- Hunt for emerging threat activity across all available telemetry: discover net-new malware families, intrusion activity, and suspicious events associated with Advanced Practices and notify our customers - Analyze technical threat data to extract TTPs, malware techniques and adversary methods with low (or no) detections, and help close those gaps within the platform - Drive detections and technology through threat expertise and knowledge - Provide threat context and integration support to multiple service lines - Provide threat research and context to global service delivery for Mandiant investigations - Perform threat research and analysis during high-severity cyber-attacks impacting customers globally

- Hunt for and identify threat actor groups and their techniques, tools, and processes- Participate in Hunt missions using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect and eradicate threat actors- Maintain current knowledge of tools and best-practices in advanced persistent threats; Tactics, Techniques and Procedures (TTPs) of attackers- Develop Threat Hunting dashboards and reports to identify potential threats, suspicious/anomalous activity, and malware- Identify malicious or anomalous activity based on event data from Firewalls, WAF, IPS, HIPS, Anti-Virus, and other sources- Perform deep dive analysis by correlating data from various sources- Provide expert analytic investigative support for critical Incident Response security incidents- Act as an escalation support for Incident Response SOC on critical security events

- Lead an advanced tactical team of Cyber Fusion (Hunt and Cyber Threat Intel) Analysts to success. - Trained new Cyber Fusion analysts on intelligence-driven hunt operations. - Instilled a team vision to advance our methodologies and break data-imposed barriers. - Developed numerous products including threat cards, which captured an amalgamated listing of APT TTPs in a concise and straightforward presentation

- Provided threat-based analysis on current cyber threat actors and Advanced Persistent Threats (APTs) leading to threat actor attribution. - Performed hunt and anomaly-based analysis on substantial amounts of network traffic. - Developed Analysis Reports and Situational Awareness Reports on computer network exploitation intelligence and activity. - Created a full hunt, threats, fusion, and general analysis training program and taught said program on multiple occasions across the industry.

- Identified countless malware infections and assisted in resolution. - Performed hunt-based analysis to assist in malware delivery detection. - Wrote multiple Sourcefire signatures to help detect malware delivery. - Presented at a Technical Expertise Exchange Time (TEE Time) on Cognitive Biases, their impact on analysis, and how to avoid them - Represented DISA-CONUS Net Assurance Operations as a POC on the Heartbleed exploit when it was released to the public; writing a comprehensive discussion paper on the topic. - Performed trend-analysis and on multiple occasions finding unprofiled anomalous malicious traffic leading to locating infected systems.

- Led interviews of cloud environment operations personnel to analyze compliance with security controls. - Provided support to team-leads during auditing interviews to assess 844 security controls across four workloads. - Conducted and lead professional documentation gap analysis. - Developed the Cyber Security Practice Area Quality Manual to accurately reflect DRC assessment procedures and document compliance with ISO/IEC 17020: 2012. - Presented for the internal Cyber Security Practice Area on NIST SP 800-53 Rev. 4.

Computer science and government intelligence specialization with a math minor.

Intern for House Representative Tim Walberg. My daily duties vary from normal office tasks to leading tours through the Capitol building to helping design webpages for the Congressman's website.

During the summers and winters I worked at WIS International, which is an inventory company as an inventory taker. I work with the Wizard, which is a machine that scans in the items from the store, and I take an inventory of the complete store and also their off site storage.