• Participated in secure design reviews and threat modeling for new product features. • Advised on secure architecture best practices and design patterns.• Performed gap analysis of security and compliance controls, assess the risks, prioritize, and propose remediation plans. • Protected data integrity and secure AI models against unauthorized access, theft, and adversarial attacks. Ensure compliance with data protection laws like GDPR.• Monitored AI systems to prevent biases and ensure ethical usage. Maintain transparency and fairness in AI operations. • Developed strategies for incident response, conduct security audits, and ensure all AI practices comply with industry regulations. • Researched, propose, and implement technical controls with other Security and Engineering teams to address existing security gaps, defend against upcoming threats, and enforce security policies.• Developed reusable security tooling to improve team throughput while maintaining consistent system security.• Implemented automated, proactive security checks into the CI/CD pipelines. • Ensured appropriate network and access controls are in place and actively monitored. • Continuously improved monitoring and reporting of security and compliance issues, providing clear actions for teams to proactively remediate issues.• Monitored the security and compliance posture of the organization. • Developed, document, and communicate security standards and procedures across engineering teams.• Provided security guidance to engineers and data scientists, and champion good security hygiene. • Supported security incident response as necessary. • Participated in regulatory and compliance activities as necessary

Implemented and configured Azure Security Center to monitor and enhance overall cloud security.• Utilized ASC to assess and remediate security vulnerabilities in Azure resources.• Conducted regular security audits using ASC to ensure compliance with industry standards.• Deployed and managed Microsoft Cloud Application Security to protect cloud-based applications.• Configured policies to monitor and control user activities within cloud applications.• Conducted threat intelligence analysis using Microsoft Cloud Application Security.• Implemented Windows Defender ATP for endpoint protection and threat detection.• Investigated and responded to advanced threats using Windows Defender ATP features.• Conducted periodic security drills to ensure readiness for real-time incidents.• Integrated Azure ATP to detect and respond to advanced attacks on identities.• Utilized Azure ATP to analyze user behaviors and identify suspicious activities.• Implemented security measures based on Azure ATP recommendations.• Managed Azure Antimalware to protect virtual machines from malware and other threats.• Conducted regular scans and reported on the security status of Azure VMs.• Azure Storage Advanced Threat Protection:• Implemented Azure Storage Advanced Threat Protection for safeguarding data stored in Azure.• Configured policies to detect and respond to suspicious activities within Azure Storage.• Collaborated with the storage team to ensure secure data access and storage practices.• Implemented and customized Azure Sentinel for intelligentsecurity analytics.• Developed and maintained custom detection rules and playbooks in Azure Sentinel.• Monitored and responded to security incidents identified through Azure Sentinel.• Managed Windows Defender for comprehensive endpoint protection on Windows systems.• Conducted regular updates and ensured endpoint security configurations were up-to-date.

• Manage Internet of Things (IOT) Systems encompassing industrial control systems.• Responded to Industrial Control System (ICS) vendor customer tickets using ServiceNow• Managed Personnel Access Control Systems (SAFLOK) - Dormakaba Lodging Systems - Saflok Electronic Hotel Lock - Quantum Series• Managed UMCS – Utility Monitoring and Control System – Disego (Siemens) Desigo CC | Building management systems | Siemens Global• Managed FARS – Fire Alarm Reporting System – HiCloud SAET HI Cloud – SAET• Managed Kaba Access Control System - Access control (dormakaba.com)• Managed Geze access control - Access control | GEZE• Utilized Dameware to manage systems for ACAS scans and STIGs, patches, updates and scans• Strong Ability to relate to clients on a simple level to explain complex issues, able to create complex solutions to meet customer requirements.• Created Authorities to Operate, Authorities to Connect by submitting topologies, network configurations, STIG scans, and ACAS scans to get architecture and systems accredited• Utilized Information Technology Service Management (BMC/ServiceNow) system to resolved incidents

Network which encompasses troubleshooting, maintenance and repair of DCGS-A fielded software, switches, routing, and hardware. Additionally, troubleshoot, diagnose and eliminate problems in operation and maintenance derived from data and trends seen at fielded sites. Delivered technical improvements based on customer satisfaction feedback, product performance, warranty trends.

