My responsibilities are to acquire and maintain extensive knowledge of the cyber threat landscape from open source and privately produced reports to include advanced threat actors, techniques, capabilities and targets relevant to our industry. • Develop and curate threat intelligence related to industrial control systems (ICS) threats. • Perform technical indicator analysis of cyber threats through in-depth pivoting using internally developed and external tools and services. • Conduct in-depth intrusion analysis of cyber threats utilizing frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model and MITRE ATT&CK. • Develop strategic, tactical and operational intelligence reports for stakeholder dissemination. • Lead key team projects centered around the cyber threat intelligence mission. • Present knowledge and intelligence related to cyber threats at both a technical and management level to help shape both tactical and strategic priorities. • Generate tactical detections and mitigations to support the identification of cyber threats. • Participate in the execution of intelligence-based incident response processes. • Perform extensive OSINT analysis to support daily team intelligence requirements. • Interface with external sharing communities through the sharing of timely and relevant cyber threats.

Lead on the Cyber Threat Intelligence Team responsible for researching and tracking various cyber threats with focus on motives supporting espionage, organized crime, and industrial control system operations.• Develop understanding of the threat landscape through research of advanced threat actors, techniques, capabilities, & targets relevant to pharma vertical• Collect and curate threat intelligence pertaining to Industrial Control System (ICS) & manufacturing threats• Utilize Slavic language skills to conduct extensive OSINT analysis to support daily intelligence requirements• Perform indicator of compromise analysis and intrusion kill chain analysis through in-depth pivoting & utilizing frameworks such as the Lockheed Martin Kill Chain, Diamond Model, & MITRE ATT&CK• Develop Strategic, Tactical, & Operational Intelligence reports for stakeholder dissemination

• Proactively hunted threats to minimize impact to GSK by searching, monitoring, and analyzing machine-generated big data.• Provided computer security incident response including monitoring, detection, investigation, and lessons learned. Assessed and prioritized incidents based on business impact and escalated as necessary.• Researched and analyzed security threat intelligence from a variety of sources. Applied appropriate mitigations for identified indicators of compromise. Suggested changes to security controls as needed to adapt to the changing threat landscape.• Conducted computer forensics investigations including malware sample analysis, memory analysis, network traffic analysis, and imaging and analysis of hard disk drives.• Actively contributed to information security projects and initiatives.• Assumed a lead role when team lead and/or manager was unavailable.• Communicated and managed relationships with end users, IT service providers (both internal and external), and business unit and IT management.• Took ownership of service improvement projects (both technical and procedural).

-- Participated in the Red Team's execution of penetration tests and vulnerability assessments for internal systems and applications. -- Responsible for compiling the findings of penetration tests and assessments into formal reports that are provided to the system and application stakeholders. -- Interacted with the stakeholders before assessments to coordinate access, to resolve issues during testing, and after assessments to help address security concerns and work with other teams and leadership staff to provide possible remediation options.-- Provided threat detection expertise to the SOC team and occasional support to the security engineering team to assist in the management of security technologies administered by the group (such as the web proxy, IDS/IPS, anti-virus, etc)

Ensured the network remains secure and protected from threat actors via configuration and monitoring of IDS/IPS, SIEM, WAF, and AV appliances. Tracked malicious activity and hunted for signs of malware across the corporate network. Made sure all information systems are compliant with basic security policies and implement access controls for user account management. Ensured regular backups are performed and accurate logs are maintained. Performed installations and maintenance on all Operating Systems (Windows Server, Sun Solaris Unix, RedHat Linux, vSphere) and other server software/hardware. Performed and maintained operating system patch management on all workstations and servers.

Excelled in my capacity as a Mobility Escalation Engineer. Worked with Mobility Original Equipment Manufacturers and Device Manufacturers to resolve technical development issues, so that they can bring their devices to market. Utilized functional knowledge of Windows networking, VPN, RAS, Exchange, creative thinking and willingness to tackle low-level problems on unfamiliar hardware and software. Analyzed operating system and tools source code.