As a leader, I oversaw daily SOC operations, managing a team of approximately 20 analysts. I led and participated in customer calls to discuss latest threat intelligence trends. I coordinated calls and provided on-demand support for active incidents and ad-hoc investigation requests. Also, I assisted clients in identifying and rectifying gaps in security logs and content to enhance their security stance. I collaborated with interdisciplinary teams to pinpoint and resolve intricate problem scenarios. Additionally, I escalated identified issues to relevant leadership for further action and provided direction on resolution steps. Furthermore, I provided mentorship and training to all supervised staff members.Some of my notable achievements include: • Investigated and resolved engineering and analytical tickets for 70 clients through in-depth analysis, ensuring timely alerting, reporting, and escalation if necessary.

I triaged and analyzed security and infrastructure alerts, escalating critical alerts to customers. I engaged in customer calls to offer technical assistance as required and provided tuning suggestions to content engineers based on customer feedback and personal assessment. Moreover, I conducted spontaneous investigations for customers to detect security or infrastructure issues.

In this role, I guide soldiers through training and real-world cyber missions, including network security assessments, incident investigations, and forward hunt operations. I facilitate the development of individual and unit training plans to ensure soldiers achieved full qualification for their designated roles and supported unit IOC/FOC requirements. Additionally, I provide leadership with advice on a wide array of cyber security practices, capabilities, and solutions.Some of my notable duty positions include: • CPT Mission Element Lead • CPT Crew Lead • Regional Cyber Center Southwest Asia - Cyber Assessment Team Lead • Regional Cyber Center Southwest Asia - Deputy DCO Chief

In this role, I delivered diversified incident handling and response services for the Department of Commerce encompassing host forensics, network forensics, malware analysis, and reporting. I collaborated with internal and external teams to detect, analyze, contain, and eliminate system compromises. I updated and enhanced current procedures to ensure seamless operations across shifts and locations. Also, I contributed to the development of the incident tracking system for the Department of Commerce.Some of my notable achievements include:• Initiated and led an effort to automate the DOC Cyber Hygiene reporting process, leading to a 95% surge in processing efficiency.

I assessed and triaged security alerts across the DOC network, escalating cases to incident response teams and verifying SIEM data feeds. I collaborated with SIEM engineers to create and refine security alerts, utilized IOCs for network forensics, and generated weekly operational status reports. Also, I coordinated onboarding and training for new analysts, identified capability gaps, suggested operational enhancements, and conducted interviews for Tier 1 Analyst positions, providing hiring recommendations.Some of my notable achievements include:• Facilitated the transition in ESOC analyst shift schedule from Monday through Friday 8-hour coverage to 24/7/365 coverage within a 3-month operational window.• Designed and developed custom dashboards and reports to identify and address security threats, monitor system activities, and uncover new data sources.• Researched and published articles on emerging threats for Department of Commerce constituents.• Identified and evaluated new programs, leading to the procurement of a Cyber Threat Intelligence Platform enhancing ESOC’s capabilities.

I assessed and triaged security alerts across the DOC network, escalating cases to incident response teams and verifying SIEM data feeds. I collaborated with SIEM engineers to create and refine security alerts, utilized IOCs for network forensics, and generated weekly operational status reports. Also, I coordinated onboarding and training for new analysts, identified capability gaps, suggested operational enhancements, and conducted interviews for Tier 1 Analyst positions, providing hiring recommendations.Some of my notable achievements include:• Facilitated the transition in ESOC analyst shift schedule from Monday through Friday 8-hour coverage to 24/7/365 coverage within a 3-month operational window.• Designed and developed custom dashboards and reports to identify and address security threats, monitor system activities, and uncover new data sources.• Researched and published articles on emerging threats for Department of Commerce constituents.• Identified and evaluated new programs, leading to the procurement of a Cyber Threat Intelligence Platform enhancing ESOC’s capabilities.

Manage and co-ordinate efforts of other ESOC analysts as the analyst team leadDevelop reports based off of event traffic flows and malware campaigns for federal customersMonitor and manage security operations through ArcSightResearch emerging threats and write content to aggregate security event flowsIdentify, investigate and submit security events and trends for further analysisEnsure compliance with federal IT security standards through best practices

Monitoring and managing security operations through ArcSight Research and publish articles on emerging threats Write content to aggregate security event flow Identify, investigate and submit security events for further analysis Ensure compliance with federal IT security standards through best practices Conducts searches of logged network traffic using ArcSight Logger

I have served two tours of duty in Iraq. My first tour I conducted missions securing logistical convoys throughout the theatre of operations. My second tour I was a team leader/truck commander conducting various convoy missions and overseeing personnel, vehicle and weapon maintenance, and accountability of sensitive items. On a daily basis I was responsible for approximately 1 million dollars worth of equipment. Upon graduating from U.W. Stevens Point I accepted a commission as a Second Lieutenant in the Signal Corps.

Monitoring and managing security operations through ArcSightResearch and publish articles on emerging threatsWrite content to aggregate security event flowIdentify, investigate and submit security events for further analysisEnsure compliance with federal IT security standards through best practicesConducts searches of logged network traffic using ArcSight Logger