Experienced Cyber Intrusion Detection and Remediation Specialist, Threat Hunter, and Red Team member, committed to maintaining cutting edge technical skills and up-to-date industry knowledge while seeking a challenging and rewarding position within CIRT or as a professional penetration tester. Motivated to utilize experience preventing, investigating, and remediating security incidents and experience in hacker techniques to help identify and mitigate cyber-attacks in all phases of the cyber kill chain.
State of California Governors Superior Accomplishment Award
(2) Air Force Commendation Medals
Invited to attend the Western Regional Cyber Camp hosted by US Cyber Challenge - a Center for Internet Security program
Cyber Intrusion Detection and Response Specialist, 03/2016 to Current State of California: Franchise Tax Board – Sacramento, California
Monitor and manage critical SOC technologies including but not limited to: intrusion detection and protection devices, host based protection technologies, 0-day and APT technologies (sandboxing, behavioral monitoring, etc.), packet capture and meta data analytic systems, DLP technologies, email hygiene systems, etc.
Conduct red vs. blue exercises to increase training and awareness. Custom built malware and attack infrastructure to perform penetration test. Performed internal penetration tests to discover vulnerabilities and gaps in security infrastructure or processes.
Experience utilizing an enterprise centralized log/event correlation solution for security investigations and auditing employee behavior (Splunk & RSA Security Analytics).
Utilizing open source security intelligence during security events (Virustotal, ISC, exc)
Utilizing full packet capture to re-create a security event, identify IoC, and write custom IDS/IPS (SNORT) rules.
Investigate and remediate cyber attacks including DDoS, phishing, and malware infections.
Established a threat hunting program to detect unidentified compromises.
Lead security operations and network professionals during real world cyber attacks through each incident response phase remediation and mitigation.
Security Operations Specialist, 02/2015 to 03/2016 State of California: Department of Veterans Affairs – Sacramento, California
Performed detection, analysis, research, and data gathering for security events.
Provides technical expertise for the ISO.
Monitored and administered F5, RSA Security Analytics, Nexpose Vulnerability Management, SCCM, Dell Data Protection Encryption, and Palo Alto firewall to identify malicious activity.
Compiled weekly, monthly, and quarterly reports for senior management.
Performed adhoc and scheduled employee phishing using Knowbe4 phishing product.
Provided forensic evidence for Legal investigations.
SME for Wi-Fi security implementation
Security Operations Specialist, 09/2013 to 01/2015 State of California: Health Benefits Exchange – Sacramento, California
Provided detection, analysis, research, and data gathering for security events. Provided technical response for Information Security Team.
Monitor security systems to ensure that all equipment is operative, troubleshoot system issues and report all malfunctions.
Compile weekly, monthly, and quarterly reports for senior management.
Provide support for information security requests to enable business operations; i.e. security policy clarification and exception requests, software requests, system account requests, Access Control List (ACL) requests; and general security questions submitted by HBEX/CC internal teams.
Provided support to security operations, incident response and vulnerability management campaigns.
Worked in close collaboration with Information Security Leads, Management, and other state agency Information Security teams to respond appropriately to external and internal threats.
Performed analysis of business needs and possible improvements of Information Security impacts or considerations and reports recommendations to Information Security Officer.
Created and reviewed documentation and process regarding recurring issues, new standard operating procedures, knowledge transfer material, etc.
Bachelor of Science: Information Systems Security, Current American Military University - 111 W. Congress Street, Charles Town, WV 25414
Placed on Deans list
Course work includes educational theory with the technical
skills required to meet information security needs across the enterprise with
specific courses focusing on information assurance, information security,
network design and engineering, business continuity, and more.
Associate of Science: Avionics Technology & Communications Technology, 2010 Community College of the Air Force -