24/7 Entrepreneur

Executive Protection has been around since 1982, evolving to offer our clients superior security and staffing solutions. Our growth is a direct reflection of our dedication to providing the best services to our clients by valuing and appreciating our staff.We’ve earned a reputation for providing the highest quality service at competitive rates. The steps we take today are simply building blocks to assure that this reputation continues well into the future.Unlike many of our competitors, the management team you work with today is the same team that you will work with tomorrow. Stability in our management team has, in part, been responsible for the consistency in our customer base.

• Responsible for analyzing, mapping, and protecting network systems, as well as discovering the vulnerabilities, intrusions and threats in computer network systems• Perform in-depth diagnostic analysis of computer and network intrusion incident data and network traffic with the goal of detecting malicious activity; long-term and time-sensitive analysis of the host networks and develop defensive countermeasures• Develop concepts of support, courses of action, integrate command and external capabilities, coordinate and document comprehensive plans• Determine the threat to networks of interest posed by adversarial systems, activities or operations• Perform each phase of cyber activity tracking; conduct network reconnaissance to detect the presence of unexpected behavior, identifying anomalous activity, categorizing and tagging intrusive activity• Develop and integrate cyber capabilities into plans, support action officers with planning, and remain cognizant of missions and priorities• Design, demonstrate, devolve, implement, and update exploitation or protection methods and recommending mitigation strategies and techniques• Identify signatures, attack scenarios, attacker profiles, and other relevant information to enhance knowledge of the adversary and the techniques employed• Develop techniques for the identification and analysis of malicious activity• Determine the extent of malware's capabilities, how to detect it and to assess its impact on affected systems• Apply basic analysis methods of computer programming and debugging• Respond to Information Needs (IN) requests, coordinating with other organizations as appropriate• Compile situational reports for each cyber tracking phase to document status• Characterizing methods with respect to resources and capabilities required or risks of detection and attribution• Discover methods of protecting specific networks, computer systems or specific hardware or software

• Primary function is performance of big data analytics via Splunk database management system.• Through the SIEM, use existing and created queries to extract data from diverse sources as part of an effort to protect networks.• Sift through myriads of data in an effort to identify anomalous and or nefarious network activities;• Use multiple Splunk capabilities to massage and output information from a variety of perspectives to produce well rounded interpretable system behaviors.• Accountable for providing daily and weekly assessments which include description of analytical approaches and relevant results.• Responsible for reviewing IDS related alerts, system logs and net flows.• Observed irregular activity is meticulously investigated through the use of multiple GOTs and COTs tools for the purpose of piecing together events and determine the associated level of severity.• Tasked with developing training for tier one security analysts. Includes teaching class and providing one on one training through conducting routine analysis while explain processes.• Review drafts and provide advice and assistance to the planning and training teams• Spend one day a week on SOC watch floor to provide support to tier one analysts. Responsibilities include addressing tier one analyst questions, sharing new knowledge and assisting with tier one analysis.• Have both lead and provided support on sizeable analytic projects that involved examination of historical data in search of suspicious behavior and or malicious activity.

• Evaluating multiple operating systems, network configurations, network architectures and topologies for potential technical and/or operational vulnerabilities. Efforts also include:• Analyzing network transports and application layer packets and identifying packet details• Identifying anomalies at the packet level and developing signatures to support various collection platforms.• Demonstrating proficiency with common network protocols and analysis tools• Identifying signatures attack scenarios, attacker profiles, and other relevant information to enhance knowledge of the adversary and the techniques employed.• Utilizing tools (in-house, freeware, commercial) and analytical techniques to determine the levels of severity and potential mission impact of anomalous behavior.• Investigate, and apply open source capabilities and information to enable intelligence collection and analysis• Discover and identify intrusions and develop deeper characterization of foreign intrusions to produce better countermeasures by developing and fusing analysis from open sources, information assurance, and classified sources• Develop knowledge about threats posed by various systems technologies, operations, or missions and the likely behavior of adversaries• Evaluate multiple operating systems, network configurations, network architectures, and topologies from potential technical and/or operational vulnerabilities

