architecture compliance
- 9 years of open source intelligence experience to include writing and supporting analytical products
- 5 years experience analyzing cyber threats, as a malware analyst, incident responder, and digital forensics investigator.
- Strong understanding of malware analysis, data recovery, information security assurance, network forensics, hacking techniques, and digital forensics experience.
- Strong research and analytical skills to be able to gather data from a variety of sources, and then creating a plan of action based on the intelligence.
- Experience Creating Cyber Security Incident reporting and threat and vulnerability findings within 4 hours of the Threat and Vulnerability Analysts for tracking and the deployment of proactive counter-measures.
- Expert ability to work in Unix, Linux and Windows environments.
- Over 5 years experience with Programming in Perl, TcL/Tk, Python, Java, Ruby, C C , and x86 and IA32 Assembly Language experience.
- Over 20 years experience in Network Engineering.
Senior Cyber Intelligence Analyst/ Program Manager
Responsible for synthesizing a common operating picture of hostile intrusion-related activity providing proactive, advanced warning of potential attacks creating processes and operating models for Digital Tradecraft Inc. and conducting data collection and analysis. Effectively communicate technical information to non-technical audiences and influencing others to comply with policies / conform to standards and best practices. Served as the Digital Tradecraft Inc.'s primary Cyber Intelligence Subject Matter Expert. Provided thought leadership for cyber intelligence operations by keeping abreast of adversary tactics, techniques and procedures, intelligence reporting and Digital Tradecraft, Inc. business strategy to enable the practical application of intelligence to information security. Responsible for staying in step with the cyber intelligence community to maintain/develop formal and informal sources of information and incorporate industry best practices where applicable. Collaborated with stakeholders to develop and maintain Priority Information Requirements PIRs that drive the cyber intelligence cycle in order to provide actionable threat indicators and value added assessments to stakeholders. Participated in industry task forces and working groups, where appropriate, to enhance knowledge of current and future threats to Digital Tradecraft, Inc. clients. Maintained and expanded subject matter expertise in the areas of cyber espionage, cybercrime and hacktivism. Monitored foreign and domestic websites and chat rooms for threat indicators to Investigate , analyzed and profile the structure and dynamics of a particular sector or group within the adversary community. Analyze and determine the intent, and operational and technical capabilities of threat actors. Identify new threat TTPs and signatures used by cyber threat actors. Reviewed, created and brief intelligence products, such as Malware family profiles, Threat group profiles. Investigated attacks and attack methodologies with recommended actions to mitigate risk from similar attacks. Participated with the broader security community through collaboration, papers, and presentations. Malware Analysts may be on-call for critical support situations. Coordinated resources during enterprise incident response efforts, driving incidents to timely and complete resolution. Employed advanced forensic tools and techniques for attack reconstruction, including dead system analysis and volatile data collection and analysis. Supported internal HR/Legal/Ethics investigations as forensic subject matter expert. Performed network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output as it pertains to the cyber security of communications networks. Reviewed threat data from various sources and developed custom signatures for Open Source IDS or other custom detection capabilities. Correlates actionable security events from various sources including Security Information Management System SIMS data and develops unique correlation techniques. Developed analytical products fusing enterprise and all-source intelligence. Conducted malware analysis of attacker tools providing indicators for enterprise defensive measures, and reverse engineer attacker encoding protocols. Interfaces with external entities including law enforcement organizations, intelligence community organizations and other government agencies such as the Department of Defense.
Information Assurance Project Manager/ Forensics Investigator
Provided systems analysis, requirements determination, cost-benefit and risk assessment, quality control, and human resource and program management in support of C A Information Assurance e-discovery and cyber forensic related projects. Analyzed and studied complex system requirements such as IPv4 to IPv6 transition efforts and other new and existing information systems on a large-scale basis. Translated advanced concepts into practical and effective solutions using structured techniques. Oversaw the planning, direction and coordination of work activity and training of technical staff. Provides Weekly Project Management Status and Technical Support In-Process Review IPR through the change proposal life cycle. Provided information flow models across functional domains and functional data models. Maintain an understanding of business processes and the implications of computer systems on these processes. Advise business leaders on impacts of new cyber security threats on the existing infrastructure. Established E-discovery and forensics procedures in the SOC security operations center Provided technical expertise regarding forensic analysis, Network Protocols, SQL Server, LDAP, remote access technologies, IDS, malware reverse engineering, Python, Ruby and Perl scripting, windows file formats, windows file attributes, file, network protocol analysis, penetration testing, vulnerability assessment, network forensics, and incident response. Configured Counter Act, and Fidelis applications as well as checkpoint IDS routers. Responsible for staffing and management of 5 IT security teams and 21 IT professionals in the operations of the mission critical IT security infrastructure. Provided technical leadership to SOC, C A, FISMA and Audits, Privacy, and Q A teams. Also oversaw Disaster Recovery and Business Continuity functions. Established, built and updated project plans, identified and managed project risk, ensured that the appropriate internal and external services where obtained to meet the objectives of the project in order to deliver the specified functionality of each team. Responsible for the planning and development of the information security strategy and the best practices in support of the information security architecture. Advised leadership on information security issues and preformed security risk assessments to ensure the integrity, confidentiality and availability of information. Collaborated with key holders and IT leaders to develop security and business continuance practices, governance standards, processes and metrics including assessing new products and methods, developing and implementing appropriate IT security.
