Cyber Threat Intelligence and Analyst
​
Cybersecurity Professional and Information Security Manager with over 20 years’ experience in network and systems security, penetration testing, compliance and vulnerability assessments, risk management, auditing, and policy review. Extensive background in the management of Information Systems Security and Systems Accreditation across a DoD client base. Demonstrated ability to deliver under pressure and produce desired results as Technical Team Lead, Penetration Tester, Incident Responder, or SOC Analyst. Army Veteran noted for exceptional communication and people skills, leadership, integrity, and drive. Certifications include CompTIA Cybersecurity Analyst (CYSA+), Security+, Network+, and A+ as well as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH) and GIAC Security Essentials (GSEC), Incident Handler (GCIH), Intrusion Analyst (GCIA), Continuous Monitoring (GMON), Penetration Tester (GPEN), Forensic Analyst (GCFA), Enterprise Defender (GCED), Windows System Administrator (GCWN) and System and Network Auditor (GSNA). Master of Science in Information Assurance with Bachelor of Science in Computer Networking.
Signature Strengths & Competencies
​
Strength Category​ Strength Category​ Strength Category​
Cyber Insider Threat Windows, Linux & Kali OS Executive & Client Facing
Open-Source Intelligence Digital Forensics & Incident Response Coaching & Mentoring
Cyber Threat Intelligence CIS Benchmarks Technical problem solving
Threat Detection & Hunting MITRE ATT&CK​​​ Collaborating​
​​
Professional Experience
​
Valiant Solutions, Inc – Washington, DC | 02/2024 to Present
Cyber Threat Analyst
Provide essential cyber security and threat intelligence services, identifying and analyzing threats to personnel, information, and systems. This includes delivering timely intelligence to mitigate cyber threats and supporting the Cyber Insider Threat Program. Produce intelligence bulletins, alerts, and briefings, ensuring accuracy and adherence to standards. Collaborate with analysts and engineers, acquiring subject knowledge and coordinating projects. My expertise includes understanding Cyber Threat Tactics, Techniques, and Procedures (TTPs), performing Threat Assessments, and processing incident indicators for analysis. Investigate network and host detection systems and develop core threat intelligence capabilities.
-
Researches, analyzes, and writes documents such as cybersecurity intelligence bulletins, alerts, and briefings for all levels of stakeholders from Tier 1-3 SOC, security engineering, and executives.
-
Research topics and collaborate with stakeholders to understand communication product requirements; analyze business problems and help prescribe communication solutions.
-
Deep understanding of Cyber Threat TTPs, Threat Hunt, and the application of the MITRE ATT&CK Framework.
-
Perform Cyber Threat Assessment and Remediation Analysis.
-
Processing, organizing, and analyzing incident indicators retrieved from the client environment and correlating said indicators to various intelligence data.
-
Assisting in the coordination with internal teams as well as in the creation of engagement deliverables for a multitude of activities, including but not limited to Insider Threat, Rule of Engagement (ROE), Threat Hunting, After Action Reports, and other artifacts to support testing, monitoring, and protecting the enterprise.
-
Investigate network and host detection and monitoring systems to advise engagement processes.
​
Polito, Inc – Woodbridge, VA | 06/2021 to 02/2024
Senior Cybersecurity Consultant
Conducts and supports cybersecurity assessments consisting of vulnerability assessments and penetration testing, social engineering, wireless networks, network security monitoring, log analysis, threat hunting, digital forensics, incident response, cyber threat intelligence, indicators of compromise analysis, security architecture and configuration review, standard operation procedures and playbook review and creation, open-source intelligence investigations, table top exercises, and other key cybersecurity services for clients in diverse industries. Duties include scoping client requirements, discussing statements of work and rules of engagement, conducting kick-off calls, providing status updates, managing and leading team efforts, producing deliverables, conducting briefings and outcalls, and providing continued support as needed.
-
Created a dedicated 6-week training program for new hires and interns.
-
DEF CON BTV and Company Senior Trainer for SOC Analyst and Tabletop Exercises.
-
Experience with: SIEM/MDR/EDRs such as CrowdStrike, Sentinel One and Sophos; Digital Forensics tools such as CyberTriage and FTK, Elastic, Entra (Azure), GoDaddy and AWS
U.S. Army – Fort Carson, Co | 01/2018 to 05/2021
Security Operation Analyst Lead
Lead the organization’s efforts in support of Defensive Cyber Operations for a classified network operating in the DODIN cyberspace. Provided the organization and executives with a source of expertise for the proper employment, support, and defense of strategic and tactical information networks, systems, and services.