• Conducts research and analysis on data collected from numerous sources both internal and external to client networks in order to identify threats and anomalies that lead to discovering and eradicating adversarial presence on the network.• Collaborate with, and provide Targeting services for, Mission Directors and analysts from across the RDO element.• Develops a range of products such as adversary threat profile packages containing network diagrams, critical network information, operating system information, known malware, and identified threats for areas of responsibility.• Serve as an essential member of the RDO Targeting mission, which drives operations to discover, analyze, and mitigate threats, vulnerabilities, and adversary activity within RDO customer networks.• Develop expertise in TTPs associated with nation-state CNE actors and the threats they pose. Document adversary tactics through research and Intelligence Community partner interactions. ‘• Perform extensive, all-source network analysis. Create detailed technical plans for RDO operations to ascertain anomalies and/or adversarial presence on Government networks• Aid in target focus and tracking spread of infection and protect computer network systems by identifying vulnerabilities and potentials for attacks.• Discovers methods of penetrating and protecting global networks, specific target networks, computer systems, or specific hardware or software. Characterize these methods with respect to resources and capabilities required or risks of detection and attribution. Design, demonstrate, develop, implement, or update protection methods and recommend mitigation strategies and techniques.• Help determine the threat posed by cyber actor tradecraft behaviors, tactics, techniques, etc.• Share technical knowledge through teaching, mentoring, and/or participating in technical forums.

• Conducts research and analysis on data collected from numerous sources both internal and external to client networks in order to identify threats and anomalies that lead to discovering and eradicating adversarial presence on the network.• Collaborate with, and provide Targeting services for, Mission Directors and analysts from across the RDO element.• Develops a range of products such as adversary threat profile packages containing network diagrams, critical network information, operating system information, known malware, and identified threats for areas of responsibility.• Serve as an essential member of the RDO Targeting mission, which drives operations to discover, analyze, and mitigate threats, vulnerabilities, and adversary activity within RDO customer networks.• Develop expertise in TTPs associated with nation-state CNE actors and the threats they pose. Document adversary tactics through research and Intelligence Community partner interactions. ‘• Perform extensive, all-source network analysis. Create detailed technical plans for RDO operations to ascertain anomalies and/or adversarial presence on Government networks• Aid in target focus and tracking spread of infection and protect computer network systems by identifying vulnerabilities and potentials for attacks.• Discovers methods of penetrating and protecting global networks, specific target networks, computer systems, or specific hardware or software. Characterize these methods with respect to resources and capabilities required or risks of detection and attribution. Design, demonstrate, develop, implement, or update protection methods and recommend mitigation strategies and techniques.• Help determine the threat posed by cyber actor tradecraft behaviors, tactics, techniques, etc.• Share technical knowledge through teaching, mentoring, and/or participating in technical forums.

• Provide technical expertise regarding the defense of military information systems and networks.• Monitor intrusion detection and security information management systems to discover malicious activity on U.S. Army command and control networks.• Initiate computer incident handling procedures to isolate and investigate potential network information system compromises.• Perform malware and/or forensic analysis as part of the incident management process.• Design and integrate custom rules and reports into military security tools and data collection architectures.• Conduct analysis of computer security advisories, current network penetration techniques, and military intelligence threat reports in order to improve the U.S Army computer network defense posture.• Perform penetration testing against U.S. Army networks and information systems to uncover potential security holes that could be exploited by adversarial threat actors.• Traveled to units within theater and other countries to assist in computer network defense initiatives, incident investigations, forensic evidence collection, and end-user security awareness education.• Created briefings to highlight emerging computer security trends to U.S. Army leadership and technical personnel.

