Intrusion Detection Analyst working on the USTRANSCOM Cyberspaces Operations Forces’ program. Provide the Department of Defense Information Network (DODIN) Operations, defensive cyber operations, and overall cyberspace operations in support of USTRANSCOM network systems and missions. Provide Intrusion Detection Monitoring and Incident Management Daily Operations and Maintenance Services through the application of the intrusion detection monitoring and incident management tools and processes. Intrusion detection/analysis/incident management activities performed on all USTRANSCOM information systems/networks that subscribe to USTRANSCOM Cyber Security Service Provider (CSSP) services. Identify unauthorized, malicious, or anomalous activity and initiate appropriate incident response actions in support of mission assurance for USTRANSCOM information systems and networks on NIPRNet and SIPRNet, including USTRANSCOM cloud environments.

Performed quality assurance and quality control evaluations on 134 military personnel utilizing the Air Forces’ $16M cyber weapon system. Analyzed cyber operator processes and procedures to identify and report deficiencies and recommend changes to Site Leads and Program Managers.• Ensured all personnel performing evaluations are certified for the function they are evaluating.• Consolidated data for the Standardization Evaluation Board to include all evaluations for all weapon system positions in a specified period; provided downgrade, commendable, syllabus information, and reported evaluation trends, waivers, and extensions.• Updated all evaluation material as new training material was created and taught to ensure operators are tested on current processes and procedures.• Performed as the focal point for the review and update of operational processes and checklists.• Coordinated with operational subject matter experts when processes or checklists needed to be updated.• Provided monthly metrics/reports on the status of the Computer Emergency Response Team program overseeing quality assurance.• Developed virtual evaluation and training environments for U.S. Cyber Command cyber forces on the Persistent Cyber Training Environment (PCTE); standardized individual/team certification, sustainment training, and mission rehearsals.

Led a team of 39 highly-skilled Cyber Security professionals in performing incident detection, analysis, and response to protect Key Cyber Terrain throughout the Department of Defense. • Directed response actions to detect and mitigate adversarial attacks; performed risk analysis, prioritized and determined course of actions to deter propagation to DoD networks.• Advised senior government leaders on the proper utilization, organization, training, and equipping for employment of cyberspace capabilities.• Assigned individuals and sections special tasks to increase coverage on focus items as needed.• Collaborated with management in the development of performance goals and long-term operations.• Maximized efficiency and productivity through extensive process analysis and inter-departmental collaboration.• Set strategic goals for operational efficiency and increased productivity.• Analyzed operational process and performance, recommending solutions for improvement when necessary.

Managed organization’s training of Cyberspace weapon systems standards to ensure personnel are proficient, qualified, and certified. Developed tactics, techniques, and procedures of new capabilities. Planned and conducted cyber exercises to enhance operational readiness in accordance with Department of Defense policy. • Authored annual operational training plan; outlined and executed its $600k annual training budget.• Managed the training status of 117 cyber security professionals; coordinated with unit and section leadership to ensure personnel met training readiness requirements.• Coordinated with subject matter experts in the development of just-in-time cyber security training to meet Department of Defense requirements to counter emerging cyber threat actors.• Guided section specific training plan development for 3 cyber protection teams; initiated fix actions to eliminate 3.7k deficiencies.• Developed hands-on training scenarios to meet unit training requirements• Managed the design of virtual ranges to emulate client cyber terrain.

Conducted Defensive Cyber Operations across Department of Defense cyber terrain. Provided tailored planning and threat analysis for the execution of targeted cyberspace missions. Applied forensic, malware analysis, and reverse engineering techniques to identify and eliminate malicious threat actors.• Performed threat analysis and hunt actions to extract actionable indicators and threat intelligence, resulting in countermeasures implemented across the DOD.• Analyzed data from multiple sources to think big-picture, including information from Host-Based Security System (HBSS) logs, PCAP, proxy logs, and various sensors.• Validated industrial control system assessment tools and integrated cyber-to-physical TTPs into $7.3M cyberspace weapon system.• Design custom Intrusion Detection System (IDS) signatures for Snort and similar systems to alert on threats ahead of commercial signature rollouts.• Utilized Endgame, Elastic, Kibana, Nessus, and Arkime in the detection and mitigation of cyber threats.

Managed and trained over 16k newly assigned personnel during their career specialty training. Evaluated and reinforced military standards of conduct and performance.

Calibrated, repaired, and certified test, measurement, and diagnostic equipment in accordance with Department of Defense procedures and the National Institute of Standards and Technology (NIST).