• Conducted forensic examinations of electronic media in support of USARMY Military Police• Performed forensic examinations in support of Department of Defense criminal investigations. • Testified, as required, as an expert witness in court-martial’s and federal district courts.• Cyber Forensic Analyst III supporting USAREUR by working within several theaters on Cyber forensic operational projects that are in direct support to cyber critical missions in USAREUR and performed as a Cyber Subject Matter Expert. • Utilized Splunk to monitor bluecoat logs to match observed events on the bluecoat logs that are deemed malicious through confirmed reporting.• Reported on incidents that are attributed to advanced persistent threat actors and disseminated reports to Department of Defense community.• Conducted analysis to determine attribution on malware samples off the network. Built automated malware sandbox. • Built manual static and dynamic malware sandbox for manual attribution utilizing PDFstreamdumper, FreeUPX (determines file packed or not packed, if packed can unzip file), File Analyzer 2 for static analysis. • Dynamic malware analysis consisted of using Procmon.exe (process explorer gives you the ability to pause the new malware process id), with regshot.exe (captures changes in registry when malware is deployed and with fakenet.exe, which gives the malware a false DNS server to ping out to, and Wireshark to capture traffic on the malware deployment. • Dynamic malware memory analysis consisted of using volatility (vol.exe) to obtain the malicious executable in memory.• Attribution would be made once ping back domains and/or internet protocol addresses where identified. If these domains matched APT infrastructure, attribution would be established.• Investigated insider threat anonymous traffic utilizing search strings in Splunk that are approved query strings which identifies indicators.

• Digital Forensic Examiner, and Digital Forensic Analyst duties. Researched BlackEnergy Malware versions 1, version 2, and version 3, capabilities thwarting network security protocols, bypassing driver signing, and the ability to have stealth on the network. • Forensic Examinations, Forensic Analysis, Fuzzy Hashing, and approximate hashing. In depth experience in website development, specifically wordpress sites, see www.digitalforensicfocus.wordpress.com for more information.• Identified cyber criminals of interest in selected countries using cyber media collection techniques.• Identified cyber threats associated to specific persons of interest using social media analysis using analytical tools common among cyber analysts.• Completed the Cyber Operations Course that trained on drafting cyber forensic projects, plans and proposals, to produce information in direct support to investigations. • Worked on three multi-faceted criminal preliminary investigations, including cyber based terrorism, computer intrusions concerning insider threats and ongoing investigations.• Developed five indirect and direct cyber leads in direct support to criminal investigations and found criminal leads through anomalies within theatre operations and analysis.• Identified several cyber information gaps, cyber threat information gaps, in relation to U.S., NATO and foreign liaison engagements – shared cyber threat information through official channels.• Produced products specific to cyber actors who pose threats to department of defense networks in Europe. Products produced were to inform tactical units in theatre during exercises and engagements to be cognizant of cyber threats and to report anything that was unusual.• Anticipated cyber threats to department of defense network.

• Produced assessments of local cyber threat environs and local cyber threat capabilities operating in Kabul Afghanistan.• Assisted Information Operations in investigations pertaining to persons of interest who had access to government networks.• Maintained, operated, & troubleshooted workstations, printers, and associated equipment, software applications.• - Maintaining virus / security requirements by the US Army.• - Implemented system configurations under supervision of Information Assurance.• Responsible for Joint Detachment Apollo’s SharePoint website and ensuring the website is working correctly and updated on a weekly basis. • Identified and mitigated IT Security Risks from logged events across multiple sources (NIPS, Firewall, HIDS, AV, and Windows Operating Systems)• Provided technical guidance in best practices of security solutions/applications• Identified and eliminated viruses, malware, and any other potentially unwanted programs that could thwart network security measures in place.• Researched trends and current countermeasures for cyber security vulnerabilities, exploits, and other malicious activity.• Conducted a review every six months to ensure all unit publications, policies and procedures are updated and correct on SharePoint Website, and coordinated with 25th Signal Battalion on changes to Army regulation, 8570.01. • Worked with customers and internal personnel to manage related IT projects and provide customer service and technical support.• Maintained 3rd party Network Equipment Configurations and Infrastructure Topology.• Conducted daily and weekly briefs to GS-15, on Cyber trends, cyber hacking group intrusions, specific to incidents related to soldiers getting suspicious emails or suspicious Facebook requests. • Monitored computer equipment availability and provided support to biometrics systems in Joint Detachment Apollo, Kabul, Afghanistan, including database management.