David England Email & Phone Number

Huntsville, AL, US

Vernon Hills, IL, US

November 2023 - Present - Detection Engineer at United Airlines

London, GB

• Built an incident response capability within the EY TDR team to support our clients with preparation, analysis, containment, and remediation of cybersecurity incidents using Endpoint Detection and Response (EDR) and.
• Managed cybersecurity incidents for clients during cybersecurity incidents utilizing support analysts from EY Cybersecurity Operations Centers (SOC) around the globe, coordinating triaging, evidence collection and.
• Led teams defending client networks within E&Y’s world-class 24x7x365 managed SOC and provided top-tier analysis using several EDR and SIEM tools to enhance the identification of cyber threats.
• Provided technical guidance to mature attack detection and disruption capabilities through log source identification, signature development, orchestration and automation, and threat hunting improving service quality.
• Collaborated with client cybersecurity stakeholders to develop strategies for threat detection and response, as well as service enhancement.

Dallas, Texas, US

• Recruited and hired a team of experienced incident responders supporting a Fortune 100 customer, while building the team’s resources, budget, and training plan
• Coordinated with customers to ensure timely response services and thorough root-cause analysis was conducted in accordance with contractual obligations
• Organized the incident response service-line to enable sales to other customers and developed techniques and procedures for utilization in our customers’ networks hosted on-premises and in public cloud environments.
• Analyzed data collected during incidents to determine scope of attack and provide clients with recommendations for implementation of additional security controls and for meeting legal requirements.

Huntsville, AL, US

• Responsible for continuous monitoring and detection operations by leading a team of cybersecurity analysts using Q-Radar and Splunk Security Information and Event Management (SIEM) solutions to analyze suspicious.
• Oversee daily incident response activities, including hands-on collection and analysis of endpoint and network artifacts related to security incidents.
• Develop Incident Response Plans and Procedures for utilization with the SOC and with our customers and prepare the procedures for integration with a Security Orchestration and Automated Response Tool.
• Evaluated products for Endpoint and Network Detection and Response, Automated Malware Analysis, and Advanced Memory Analysis for use in incident detection and analysis; then prepared written analysis and purchase.
• Managing project to migrate our SIEM from Q-Radar to Splunk Enterprise Security.

Huntsville, Alabama, US

• Led a team of Cybersecurity Engineers and Analysts in the delivery of managed security services that includes monitoring, detecting, and reporting threats and attacks to our customers environments using cloud-based.
• Responsible for daily managed security operations, providing hands-on oversight of incident investigations and threat analysis
• Analyzed our security operations processes and established an improvement project that enhanced our service standards resulting in a 100% customer renewal rate
• Developed project management processes for customer onboarding, recurring reports, and security appliance troubleshooting maintenance that is leading to more efficient operations and increased customer satisfaction
• Supported our Sales Staff with customer presentations, service scoping, and timely pricing documents leading to a 50% increase in the number of customers.
• Recruited and managed Security Operations Center personnel, including budgeting, staffing projections, hiring, training, and performance management

• Conducted threat hunting and associated investigations of systems belonging to Defense Industrial Base suppliers to identify threat activity within their networks/systems
• Managed a project developing a cyber threat intelligence capability that collected data from open-sources (OSINT), commercial feeds, and dark web crawling to identify indicators of compromise that are used by threat.
• Configured and implemented security and response tools, such as Splunk, Nessus, EnCase, and Volatility, as well as developed scripts in Powershell and Python to streamline collection and analysis
• Analyzed threat intelligence (actors, tools, exploits, malware) and collected network and host-based artifacts (logs, packet captures, memory, registry, file hashes), to identify security incidents

Atlanta, GA, US

• Managed incident response activities, such as evidence collection, digital forensics, memory analysis, log analysis, and malware identification and analysis while consulting for external clients
• Responded to cybersecurity incidents within large organizations involving advanced and persistent threat actors and ensured proper triage, notification, containment, analysis, eradication and recovery were accomplished
• Conducted information risk management, computer security incident response plan development, CSIRP gap analysis, and incident response training, providing specific recommendations for our clients and ensuring their.
• Scoped, developed methodology, and managed day-to-day activities for projects involving computer forensics, information security, and rapid response of data breach matters with minimal supervision during project.
• Developed and conducted incident response-related presentations at local and national level professional conferences
• Mentored junior members and other new hires of the incident response team concerning procedures and best practices

Huntsville, AL, US

• Led Dynetics’ computer forensic efforts, developed techniques and procedures for the forensically sound acquisition of target data, insured the quality of forensic analysis, and acquires required forensic tools
• Conducted computer forensic examinations and incident response for government and commercial customers, which involved the identification, preservation, and examination of digital information, as well as the forensic.
• Managed technical projects in the Cyber Division, preparing and meeting budget, technical performance, and timeline goals were met
• Technical Lead for several procurement efforts related to cyber and information assurance
• Conducted studies concerning computer forensics, cyber-threat analysis, and supply chain vulnerabilities, which provide possible mitigation strategies and technology development
• Tested and evaluated the security posture of enterprise networks by performing Security Test and Evaluations for Certification and Accreditation based on the Dept of Defense Security Technical Information Guides.

Leading our non-profit group of security professionals dedicated to infrastructure protection in community outreach and education.InfraGard is an information sharing and analysis effort serving the interests and combining the knowledge base of a wide range of members. At its most basic level, InfraGard is a partnership between the Federal Bureau of.

Birmingham, Alabama, US

• Investigated complex incidents of fraud within the Regions Financial Corporation, including phishing, information compromises, and other high-tech crimes committed throughout the lines of business, as well as.
• Identified and preserved digital evidence and conducted forensic examinations of this evidence, providing detailed analysis, evidence, and investigative leads in support of fraud investigations
• Expertly used forensic software, such as EnCase, and network investigation tools, such as WireShark and Vericept, to identify and investigate potential losses of information
• As member of the bank’s Computer Incident Response Team, responsible for the forensic collection and analysis of network data to confirm incidents and data breaches, conducted incident response and computer forensics.
• Assisted in managing risks of data loss through loss prevention strategies, preparing risk studies and return on investment (ROI) briefings, as well as handling incidents of data loss, meeting all regulatory standards
• Conducted liaison activities with Federal, State, and local law enforcement officials, as well as other financial institutions, concerning trends in cybercrime and fraud investigations

Arlington, Virginia, US

- Over 16 years of supporting major military communities with investigations of felony crimes, that culminated with assignments as Special Agent-in-Charge of two CID detachments, where I managed all aspects of investigative operations, as well as budget, logistics, human resources, and training, and supervised over 25 personnel in the conduct of over 350.

Bachelor Of Science, Criminal Justice

Education record