Garrett Boyd Email & Phone Number

Austin, TX, US

United States

• Lead cases in day-to-day activities to ensure that the collection of Indicators of Compromise, completion of analysis, retention of data, and communications with client are completed on time and provide additional.
• Performed incident response functions for post-exploitation ransomware, business email compromise, and insider threat engagements. Engagements include high profile vulnerabilities such as Log4j, SolarWinds, and.
• Conducted host-based analysis for Windows, Linux, or Mac OS X systems utilizing forensic suites Axiom, EnCase, and X-Ways, triage tools including KAPE, Crowdstrike, and internal proprietary tools.
• Analyze log data from PCAP files, firewalls, Exchange, databases, web applications, and other logs using custom tools and industry tools that include Splunk, ELK, SIFT, and other commercial tooling.
• Provided case support for proactive measures for clients that included compromise assessments, vulnerability analysis, table-top exercises, documentation review, and vCISO services.
• Mentored interns and associate consultants while supporting the hiring program as well as the creation of training classes and team building events.

- Founded and established Mimir Cyber with a mission to provide expert cyber mentorship and coaching services to individuals.- Lead a team of cybersecurity professionals to deliver tailored mentorship programs focused on enhancing skills, knowledge, and confidence in navigating cyber challenges.- Develop and oversee the implementation of comprehensive.

• Developed and maintained a two different cyber class, Hands-on Cyber Security and Hands-on Cyber Forensics, that provided students a path from zero knowledge about computers to understanding in-depth conversations.
• Designed a robust lab environment with over 20 different VMs that encourage students to explore the lessons taught each week with hands on training covering pentesting, log and pcap analysis, and forensics.
• Created a Capture-the-Flag environment that severed as the primary testing mechanism that would challenge students in a timed manner covering the semesters lessons and pairing them with events learned throughout the.
• Collaborated with additional professors to support the building of additional lab environments for their students to enforce the hands on work ethic that the program was working.

Washington D.C. Metro Area

• Correlated incident activity through enterprise threat fusion to assess and direct response operations and defensive measures of the Presidential Information Technology Community (PITC) Systems
• Provided information and analysis on nation-state threat actor activity targeting White House Assets and data.
• Interfaced with the threat intelligence community by liaising with internal and external partners collaborating information to counter threats to the PITC enterprise environment and assets.
• Conducted trend analysis of current activity within the PITC enterprise utilizing Splunk to provide recommendations to the detection and mitigation of nation-state and general cyber actor threats.
• Conducted hunt operations based on current cyber threat intelligence to identify late cyber kill-chain activity on the PITC while coordinating intelligence with the Computer Network Defense Branch.
• Provided expert technical advice, guidance, and policy recommendations to principal staff on critical IT security issues through the communication of complex technical issues and security requirements to non-technical.

Virginia

• Administered investigations into malware, suspicious emails, and non-compliance activity in support of Information System Security Managers and Officers (ISSM/ISSO), all while maintaining forensic evidence integrity
• Delivered real-time and historical threat investigation for the Marine Corps Enterprise Network (MCEN) responding to internally and externally reported events from United States Cyber Command (USCYBERCOM), Marine.
• Monitored and organized IDS/IPS (McAfee Network Security Manager), McAfee Anti-Virus and HIPS, Firewall, and Proxies traffic and alerts for accuracy, consistency, and usefulness.
• Distributed additional learning for new tools, such as Tanium, for the Marines and contractors to support additional investigative techniques.

Phoenix, Arizona Area

• Responsible for maintaining and creating Standard Operating Procedures (SOPs) that upheld the required contractual requirements for the customer.
• Responsible for the creation and modification of Security Onion and Splunk signatures and dashboards.
• Organized the creation of McAfee HIPS Firewall isolation policy to prevent the spread of command and control of malware on infected systems.
• Designed and implemented standard operating procedures for digital media analysis.
• Analyzed over 1 Terabyte of data during criminal and malicious event cases utilizing Encase Forensic Software.
• Improved ticket remediation process to reduce average ticket life from over 45 days per ticket to 23 days per ticket

• Provided a real-time and historical threat investigation for the Marine Corps EnterpriseNetwork (MCEN) responding to internally and externally reported events from USCYBERCOM,MARFORCYBER, C4, Headquarters Marine Corps.
• Utilized Tenable’s Nessus to conduct host interrogation and vulnerability assessments to reduceincident response times to attempted exploitation of known vulnerabilities.
• Coordinated Defensive Cyber Operation Watch teams to the proper response actions for maliciousattempts to breach the MCEN and the design and implementation of new signatures for the McAfeeIDS/IPS systems,
• Conducted advisory hunt campaigns using log and packet analysis, signature creates and roll out, andsupports other robust remediation efforts.
• Completed over 1000 forensic investigations using a proprietary tool and open-source memory forensic suites.
• Created, managed, maintained, and taught Intrusion Detection Analyst Training and Incident Response training courses for students all over the USMC operating forces.

• Supervised the creation and implementation of a cybersecurity stack that consisted of FortiGate Firewalls, McAfee IDS/IPS, McAfee ePo, and Tenable’s Nessus across 4 different geographical locations within the middle.
• Responsible for the authoring, modifying, and assessing impacts of Group Policy Objects.
• Collected Nessus vulnerability data for the 4000+ endpoints and provided compliance and mitigation strategies for all 4 geographical locations to the commanding officer as well as maintained a compliance rating of 97%.
• Coordinated patching schedules, ensuring mission-critical systems had minimal downtime during mission statuses.
• Composed policies, procedures, and programs that encompassed a cybersecurity program for each domain, personal electronic devices on the networks, and removable media devices.
• Served as the Cyber Security representative for the organization’s Configuration Control Board.

• Responsible for the monitoring and reporting of operational statuses of all security equipment,including McAfee Host Based Security System, McAfee IPS, FortiGate Firewalls, and Assured Compliance Assessment Solution.
• Built and maintained over 8 physical servers, which hosted approximately 70 servers, hosting 20,000+users’ information, shares, and emails and connected to 5,000+ end devices that spanned 8 class “C”networks over 2.
• Participated in over 345 hours of mentoring and hands-on training by working with the senior IA members and SMEs to be able to function solely in the project environment. Topics covered in this mentoring and hands-on

As a Data Systems Chief I was responsible for providing Tier I and II support to a 250+ user base by utilizing the Remedy and SharePoint helpdesk ticketing systems. My duties included the thorough and detailed resolution of user-based concerns, local computer management— to include virtualized systems, backup and recovery, testing and maintenance of the.

Graduate Certificate Program In Incident Response, Cyber/Computer Forensics And Counterterrorism

Master Of Science - Ms, Computer And Information Systems Security/Information Assurance, 3.9

Cyber Security, Cybersecurity, 4.0

Graduate Certificate, Cloud Security