David Ferguson Email & Phone Number

• As a leader, I oversaw daily SOC operations, managing a team of approximately 20 analysts. I led and participated in customer calls to discuss latest threat intelligence trends. I coordinated calls and provided.
• Investigated and resolved engineering and analytical tickets for 70 clients through in-depth analysis, ensuring timely alerting, reporting, and escalation if necessary.

Remote

I triaged and analyzed security and infrastructure alerts, escalating critical alerts to customers. I engaged in customer calls to offer technical assistance as required and provided tuning suggestions to content engineers based on customer feedback and personal assessment. Moreover, I conducted spontaneous investigations for customers to detect security.

Various Locations

• In this role, I guide soldiers through training and real-world cyber missions, including network security assessments, incident investigations, and forward hunt operations. I facilitate the development of individual.
• CPT Mission Element Lead
• CPT Crew Lead
• Regional Cyber Center Southwest Asia - Cyber Assessment Team Lead
• Regional Cyber Center Southwest Asia - Deputy DCO Chief

• In this role, I delivered diversified incident handling and response services for the Department of Commerce encompassing host forensics, network forensics, malware analysis, and reporting. I collaborated with internal.
• Initiated and led an effort to automate the DOC Cyber Hygiene reporting process, leading to a 95% surge in processing efficiency.

• I assessed and triaged security alerts across the DOC network, escalating cases to incident response teams and verifying SIEM data feeds. I collaborated with SIEM engineers to create and refine security alerts.
• Facilitated the transition in ESOC analyst shift schedule from Monday through Friday 8-hour coverage to 24/7/365 coverage within a 3-month operational window.
• Designed and developed custom dashboards and reports to identify and address security threats, monitor system activities, and uncover new data sources.
• Researched and published articles on emerging threats for Department of Commerce constituents.
• Identified and evaluated new programs, leading to the procurement of a Cyber Threat Intelligence Platform enhancing ESOC’s capabilities.

• I assessed and triaged security alerts across the DOC network, escalating cases to incident response teams and verifying SIEM data feeds. I collaborated with SIEM engineers to create and refine security alerts.
• Facilitated the transition in ESOC analyst shift schedule from Monday through Friday 8-hour coverage to 24/7/365 coverage within a 3-month operational window.
• Designed and developed custom dashboards and reports to identify and address security threats, monitor system activities, and uncover new data sources.
• Researched and published articles on emerging threats for Department of Commerce constituents.
• Identified and evaluated new programs, leading to the procurement of a Cyber Threat Intelligence Platform enhancing ESOC’s capabilities.

Manage and co-ordinate efforts of other ESOC analysts as the analyst team leadDevelop reports based off of event traffic flows and malware campaigns for federal customersMonitor and manage security operations through ArcSightResearch emerging threats and write content to aggregate security event flowsIdentify, investigate and submit security events and.

Monitoring and managing security operations through ArcSight Research and publish articles on emerging threats Write content to aggregate security event flow Identify, investigate and submit security events for further analysis Ensure compliance with federal IT security standards through best practices Conducts searches of logged network traffic using.

I have served two tours of duty in Iraq. My first tour I conducted missions securing logistical convoys throughout the theatre of operations. My second tour I was a team leader/truck commander conducting various convoy missions and overseeing personnel, vehicle and weapon maintenance, and accountability of sensitive items. On a daily basis I was.

Monitoring and managing security operations through ArcSightResearch and publish articles on emerging threatsWrite content to aggregate security event flowIdentify, investigate and submit security events for further analysisEnsure compliance with federal IT security standards through best practicesConducts searches of logged network traffic using ArcSight.

Bachelor Of Science, Healthcare Informatics

Associate Of Arts And Sciences (A.A.S.), Computer Support Specialist