Led a team of experts in reviewing, documenting, and mitigating security vulnerabilities in both classified and unclassified programs that provided zero-day detection and mitigation for all of DoD.Coordinated team assignments and managed the scrum task management.Repaired the data entry system for the security data repository.Managed the team through several remote telework periods due to COVID-19.Performed interviews, hiring and promotion decisions, and corrective actions/dismissals.

Led a team of experts in reviewing, documenting, and mitigating security vulnerabilities in both classified and unclassified programs that provided zero-day detection and mitigation for all of DoD.Coordinated team assignments and managed the scrum task management.Repaired the data entry system for the security data repository.Managed the team through several remote telework periods due to COVID-19.Performed interviews, hiring and promotion decisions, and corrective actions/dismissals.

Designed and reviewed end-to-end security solutions for large-scale cloud projects ranging in size from dozens of users within a branch office, up through and including the entire DoD, approximately 860,000 users.Worked closely with development teams to integrate security controls into the software development lifecycle, ensuring secure coding practices for FedRAMP.Advised executive leadership on security risks, potential impact, and strategic decisions to proactively address emerging threats, such as the impact of TLS 1.3 on break & inspect services, and developed strategic mappings between the MITRE ATT&CK framework and NIST 800-53a

Contractor with the Centers for Medicare and Medicaid Services; US Department of Health and Human Services; Woodlawn, MDDuties included - Static and dynamic analysis of malware code, developing threat protection strategies.- Designing and implementing a standalone malware analysis lab environment.- Forensic analysis of compromised computer systems.- Proactive cyber hunt team development.

Performed functional testing of advanced penetration testing tools across multiple diverse environments to validate if vendor's claims held up to real-world scenarios. Tools included Core Impact Pro, Metasploit Pro, and Burpsuite Pro.Deployed, configured, tested, and managed quick reaction cyber test environments to include routing, public IP management, subnet management and virtual lan deployment. Virtual MS Windows, Linux, and Mac OS X environments were configured and deployed using ESXi 6.0 and VCenter. Installed and configured two enterprise UPS/battery backup solutions running 240V/50A - 8000 kVA/hr with hot maintenance bypass, including physical installation, wiring, voltage testing and failover testing.

Research, prototype, and develop detection rules and composite detection logic for Fidelis’ suite of advanced threat detection products, including Fidelis XPS in-line detection, and Collector, off-line traffic metadata analysis.Created a working feedback analysis system utilizing Splunk to review and analyze rule performance data and real-world malware attack pattern analysis. This project languished under three predecessors before I was able to make sense of the XML feedback data, develop stylesheets for data extraction from a one-to-many index approach, and is currently processing approximately 140 million events daily. Created a crimeware matrix, which contained attack patterns and cross-correlated malware families across multiple AV vendors, and then moved forward to contain more than 85 million data points collected from open source intelligence utilizing custom Maltego transforms that I created to tie open-source collateral information into our Splunk repository for data enrichment.

Threat Information Enumeration DeveloperReview, enhance, and author threat information standards, specifically for the exchange of malware metadata and indicators between mission operation centers. Base MITRE standards of CybOX, MAEC, CAPEC, and STIX include my revisions and additions.Conceptual DeveloperCreated a prototype framework for automated malware analysis, and helped to secure $1.5 million dollars in research and development funding. This framework was derived from the SANS Reverse Engineering Malware course (FOR 610), Offensive Security’s Penetration Testing with Backtrack curriculum, and presentations and papers from the information security community.Developed product-based scenarios around existing and emerging computer security threats, then collaborated with visualization experts from Disney Imagineering and the motion picture industry to develop the visual look and feel of Boeing’s new Infosec technology immersion center.Forensic InvestigatorLed a team of professionals on both the East and West coasts to securely acquire, process, and report on a potential security breach for a critical operation with Boeing. The team successfully isolated the incident with multiple tools, including EnCase v6 and v7, FTK, Netwitness Investigator, and Splunk. (For aggregation and correlation based on timestamps.) The team definitively proved which variant of malware was responsible, based on forensic fingerprints left on the target.Information Systems Security EngineerEngineered specific security solutions for the United States Department of Defense.

Reviewed systems security documentation, configuration, logs, and settings on computer systems at the National Weather Service Headquarters (NWS HQ) and the National Environmental Satellite, Data, and Information Service (NESDIS). This review was for system authorization in accordance with federal FISMA requirements, and included vulnerability assessments with Nessus, Nmap, Core Impact, and Qualys; and web application assessments with Nikto, BurpSuite, and several in-house tools that required manual validation due to their instability.

Performed validation testing and forensic analysis of CNO/CNE tools for the United States Department of Defense.Conducted application security assessments for the Social Security Administration.Authored a whitepaper on PKI Certificate distribution methods.Performed security reviews on white-listed applications for the Internal Revenue Service.

Performed physical, systems, and application security assessments of hosting providers, financial institutions, and commercial companies to a custom set of criteria derived from ISO 27001, SOX/HIPAA/GLBA, and PCI standards.Completed certifications as a PCI auditor and VISA Payment Application assessor.Performed penetration tests using Whoppix/Knoppix/WHAX/Backtrack distros.Engaged in successful social engineering attacks against clients, including the CEO/owner of one target.

Created system security architecture and security concept of operations documentation for the United States Department of Defense.

Established and managed the malware mitigation program from proof-of-concept to full deployment at 60+ sites, 1800+ workstations, and 230+ servers. Estimated cost savings were between $4 and $7 million dollars in business losses and mitigation activities.Worked with the US Department of the Treasury, Secret Service, and the Federal Bureau of Investigations to capture forensic evidence of a bank employee trafficking in child pornography via encrypted channels, including formal evidence handling and chain of custody procedures.Captured a janitor hacking an unattended server after-hours via remote log analysis and correlating access times with badge access records.