Performed Incident Response / Incident Handler activities including forensic investigation and promotion of security related alerts, process and procedure improvement, threat hunting, and threat intelligence sharingAutomated novel detections and improved upon existing detections resulting in significant increase to True Positives and reduction in False PositivesDesigned and developed proof-of-concept for CVE’s including architecture, code development, and exploitation; findings were presented and deployed detections through environmentEnhanced capabilities of widely used sandbox environment, including development of novel dynamic and static analysis techniques resulting in previously undiscovered digital artifactsServed as SME for network packet broker installation, configuration, testing, and deployment resulting in successful architectural reorganization and network upgrade to 100G capabilityDesigned, configured, and maintained infrastructure to support modeling efforts including IDS sensors, Firewall, Endpoint Detection and Response solutions, and SIEM

Center for Cyber Defenders (CCD):Mentored interns for Center of Cyber Defenders program, leading research proposal efforts applying statistical analysis to improve efficiency and effectiveness of IDS sensorsDesigned database and vulnerability assessment components of an integrated virtualized intrusion detection systemAutomated security applications execution, information retrieval, and uploading of data to centralized databasePerformed analysis and visualization to identify security implications and trends of cloud based applicationsCreated scripts to efficiently automate deployment of large storage cluster, file system, and object storage in high performance computing environmentPerformed security assessment and resilience testing of storage cluster file system software achieving actionable results for production systems and resulting in discovery of a CVE

The GIAC Advisory Board is a private group that shares information security best practices and strategies. We advise GIAC and SANS on new topics for certification and give feedback on existing certification programs.Membership is restricted to those who have scored 90% or higher on a GIAC information security exam.

Independent Study 599 (1): In depth research of vulnerability assessment methodology focusing on scanning and mitigation techniques including remediation and deficiencies in vulnerability scanner reporting mechanisms.Performed large scale vulnerability assessment utilizing custom python scripts and tools such as Shodan and Nessus.Selected vulnerabilities produced from scan results to determine those which do not have comprehensive remediation solutions and recreated them in a virtual environment for further analysis.Independent Study 599 (2):Developed advanced reporting capabilities enabling timely execution of remediation efforts addressing 27.80% of vulnerabilities os scanned higher education institutions.Concluded research manuscript titled, "Vulnerability Assessment, Remediation, and Automated Reporting: Case Studies of Higher Education Institutions".Manuscript accepted and published under IEEE Intelligence and Security Informatics 2018.Independent Study 699 (2):Attended SANS Conference 2017 Mesa, AZ as a facilitator for SEC560: Network Penetration Testing and Ethical Hacking.Studied for and earned the GIAC Penetration Tester (GPEN) certification 2 months ahead of schedule.Critical Skills for GPEN: Auditing Passwords, Information Security, Malware, Network Security, Penetration Testing, Reconnaissance, Social Engineering, Vulnerability Assessment, Web Application Security, Wireless Security

Lead cyber security analyst serving as SME on company Cyber Security Risk Board. Created baselines and hardened systems in production environment including, Red Hat Enterprise Linux, Debian, Windows Server 2012, Windows 7 & 10. Created agent based auditing and logging to a central location, aggregating and correlating events within a SIEM.Served as lead technical analyst in company’s Insider Threat Program, revamped security systems utilization to discover anomalous network and user behavior.Upgraded and managed security infrastructure and systems for enterprise network through implementation of Cylance, Carbon Black Response, LogRhythm, Nessus, and PowerBroker.Designed security policies and improved procedural practices towards achieving compliance with NIST 800-171 and NIST 800-53.Performed advanced system and application hardening utilizing DISA STIGs on Windows OS, Linux/Unix, and network devices averaging 98% compliance within production environment.

Responsible for performing routine troubleshooting calls, surveys, shift work, track/repair, installation, and construction maintenance in accordance with Comcast procedures and practices. Additional responsibilities include troubleshoot and resolve service failures related to any Comcast products, to include but not be limited to Video (analog and digital,) Comcast Digital Voice (CDV,) and Comcast High Speed Data (CHSI).