➢ Provide consulting services focused on establishing, uplifting, operationalizing, and assessing CyberThreat Intelligence programs globally to Fortune 500 companies and government agencies➢ Actively work with Cyber Threat Intelligence teams globally to operationalize their function, focused on providing strategic, operational, and tactical products and services to their cyber defense stakeholders➢ Built a threat modeling tool for clients that aggregates organizational threat surface information (crown jewels, control strength, etc.) and overlays threat landscape information (malware, threat actors, vulnerabilities, TTPs etc.) that provides a structured and repeatable way for analysts to assess, document, contextualize, and communicate threats within their business environment➢ Consult with stakeholders ranging from C-Suite Executives to Intelligence Analysts to assess gaps in their current cyber defense capabilities, develop boutique solutions to address these gaps, and implement recommendations within their environment➢ Conduct training exercises with clients focused on maturing analyst capabilities, structured analytic techniques, finished intelligence reporting, program build-out, and intelligence processes

➢ Responsible for analyzing, investigating, and responding to incidents in Boeing’s Security Operations Center which involved proxy log analysis, email content analysis, endpoint protection log analysis, etc.➢ Leveraged open and closed source tactical intelligence to hunt for malicious patterns and discover unknown intrusions and clusters➢ Used tools like Whois, Wheregoes, Trusted Source, VirusTotal, Splunk, etc. in order to analyze websites, logs, suspicious files, and emails to verify their safety and legitimacy for end users➢ Assisted in managing the McAfee Web Gateway by blocking/whitelisting websites and filtering emails to thwart malicious traffic and limit false positives

➢ Collected, analyzed, processed, and disseminated intelligence products ranging from Monthly Cyber Threat Updates to detailed, country-level Cyber Threat Profiles to enterprise-wide stakeholders such as CISO, CSO, CIO, IP Management, Program Managers, SOC, CERT, Risk Management etc.➢ Developed intelligence-driven targeting packages for the Red Team leveraging ATT&CK and CAPEC to scope their assessments and simulate TTPs relevant to the organizations threat profile➢ Provided intelligence enrichment for the Vulnerability Management Team focused on vulnerability presence mapped to Crown Jewels, POC code availability, use in the wild, etc.➢ Worked with program leadership, chief engineers, and IT partners to assess and analyze the cyber threats associated with Boeing lines of business by determining technologies at risk, conducting Crown Jewel Analysis, adversarial gap analysis, and motivation/intention. Mapped all findings to NIST/ISO standards➢ Briefed findings on all assessments to both technical and non-technical stakeholders including program leadership, country VPs, information security directors, IT business partners, and program personnel➢ Used data visualization technologies such as Tableau and i2 Analyst Notebook to simplify large, diverse data sets, which helped discover systemic vulnerabilities in Boeing’s Defense posture➢ Provided a threat intelligence brief to the CISO which was briefed to the Board of Directors quarterly

➢ Scanned Boeing's network for vulnerabilities using Rapid7’s Nexpose tool and communicated findings to relevant partners➢ Analyzed emergent vulnerabilities and prioritized the remediation of assets based on business risk➢ Developed patch plans with relevant stakeholders and status to risk management➢ Developed a template used to visualize vulnerability findings and patch status to executive management