• Stay abreast all current and past cyber related vulnerabilities, malware, viruses and major vendor advisories. • Create and work tickets created in VSM and Archer• Monitor the network using McAfee Products.• Search McAfee Products for the suspicious IPs and review the logs to determine whether they are malicious or not.• Be the escalation point for Analysts on shift for tickets and events.

• Reviewed threats and security events for Cybersecurity Operations Team (COT).• Stayed abreast on all current and past cyber related vulnerabilities, malware, viruses and major vendor advisories. • Created and worked tickets from in ServiceNow• Monitored the network using ArcSight.• Searched ArcSight Logger for the suspicious IPs and reviewed the logs for malicious behavior.• Created custom channels and dashboards within ArcSight.

• Review threats and security events for SIOC.• Stay abreast all current and past cyber related vulnerabilities, malware, viruses and major vendor advisories. • Create SOPs and Flowcharts for Incident Response and Management.• Create and work tickets created in ServiceNow• Monitor the network using HBSS and Splunk.• Search Splunk for the suspicious IPs and review the logs to determine whether they are malicious or not.

Review threats and security events for EDSOC.Stay abreast all current and past cyber related vulnerabilities, malware, viruses and major vendor advisories. Create and work tickets created in SecOps (Archer)View IDS alerts and analyze collect scripts obtained from an infected system in order to take the proper steps to remove the virus, Trojan, and/or malware from the system.Monitor the network using Arcsight, Splunk and Sourcefire.Search Splunk for the suspicious IPs and review the logs to determine whether they are malicious or not.

Review threats and security events for DHS SOC.Stay abreast all current and past cyber related vulnerabilities, malware, viruses and major vendor advisories. Create, work, and escalated Remedy trouble tickets.Use the following IDS software Fidelis, Fireeye, SourceFire, and ArcSight to identify possible threats to the network.View IDS alerts and analyze collect scripts obtained from an infected system in order to take the proper steps to remove the virus, Trojan, and/or malware from the system.Assist the Arcsight Engineer create or suggest content filters within Arcsight to better find potentially malicious activity on the network.Manage 3 other Analysts on a shift and approve work done by them.

Review threats and security events. Stay abreast all current and past cyber related vulnerabilities, malware, viruses and major vendor advisories. Review and Approve block requests and significant incidents. Use the following IDS software NetWitness, McAfee Intrushield, and ArcSight SIEM to identify possible threats to the network.Update McAfee Intrushield and maintain sensors and managers.

Review threats and security events for the Department of Justice JSOC.Stay abreast all current and past cyber related vulnerabilities, malware, viruses and major vendor advisories. Review and Approve block requests and significant incidents.Use the following IDS software NetWitness, SourceFire, and ArcSight SIEM to identify possible threats to the network.Shift Lead for the JSOC during the night.IT Specialist / Customs and Border Protection

Reviewed threats and security events for the DoS CIRT.Stay abreast all current and past cyber related vulnerabilities, malware, viruses and major vendor advisories. Create, work, and escalated Remedy trouble tickets.Use the following IDS software Dragon and ISS to identify possible threats to the network.Create reports and brief all Government Leads.

Reviewed threats and security events for the Customs and Border Patrol SOC/CSIRC and DHS SOC.Stay abreast all current and past cyber related vulnerabilities, malware, viruses and major vendor advisories. Create, work, and escalated Remedy trouble tickets.Use the following IDS software Dragon, SourceFire, and ArcSight to identify possible threats to the network.View IDS alerts and analyze collect scripts obtained from an infected system in order to take the proper steps to remove the virus, Trojan, and/or malware from the system.While working for CBP CSIRC attempted and obtained an ArcSight certificationWas promoted to Shift Lead where I manage three to four Analysts.I have received two awards for performance.

Reviewed threats and security events for the Customs and Border Patrol SOC/CSIRC and DHS SOC.Stay abreast all current and past cyber related vulnerabilities, malware, viruses and major vendor advisories. Create, work, and escalated Remedy trouble tickets.Use the following IDS software Dragon, SourceFire, and ArcSight to identify possible threats to the network.View IDS alerts and analyze collect scripts obtained from an infected system in order to take the proper steps to remove the virus, Trojan, and/or malware from the system.While working for CBP CSIRC attempted and obtained an ArcSight certificationWhile working for CBP CSIRC promoted to Shift Lead where I managed two Analysts.

Reviewed threats and security events for the Customs and Border Patrol SOC/CSIRC.Stay abreast all current and past cyber related vulnerabilities, malware, viruses and major vendor advisories. Create work and escalated Remedy trouble tickets.Used the following software Dragon, SourceFire, ArcSight, and Remedy.Viewed IDS alerts and analyzed the information obtained from an infected system in order to take the proper steps to remove the virus, Trojan, and/or malware from the system.While working for CBP CSIRC attempted and obtained an ArcSight certification

Troubleshoot hardware and software problems for TSOC's 200-400 usersReset, change passwords, and unlock TSOC user accounts using NetIQ.Image computers using Symantec Ghost.Install and setup computers on the network following TSOC guidelines.Support all government agencies and branches of military that are at our site.Input and solve trouble tickets in Peregrine ticketing software.Do maintenance and upgrades on all TSOC computers on site.Received Dell certifications in order to repair laptops and desktops on site.Provide solutions for the customer for technical and software problems.Set up new users' email and printers on site.Do weekly reports of toner usage for the customer.

Reviewed threats and security events for the Department of Veteran's Affairs SOC.Stay abreast all current and past cyber related vulnerabilities, malware, viruses and major vendor advisories. Created, worked and escalated Remedy trouble Tickets.Software used NetForensics, Dragon, SourceFire, Site Protector, Remedy, and What's Up Gold

Worked in a CERT-SOC environment for US-CERT, Department of the Interior, Department of Justice and the State of Maryland reporting security events.Reviewed threats and security events for the Financial ISAC, Energy ISAC, and World Wide ISAC.Compose for release any Alerts and Advisories regarding important cyber related issues that are necessary for the customer to understand and prepare for a possible event.Stay abreast all current and past cyber related vulnerabilities, malware, viruses and major vendor advisories in an effort to correlate the collected information to help facilitate awareness for the customer to make informed choices on how to protect their networks.Receive, review, analyze and act upon incoming reports of cyber incidents- including threats, risks, and vulnerabilities; from the customer and open sources. Using collected information; provide to the customer triage, response and mitigation assistance when necessary.Analyze collected incidents and correlate related events in an effort to mark trends across multiple networks.

Monitor WAN components using NetCool. Open trouble tickets if necessary for the components that presented an alarm. Telnet into routers and check the state of the router using router commands. Configure static routes on routers for customers. Managed and routed tickets for other departments. Quality Assurance for other departments' tickets. Received two Awards for "Upbeat Employee" in the Sprint PMC and reconfiguring the NetCool menu selections to minimize work.Lead ATP/NOC Technician / CAIS

Tested and assisted customers with High Speed Internet