CYBER THREAT INTEL ANALYST:▪ Performing daily classified and unclassified IT/cyber research, identifying possible malware/ vulnerabilities and thousands of associated Indicators of Compromise (IoCs) that could negatively affect the DoS network▪ Experience aligning MITRE ATT&CK framework and Cybersecurity Kill Chain process to Incident Response workflows▪ Operate autonomously to further investigate and update tickets in accordance with protocols and contractual SLAs. Uphold and enforce established processes▪ Authors and provides daily threat intelligence reporting to senior IRM/CIC leadership, highlighting specific cyber vulnerabilities threatening the DoS network, OGAs and global communities of interest▪ Drafts weekly and monthly IoC reports for senior IRM leadership review; results: these executive summary presentations identify and define specific threats to the network and the corresponding level of CIC effort utilized to deter these threats▪ Utilizes Splunk SIEM software solutions to both manage potentially malicious activities and alert senior leadership in near real-time of attacks on the DoS enterprise network▪ Perform daily security event management operations via Splunk Enterprise; populates associated Threat Intel lookup tables with IoCs to alert the CIC and senior IRM staff of possible malicious activities▪ Serve as Point of Contact and Liaison for the CIC. Frequent briefings with Cybersecurity Intel Lead, Cybersecurity Program Manager and FTEs on notable threats

▪ Authored and provided daily threat intelligence reporting to senior IRM/CIC leadership; result: illuminated specific cyber vulnerabilities possibly threatening the DoS network, OGAs and global communities of interest▪ Performed daily classified and unclassified research; result: identified possible malware/ vulnerabilities/APTs and documented specific Indicators of Compromise (IoCs) that could negatively affect the DoS network▪ Conducted daily security event management activities via Remedy, Splunk Enterprise and Recorded Future; result: populated Splunk Threat Intel lookup tables with IoCs meeting threat alert criteria.▪ Coordinated efforts with RFI personnel to enhance intelligence reporting sources

▪ Performed intrusion detection analysis using Splunk, ArcSight (Snort Code), FireEye and FirePower.▪ Researched Malware using RSA NetWitness, FireEye, and Palantir▪ Performed best-practice malware analytical methodologies on Windows and UNIX-based platforms.▪ Monitored and analyzed network traffic, IDS alerts, network and system logs, and available open source information to detect and report threats to customer networks▪ Performed CERT/SOC operations to include IDS event monitoring and analysis, security incident handling, incident reporting, and threat analysis▪ Responsible for the analysis and reporting of cyber threats and APTs as well as assist in deterring, identifying, monitoring, investigating and analyzing computer network intrusions▪ Provided intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments▪ Created Splunk search queries and employed Splunk dashboards in the areas of network monitoring, web traffic analysis, malware analysis, and triage▪ Used ArcSight for threat hunting, device monitoring, file transfer assessments and vulnerability assessments of information systems▪ Analyzed Web, Email, DDoS, and Malware alerts using FireEye and Firepower consoles, and recommended remediation to senior leadership

▪ Provided Cybersecurity monitoring and incident response to a Cabinet level federal agency in a SOC Environment▪ Contributed to a team of information assurance professionals working with Intrusion Detection System (IDS) software, analyzing IDS data, creating tickets of formidable process, briefing event details to leadership, and coordinating remediation with personnel throughout the globe ▪ Received and processed events accurately, professionally, and efficiently▪ Used OSINT such as Splunk, RSA and Wireshark to conduct analysis of APTs/incidents reported and recommend appropriate remediation ▪ Coordinated with internal and external teams as needed to analyze events ▪ Conducted CIRT operational duties in accordance with documented processes and procedures▪ Identified operational improvements and efficiencies and suggested improvements to CIRT leadership▪ Mentored, trained and supervised a team of (6) Tier 1 analysts in the areas of Incident Response, Incident Monitoring, and Triage▪ Briefed and coordinated with internal teams, external teams, senior leadership, and upper management as needed to ensure effective CIRT Operations

▪ Analyzed and briefed metrics on the assets at risk due to malware and outbound data/botnetsReviewed network architecture, SIEM reports and ensured full coverage of weekly scans using Bluecoat Threat pulse, QualysGuard, Palo Alto Firewall, and E-mail Proxy▪ Provided recommendations to improve the overall performance and security of corporate information systems

▪ Provided installation and configuration support to USCIS OIT Personnel performing softwareinstallations and configurations of OPNET software▪ Assisted in preparing OPNET concept of operations (CONOPS) and knowledge management articles (KM)▪ Provided consultation on the functionality of OPNET AppResponse Xpert (ARX)▪ Provided traffic reports showing throughput and web transaction activity for monitored applications using ARX▪ Utilized Wireshark to perform TCP/IP packet analysis, log analysis and troubleshooting▪ Managed nodes using AppInternals Xpert (AIX)▪ Experience installing, configuring, operating, and troubleshooting Cisco small to medium-sized route and switched networks▪ Implemented the OSI Model to conduct network traffic and configuration analysis▪ Managed Remedy for configuration management and documenting reports of incidents▪ Managed DHS SharePoint site directories for access control, updating technical documentation and providing meeting minutes. Provided SharePoint training and materials to assist clients in site navigation and file migration.▪ Converted sensitive files to encrypted formats approved by USCIS OIT to safeguard application traffic, IPs and MAC Addresses▪ Detected email phishing as trained by the USCIS Academy

A/V System Design and Integration projects: ▪ Researched, designed, engineered, and generated documentation for installation of audiovisual systems.▪ Generated schematic signal flow diagrams, bill of materials, facility design drawings, projection geometry details, and wiring diagrams for audio and control systems. ▪ Tested and calibrated systems for proper performance in house and on site in a NOC Environment▪ Initially configured video and audio equipment to include user interfaces, video teleconferencing, audio teleconferencing, projectors, display walls, audio matrix mixers, and voice reinforcement systems. ▪ Reverse engineered and resolved discrepancies in system performance

▪ Utilized Eagle CAD to design digital circuits and boards, prototype circuits, tested and evaluated circuits and boards, troubleshot failed circuits and devices. ▪ Tested C++ applications into concealment prototypes for mission systems. ▪ Employed Google Earth to simulate, monitor, evaluate and troubleshoot the performance of communication devices in-house prior to deployment.

Facilitated the organization and promotion of engineering alumnae events, scholarship programs and math and science competitions.

Engineering Intern – PG & Montgomery County Sewer & Water Main Project: ▪ Utilized ESRI Arc GIS to develop hydraulic modeling to more accurately predict and manage water levels in the Sewer and Water Main systems. Geo-referenced Sewer and Water Main maps projects into Geographical Information Systems (GIS) via JPEG conversion. ▪ Reduced water main breaks of 50% per month by developing an automated database in C to update sewer and water main maps three times per week, compared to once per week previously. Increased information available for analysis regarding pending water main breaks.