Information Assurance Program Manager
Served as the a PM/Information System Security Officer directing the accomplishments of all functions involved in communicating the management mission of the Army National Guard /G6 NGB-AIS organization, encompassing difficult and diverse functions and issues that effected critical aspects of NGB-AIS major Change and Configuration management programs. Evaluated the security posture of systems, and made recommendations to the System Owner, Certifying Authority and the Approving Authorities. Provided technical vulnerability assessment of Systems, using DIACAP using both automated vulnerability assessment tools Code Green Networks TrueDLP.,Gold Disk, eRetina, Nessus, NMap, AppDetective, WebInspect as well as manual testing scripts. Support the development and maintenance of all documentation required for C A based on the DoD Information Assurance Certification and Accreditation Process DIACAP . Developed and maintained all documentation necessary to ensure that all capabilities delivered under this contract met all requirements for Certification Accreditation C A in accordance with applicable DoD and DISA Policy and Procedures Provided leadership in coordinating the reporting of strategies which were used in planning and developing major agency management planning and evaluation. Designed and conducted a wide variety of comprehensive studies and detailed analyses of complex functions and processes related to long-range planning. Identified and proposed solutions to management problems. Performed risk, vulnerability and impact assessments. Evaluated and recommended frameworks for Info Security practice. Prepared recommendations which impacted the way in which planning was carried out. Wrote, and edited a variety of reports about all aspects of assigned program areas with a view to increasing inter agency understanding and support of agency policy, programs and activities.
Primary responsibilities revolved around the design, configuration, implementation, in building out DR plans and Business Continuity Plans of the IT infrastructure and all security analysis and Project Management including maintaining project plans identifying deliverables, assigning tasks, meeting company and client objectives, management of several client business units including the management of full-lifecycle IT services, focused on all aspects of Information Technology,. Other Duties and Responsibilities included managing a Change Management, Program Management and Business Transformation initiative, including management of P L, client satisfaction, IT Disaster Recovery and Personnel Management, Designed, developed and tested an effective disaster recovery plan for the BDC.
Responsible for the design, implementation, security, and ongoing maintenance of clients IP backbone in a Telco and Information Service Provider environment. Identified and evaluated new equipment solutions, configured web servers and cisco remote access vpn's, turned up new core routers, and maintained backbone and router port capacity in the core network. Additional responsibilities included working internally with a team to support the network operations staff in highly technical trouble isolation and resolution. Wrote and developed information systems security plans, performed configuration management and IS audits. Acted as a liaison between client, consultant, program management personnel and government customers, and responded to short-notice tasks and provided security engineering and integration services to internal and external customers. Configured and worked with encryption technology, penetration and vulnerability analysis of various security technologies, and conducted information technology security research.
Program Engineer / Project Manager
Provided all levels of management with high-end technology solutions related to corporate data communication network and email platforms including LAN, frame relay network, VPN and phone companies and email, voice mail, e-training and e-meeting applications. Identified and resolved communication IT security, hardware and software related failures and issues. Ensured network and business continuity throughout the implementation and management of redundant and disaster/recovery procedures and location. Analyzed, identified, and resolved data communication operational issues related to voice and data communication to ensure optimum performance and network capacity. Assist in the support of all server platforms that communicate through the network. Collaborated with managers in the development of new network design updates, and defined integration strategies for data and security applications. Sets direction for all long term data communication architecture. Studied vendor products to determine which best meet organization need assists in presentation of information to management resulting in purchase and installation of network equipment.