• Senior Computer Network Operations (CNO) analyst, responsible for managing team conducting SIGINT Geospatial Analysis (SGA), Digital Network Intelligence (DNI) and basic malware analysis • Providing extensive training on various tools and databases• Interacting with government customers and managed over 200 Requests for Information (RFI) • Maintained 100% success rate for team meeting Job Qualification Requirements to perform SIGINT Geospatial Analysis and Digital Network Analysis. • Created and maintained team Standard Operating Procedures (SOP’s) for SGA, DNI and CNO missions • Serve as malware analyst which includes reverse engineering malware, characterizing malware, and writing detailed technical reports while adhering to strict deadlines. Successfully resolved malware deficiencies increasing production of detailed technical reports 100% • Analyze cyber intrusion events, recommend network defense measures, and create detection signatures • Categorize hacker tactics and methods, including research into latest exploits, malware and social engineering techniques • Provide network analysis for National-level CNO • Identify vulnerabilities exploited by adversaries and create technical signatures • Maintain liaison with multiple Intelligence Agencies • Provide tip-offs and reports to various intelligence agencies

• Maintain awareness of emerging technologies and advancements in target development (for example, examine current trends, attend training or conferences, etc)• Define target set based on Customer requirements• Identify the activities of a target based on traffic analysis• Develop or provide input to target and/or technical requirements• Document computer networks by creating and interpreting computer network analyses• Analyze router traffic patterns• Convey intelligence gained from target development to relevant parties• Maintain awareness of emerging technologies and advancements in computer network exploitation or attack• Perform risk evaluation and assessment• Develop innovative collection approaches• Recommend changes in capabilities and tactics, Techniques, and Procedures (TTPs) based on computer network operations missions

• Conducts cyber threat pursuit and analysis utilizing SIGINT and IA/CND capabilities to mitigate threats against National Security Systems.• Provides tactical analysis of suspicious cyber activities and actionable cyber reporting to defend against intrusions on USG networks.• Analyzes multiple data sources to examine and analyze network traffic for malicious cyber-attacks, anomalous traffic, and other items of interest• Renders direct analytic and surge support to National Threat Operations Center (NTOC)• Provides advanced analytic training to network defense operators; conduct proficiency boards to certify analysts at basic, intermediate, and expert qualification levels.• Provide actionable Cyber mitigations and reporting to mission partners to enable mitigation of intrusions on USG networks.• Assist in developing subject matter experts (SMEs) with the in-depth technical knowledge needed to support Advance Counter-Cyber Operations (ACCO)

• Provide IT support to more than 1500 users in the Defense Intelligence Agency (DIA).• Provide Tier 2 support/diagnosis, resolution, and identification of problems with hardware, software, network servers, and corporate data systems on secure and non-secure platforms.• Made recommendations on prevention methods and solutions for issues related to hardware, software, and network connectivity. • Utilize Siebel to track workflow and manage customer trouble tickets• Gained expert knowledge of Windows 2000, Windows XP, and NT 4.0 Operating Systems, Microsoft Office Suite, and specialized government software applications. • Configure and install new workstations for customers within the Pentagon.• Perform domain registration, tested and upgrade hardware and software, connected peripheral equipment, and troubleshot workstations remotely using configuration management application.• Update system registry converted workstations from Ethernet to ATM. • Manage and created group and user permissions using Active Directory Users and Computers.• Restore files from backup tape system and ensure virus protection compliance with agency security procedures on USG network platforms.• Provided customers with PKI (Public Key Infrastructure) certificates to access secure sites and configured exchange server to send and receive encrypted e-mail

• Acted as network administrator for USG networks• Performed routine system maintenance to include software updates, hardware replacement, and various security tasks• Assisted in relocating network infrastructure between buildings; ensured security of all computers and other network devices • Installed and maintained routers and servers for newly relocated network as a member of the server team• Created accounts for new personnel as needed• Acted as part of the rapid deployment team capable of establishing communication anywhere in the world in less than three hours.• Worked within E-Lams with Promina, Redcom, on USG networks.