Conducted daily threat hunting activities on a classified military network, to include but not limited to: user, host and network monitoring via SIEMs, Firewalls, endpoint protection and network monitoring tools, responding to and blocking malicious scans and threats, tuning tools to reduce alert fatigue, and auditing systems for appropriate ACL’s for network segmentation and system hardening.
Collaborated with multiple agencies and units on threat intelligence and network activities to respond appropriately to current known and or unknown threats for situational awareness.
Briefed executives on Lessons Learned, After Action Reports, and cyber capabilities for unit awareness.
Coordinated and provided technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents and mitigate network vulnerabilities.
-
Participated in multiple simulated Blue Team exercises defending networks from simulated adversarial attacks using threat hunting and monitoring of network.
-
Experience with: SecurityOnion, ACAS & Nessus (Vulnerability management), McAfee ePO/ESM/HBSS (DLP/Anti-virus/HIPS), PaloAlto Panorama/Firewall, FireEye and Endgame, log, packet, and detection analysis.
​
U.S. Army – Joint Base Lewis-McChord, WA | 01/2013 to 05/2017
Enterprise Services Administrator
Provided Tier 3 System Administrator support for a Microsoft Windows Environment providing enterprise services consisting of Active Directory, File and Print Services, and SharePoint supporting 3,500 users and 3,500 networked devices. Joint planner for special operations military exercises during which my daily duties required the maintenance of multiple servers, network storage devices, routers, switches, security appliances, and support for 125 users and networked devices. Developed policies and trained individuals on Wi-Fi security, digital forensics, data obfuscation, and safe traveler digital footprint practices for clandestine operations.
-
Experience with: Server Administration with VMware and VCenter, NetApp, Cisco router, switches and Call manager.
U.S. Army – Fort Campbell, Ky | 08/2007 to 06/2012
Senior Helpdesk Manager
Lead and managed a Tier 2 helpdesk as an Information Security Assurance Officer and Organizational Unit (OU) administrator that provided desk-side automation support for a Microsoft Windows Environment supporting 3,500 users and 3,500 networked devices. Managed the battalion’s automation life-cycle program by replacing hundreds of computers and peripherals valued at more than $500,000 on multiple occasions. Deployed on several occasions in support of Operation Enduring Freedom. As the senior non-commissioned officer at three different outstations, I supervised the installation, operation, maintenance of automation and information systems equipment. Performed duties as an OU administrator, providing helpdesk support for 125 users, 250 computer systems with peripherals, and 50 networked devices spanning five different US, Joint and Coalition Local Area Networks.
-
Experience with: Active Directory, Remedy Ticketing system, on-site hardware repair, satellite operations.
Previous Positions (US Army)
​
Senior Helpdesk Manager 10th Mountain Division, Light Infantry, Fort Drum, NY 2005 to 2007
Wide Area Network Technician 704th Military Intelligence Battalion, Fort Meade, MD 2002 to 2005
Automations Technician Combat Support Coordination Team #3, South Korea 2002 to 2002
Computer Analyst Combined Joint Garrison 3, South Korea 2001 to 2002
Education
Master of Science in Information Assurance Strayer University, GA
Bachelor of Science in Computer Networking Strayer University, GA
Cybersecurity Certifications
ISC2 CISSP – Certified Information Systems Security Professional #455052; 05/2013 - Present
GIAC GSEC – Security Essentials #36055; 11/2014 - Present
GIAC GCIH – Certified Incident Handler #30168; 08/2017 - Present
GIAC GCIA – Certified Intrusion Analyst #12337; 09/2017 - Present
GIAC GMON – Continuous Monitoring Certification #2689; 05/2020 - Present
GIAC GPEN – Penetration Tester #11907; 10/2017 - Present
GIAC GCFA – Certified Forensic Analyst #13024; 07/2017 - Present
GIAC GCED – Certified Enterprise Defender #3599; 07/2019 - Present
GIAC GCWN- Certified Windows System Administrator #3571; 08/2017 - Present
GIAC GSNA – System and Network Auditor #11907; 11/2017 - Present
CompTIA CySA+ – Cybersecurity Analyst #COMP001007892953; 05/2020 - Present
CompTIA Security+ – Core Security functions #COMP001007892953; 04/2011 - Present
CompTIA Network+ – Networking skills #COMP001007892953; 04/2011 - Present
CompTIA A+ – Technical Support #COMP001007892953; 07/2011 - Present
EC COUNCIL C|EH – Certified Ethical Hacker #ECC36156177686; 08/2018 - Present